Podcast Episodes
Back to Search
Will run0 replace sudo?
Episode 427
Josh and Kurt talk about a sudo replacement going into systemd called run0. It sounds like it'll get a lot right, but systemd is a pretty big attack …
2 years, 2 months ago
Automatically exploiting CVEs with AI
Episode 426
Josh and Kurt talk about a paper describing using a LLM to automatically create exploits for CVEs. The idea is probably already happening in many spa…
2 years, 2 months ago
Video game cheaters, also pretendo
Episode 425
Josh and Kurt talk about a database of game cheaters. Cheating in games has many similarities to security problems. Anti cheat rootkits are also terr…
2 years, 2 months ago
The Notepad++ Parasite Website
Episode 424
Josh and Kurt talk about a Notepad++ fake website. It's possibly not illegal, but it's certainly ethically wrong. We also end up discussing why it se…
2 years, 2 months ago
FCC cybersecurity label for consumer devices
Episode 423
Josh and Kurt talk about a new FCC program to provide a cybersecurity certification mark. Similar to other consumer safety marks such as UL or CE. We…
2 years, 3 months ago
XZ Bonus Spectacular Episode
Josh and Kurt talk about the recent events around XZ. It's only been a few days, and it's amazing what we already know. We explain a lot of the basic…
2 years, 3 months ago
Do you have a security.txt file?
Episode 422
Josh and Kurt talk about the security.txt file. It's not new, but it's not something we've discussed before. It's a great idea, an easy format, and w…
2 years, 3 months ago
CISA's new SSDF attestation form
Episode 421
Josh and Kurt talk about the new SSDF attestation form from CISA. The current form isn't very complicated, and the SSDF has a lot of room for interpr…
2 years, 3 months ago
What's going on at NVD
Episode 420
Josh and Kurt talk about what's going on at the National Vulnerability Database. NVD suddenly stopped enriching vulnerabilities, and it's sent shock-…
2 years, 3 months ago
Malicious GitHub repositories
Episode 419
Josh and Kurt talk about an attack against GitHub where attackers are creating malicious repositories then artificially inflating the number of stars…
2 years, 4 months ago