Security Weekly Podcast Network

A simple scan shouldn’t break a network… right? During a penetration test, an Nmap scan against a wireless LAN controller took down Wi-Fi for an entire college. It turned out to be a real denial-of-service vulnerability. Even routine testing can have unintended impact—especially in live environments. And today’s IoT systems make that risk even bigger. How safe is your testing approach? #PenTesting #Cybersecurity #IoTSecurity

“You can’t exploit that”… until someone does. Security teams often deprioritize vulnerabilities that seem too hard to exploit. But that assumption can flip overnight—especially as AI accelerates exploit development. What looked theoretical yesterday can become very real today. If your strategy depends on “no known exploit,” you might already be behind. How much risk are you accepting by waiting? #Cybersecurity #VulnerabilityManagement #Infosec

Everyone says you need more data. That might be wrong. This clip challenges the obsession with massive data lakes and reframes the real issue: context. Agentic AI could change how systems share and enrich data without centralizing everything. Are we overengineering data infrastructure instead of fixing how we use it? #AI #DataEngineering #Cybersecurity

AI isn’t just a tool—it’s becoming a threat. Attackers are already using AI to scale phishing, social engineering, and intrusions faster than ever. That means defenders have to adapt just as quickly—or fall behind. If AI is accelerating attacks, how should security teams respond? #AIsecurity #CyberSecurity #Phishing

AI versions of executives are no longer sci-fi. Meta is reportedly building a photorealistic AI Zuckerberg to interact with employees and give feedback. What starts as an experiment quickly turns into a strange thought experiment about leadership, automation, and control. If executives can be replaced by AI avatars, what happens to decision-making itself? #AI #CyberSecurity #TechCulture

Security used to sit in the basement. Not anymore. Today, security touches every part of the business—from engineering to the boardroom to customers. That shift is changing what it means to work in cybersecurity. If security is now the connective tissue of an organization, what skills matter most? #CyberSecurity #CISO #Leadership

Most CSOs don’t fail on security—they fail on business. This clip explains why understanding the P&L, speaking the right language, and building relationships matters more than technical skills at the leadership level. If you can’t connect security to business goals, you lose influence. Are security leaders too focused on tech—and not enough on impact? #CyberSecurity #CISO #Leadership

What happens when your entire incident response depends on one person? Some teams rely on “the expert who always fixes it”—until that person is gone. This clip breaks down why that creates a dangerous gap in Zero Trust thinking. If your plan depends on a single individual, what happens when they’re not there? #CyberSecurity #ZeroTrust #IncidentResponse

AI doesn’t behave like users—or services. That’s the problem. This clip explains why traditional identity models break down with AI. Unlike predictable systems, AI can act in unexpected ways, forcing teams to rethink identity and access controls. If AI isn’t human or machine, how do you secure it? #AIsecurity #CyberSecurity #AppSec

“Authentication is a problem” sounds clear—until you try to fix it. This clip explains why high-level security lists fall short. Real risks live in the details: sessions, cookies, parameter handling, and more. Without granularity, teams may check the box but miss the vulnerability. Are you solving categories—or actual problems? #CyberSecurity #AppSec #DevSecOps

@blar51 @SW_Samii It's @maldermania 😀

@SW_Samii @SecWeekly Who is that speaking at the beginning

Join the conversation on cybersecurity by following @SecWeekly on Twitter. Stay ahead of the curve with their informative content. twitter.com/SecWeekly/stat…

What happens when trusted system access is misused? This clip breaks down a case where sensitive databases and internal systems were exploited to generate AI deepfakes. It’s not just about one person—it’s about how access, oversight, and controls can fail. If trusted users can abuse systems, what safeguards actually work? #CyberSecurity #AIrisks #InsiderThreat

Not all AI companies are built the same. Some bolt AI on as a “sixth bullet.” Others were designed for it from day one. This clip explores that difference—and why real-time, agent-to-agent communication is unlocking something new. If AI systems can negotiate and share data instantly, what separates real AI from marketing? #AI #Cybersecurity #AgenticAI

Even astronauts can’t escape Microsoft Outlook problems. During the Artemis mission discussions, a moment of humor stands out: two Outlook instances failing in space—on a mission that few humans will ever experience. Why does everyday software still fail at every scale? #techhumor #space #software

Security teams aren’t ignoring vulnerabilities—they’re overwhelmed. When uptime matters more than patching, fixes get delayed. Add a flood of new vulnerabilities, and it stops mattering which ones are critical. If everything is urgent, is anything actually getting fixed? #cybersecurity #vulnerabilities #infosec

AI is enabling live vishing attacks that can call victims automatically and extract information. While this technology has many good uses, bad actors can exploit it too. What can organizations do beyond email phishing defenses to protect themselves? #AIsecurity #Vishing #Cybersecurity

What even counts as a “router”? This clip breaks down confusion inside FCC guidance, where even basic definitions get murky. At one point, they had to clarify that a phone hotspot isn’t a router. If regulators can’t clearly define the tech, what does that mean for enforcement? #cybersecurity #fcc #infosec

What if your software updates are the real threat? This clip breaks down a simple but powerful idea: run a diff on updates and let AI decide if something looks malicious. It’s already catching supply chain attacks in real time. Should this be built into every operating system? #cybersecurity #ai #infosec

We’ve flipped how we trust postal mail — once ignored scams like the a "Nigerian Prince letter" are now replaced by believable threats like fake parking tickets. This shift makes scams harder to spot and defend against. How will we adapt to scams coming through trusted channels? #scams #postalmail #security

A legitimate login flow is being turned into an attack. Device code phishing abuses OAuth’s device authorization flow—originally designed for TVs and printers—to trick users into authenticating attackers. The scary part? It looks completely normal. When real security features become attack vectors, how do you tell the difference? #Phishing #Cybersecurity #OAuth