404 Security Not Found

Ever heard of LLM poisoning? Join Travis, William, and Leif as they cover how misinformation websites are publishing fake news to impact the responses of AI models. This and more, on this month's 404: Security Not Found podcast! https://lnkd.in/eJcgZ7kX

🎙️ William and Travis are back with another episode, this time featuring a special guest: Misha Kuenstner, a Security Engineering Manager at Semgrep. This month the gang covers an Eight Sleep mattress cover vulnerability (really!), a Hugging Face exploit, a CVE related to unauthenticated username enumeration in AWS, and Google replacing SMS with QR code for GMail. https://lnkd.in/eyJN9zTx

🔬 Join us for another episode of the 404:Security Not Found podcast! This month, Travis, Swathi, and William cover the latest news and updates in cybersecurity-land: 🛡️ Microsoft's significant changes impacting over a billion users as they move towards a passwordless future. 🤖 A report from Malwarebytes on AI-powered spear phishing attacks and their alarming effectiveness. 📦 The discovery of a malicious NPM package and the ongoing challenges of package squatting. 🔒 The recent pardon of Silk Road creator Ross Ulbricht and its implications. 🐤 Canaries in cybersecurity and their maturity model. 💔 A heartbreaking story of a woman scammed out of her life savings through a deepfake scam involving a fake Brad Pitt. Don't forget to like and give us a follow for more episodes! https://lnkd.in/eZgbnKmd Thanks for listening!

Happy holidays from the 404 - Security Not Found podcast crew: Leif, Travis, Swathi, and William. We've got a special gift for you...our holiday episode! Here's a sneak preview beneath the wrapping paper 👇 🔍 Exxon’s Hack-for-Hire Scandal 🔒 The Urgent Call for Encrypted Messaging 🤖 AI in Cybersecurity: Uncovering Vulnerabilities ☁️ AWS re:Invent Highlights 🐍 Python Typosquatting Exposed 💡 AI Agent Bounties & Ethical Hacking Listen here and let us know what you think! https://lnkd.in/egtuziMi

This month, we hack the unhackable with Travis, William, Leif, and Swathi! 🚗 Vehicles 🎶 Pop music 🌬 ...and even air-gapped computer https://lnkd.in/euHja3Um Give it a listen and let us know what you think in the comments 👇

Did you know there is a .mobi TLD? Turns out all it takes is $20 and you can take over certificates owned by huge companies from some of these lesser-known TLDs. This month, on the 404 - Security Not Found podcast, Travis, Leif, and William cover the rickety nature of TLDs, a botnet takedown by the US government, acquisitions, secure-by-design frameworks, and more. Give it a listen and let us know what you think in the comments: https://lnkd.in/eWRb8CFV

After a month off, we're back with Travis, William, Leif, and Swathi! On the red team side, we cover the huge social security number breach, ALBeast, a tax return leak, and an S3 exfiltration exploit. For the blue team, we go over open-source templates for bootstrapping your security program, threat modeling AI search for enterprises, and shortening feedback loops with Grimoire. Give it a listen and let us know what you think! https://lnkd.in/dfd2hdtw

What's the role of security in a business? In this episode Travis McPeak, Daniel Miessler, Swathi Joshi, and William Bengtson dive deeply into how different security teams quantify risk, prioritize, and manage stakeholders. Let us know what you think! https://lnkd.in/eR_rueiz

Will AI make security easier, or harder? This month on the 404…Do security, get pAId 🤖 Travis, Swathi, Leif, and William cover prompt injection, feature flags for security, deception tech, mitigating risk at scale, AI in security, and more. https://lnkd.in/eRTwi4dY

The 404 recap this month with Travis, Leif, and Swathi: more breaches, thought pieces, is more regulation helpful, and more security news: -Sisense had a breach which could result in lateral movement to connected data sources -Cybersecurity is broken, what's the answer? -Microsoft will charge for Windows 10 security updates after EOS -A helpful collection of secure defaults for a variety of libraries -A zero day vulnerability was exploited since March in Palo Alto firewalls -Phishers are taking advantage of the Twitter to X domain name shift (what a surprise) Catch up on the spicy 🌶 discussion yourself: https://lnkd.in/e7Eaa6Ce