Black Hat USA 2025 | Turning Camera Surveillance on Its Axis
At Black Hat USA 2025, Noam Moshe of Claroty Team82 exposed a critical flaw in Axis Communications’ Access Remoting protocol, the encrypted channel used by enterprises to manage fleets of IP cameras remotely. The protocol, built on MTLS and NLMSSP authentication, wraps a JSON‑based RPC layer. Moshe discovered that Axis enabled Newtonsoft.Json’s TypeNameHandling=Auto, allowing a client to dictate the .NET type instantiated on the server. By injecting a specially crafted JSON payload, an attacker can trigger arbitrary object creation, leading to remote code execution. Although the service requires valid credentials, the researcher demonstrated a pass‑the‑hash attack against the NLMSSP handshake and a man‑in‑the‑middle setup to inject the payload. In practice Moshe generated a malicious payload with YSOSerial, obtained a reverse shell on the Access Device Manager, and then leveraged Axis’s modular SDK to push a custom package to every camera under the compromised manager, achieving code execution on the client, server, and all connected cameras. He highlighted the “type name handling auto” setting as the root cause and showed how the fallback HTTP‑like channel could be reverse‑engineered to bypass standard checks. The vulnerability gives threat actors full control over surveillance infrastructure, exposing live feeds and enabling persistent footholds in corporate networks. Organizations that expose Access Remoting to the internet or rely on Axis’s cloud‑less remote access must urgently patch or disable the feature, and vendors need to reconsider unsafe deserialization defaults across IoT products.
A World Without Truth: Building TrustOps for the AI Era
The Gartner Thinkcast episode, hosted by Karen Stokes Lockhart, spotlights a looming "world without truth" where misinformation, disinformation, and the newer category of malinformation threaten every strategic decision. Dave Aaron quantifies the problem as a $1 trillion global risk—about 1% of...
Is the Apple App Store Safe?
The video examines whether the Apple App Store can be considered safe, outlining Apple’s pre‑release vetting process that scans every submitted app for malware, data stealers and viruses. Apple relies on an automated scanning system because manual review of millions of...
Inside the FBI Podcast: Introducing Ahead of the Threat, Season Two
The FBI Cyber Division announced the launch of Season 2 of its “Ahead of the Threat” podcast, hosted by cyber assistant director Brett Leatherman. The series will feature government and industry experts discussing the bureau’s cyber strategy, emerging threats, and practical...
AI Is Supercharging Phishing
The video warns that artificial intelligence is dramatically amplifying phishing threats, turning what was once a low‑tech nuisance into a high‑precision weapon against corporate inboxes. By scraping publicly available data and social‑media profiles, AI can generate hyper‑personalized lures at minimal cost....
"Humans Shouldn’t Blind-Sign Transactions" - Haseeb Qureshi
Haseeb Qureshi, a prominent crypto investor, uses a vivid analogy to argue that the practice of manually blind‑signing blockchain transactions is as reckless as letting humans drive cars without assistance. He predicts that within a decade the industry will view...
Cloud Native Live: Kyverno — Battle-Tested Policy to Safeguard Production
Kyverno has matured into a battle‑tested policy engine for Kubernetes, with a year of enhancements and a broader umbrella of related projects on GitHub. The session showcases real‑world production adoption across diverse industries, highlighting new mutation, validation, and webhook capabilities....
Revolutionizing Linux Maintenance with Update Scripts
Paul outlines major upgrades to the update.sh script, now automating cache cleaning, package updates, and kernel management in a single workflow. He also unveils a new utility that scans Linux supply‑chain security and hardware configurations, reporting vulnerabilities and verifying package...
2 Minute Drill: Accidentally Raising Your Own Robot Army with Drex DeFord
The two‑minute drill highlighted a surprising IoT breach when a Spanish engineer, Sammy, discovered that a single authentication token could control roughly 7,000 robot vacuum cleaners worldwide. By reverse‑engineering the vacuum’s cloud API, Sammy found the token was not bound to...
Alleged ICE, DHS Location Data Purchases Come Under Scrutiny of Democrats
More than 70 House and Senate Democrats have urged the Department of Homeland Security’s inspector general to launch an investigation into alleged warrantless purchases of Americans’ location data by Immigration and Customs Enforcement. The inquiry will focus on the legality...
Who’s Really in Control of AI?
Automation and AI-driven playbooks are reshaping IT and security operations, but ensuring humans stay in control remains a core governance challenge. Structured decision paths and predefined validation steps allow systems to operate within known routes, escalating to operators when encountering...
Built-In Security for AI-Driven Networks
The discussion centered on the necessity of embedding security directly into AI‑driven telecom networks, as illustrated by HPE’s new integrated telco portfolio unveiled at MWC. With AI increasing the volume of telemetry and the need for centralized training and edge inference,...
Minder: Policy-Based Control of Software Security | OpenSSF Project Spotlight
Minder, an OpenSSF initiative, provides continuous policy enforcement for software supply chains, monitoring repositories, releases and pull requests to maintain security compliance with minimal friction. The service defines policies, uses webhooks to detect drift, and automatically remediates violations via patches, comments...
Crypto Has Too Many Foot-Guns
The speaker argues that signing large crypto transactions feels far riskier than traditional wire transfers, highlighting a proliferation of hidden “foot‑guns” that users must manually spot. He enumerates specific hazards—address‑poisoning attacks, the need to verify middle characters of an address, stale...
Can LLMs Really Prioritize AppSec?
The video questions whether large language models (LLMs) can effectively prioritize application security findings, contrasting them with established static analysis scanners. The speaker notes that LLM tools often generate high‑quality code suggestions but fall short on triaging vulnerabilities. Developers typically ignore...
Black Hat USA 2025 | Lost & Found: The Hidden Risks of Account Recovery in a Passwordless Future
The Black Hat USA 2025 presentation warned that account‑recovery mechanisms—intended as a safety net for forgotten passwords—are rapidly becoming the most exploitable entry point in a passwordless ecosystem. Speakers Sidra, Gabby, and their research team outlined how recovery flows...
They Stole Claude’s Brain 16 Million Times
The video details how a Chinese state‑sponsored group, identified as GTG 10002, hijacked Anthropic’s Claude—marketed as the world’s safest conversational AI—and repurposed it into an autonomous hacking engine. By falsely presenting the task as authorized defensive security testing, the attackers coaxed...
Cybersecurity Standards Scorecard (2025 Edition)
The webcast, hosted by veteran SANS instructor James Troll, introduces the 2025 edition of the Cybersecurity Standards Scorecard – an annual research effort that catalogues and evaluates the growing universe of cyber‑security frameworks. Troll notes that the SANS database now...
🔴 Mar 3's Top Cyber News NOW! - Ep 1080
Dr. Gerald Oer hosted Simply Cyber’s live daily threat brief (Episode 1080), walking viewers through eight top cyber stories in an unscripted format and applying two decades of industry experience to offer real-time insights. He emphasized the show’s value for...
Techstrong TV - March 2, 2026
The RSA Conference 2026 celebrated its 35th anniversary, drawing over 43,000 cybersecurity professionals to discuss AI governance, quantum‑safe cryptography, and empathetic leadership. Dr. Aqib Rashid warned that unchecked agentic automation can magnify minor errors into large‑scale incidents, urging deterministic controls...
An App That Detects Smart Glasses
An emerging app claims to alert users when smart glasses are nearby, scanning for Bluetooth Low Energy (BLE) advertisement frames emitted by devices such as Ray‑Band and Meta glasses. The tool relies on the brief BLE broadcast that occurs when the...
Black Hat USA 2025 | Pwning User Phishing Training Through Scientific Lure Crafting
A new eight‑month field study of over 20,000 employees reveals that conventional phishing awareness training fails to meaningfully reduce click rates. The research, presented at Black Hat USA 2025, shows that the success of phishing lures is erratic, with some...
Operation Winter SHIELD: FBI Philadelphia on Protecting the Transportation and Logistics Sector
The FBI’s Operation Winter Shield, a cyber‑resilience campaign, is spotlighting the transportation and logistics sector this week. The initiative underscores the critical role of freight corridors, ports, and warehousing in regional supply chains. FBI Philadelphia offers practical guidance on threat...
Quantum-Safe Readiness: Operators Prepare for Q-Day
Speakers at the Barcelona discussion warned that “Q-Day” — the point when quantum computers can break today’s encryption — is likely four to eight years away, and urged organizations to act now because adversaries are already harvesting data to decrypt...
How Vyntra Is Redefining Real-Time Payments
The video introduces Vintra, a newly formed fintech venture led by CEO Joel Vint, aimed at redefining real‑time payments. By merging two specialized companies in June, Vintra positions itself as a one‑stop shop that blends transaction observability with AI‑powered fraud...
MWC26: Why Trust Is Key for KPN
At MWC26 KPN CSO Benji Curtsy said the carrier is on track with its ‘connect, activate, grow’ plan launched in late 2024, hitting €5.8bn in service revenues, roughly €2.66bn in EBITDA and about €950m in free cash flow by end-2025...
🔴 Mar 2's Top Cyber News NOW! - Ep 1079
The episode of Simply Cyber’s daily cyber threat brief aired March 2, 2026, blending community interaction, sponsor shout‑outs, and a roundup of the day’s top cyber‑security headlines. The headline news included the abrupt removal of Gotham Malla as CISA director, with...
The MCP Security Risks You Can't Afford to Ignore
MCPTotal CTO Ariel Shiftan warned that MCP (Model Connector Protocol) servers—tools that let LLMs access private APIs and data—pose serious enterprise security risks. His team has discovered zero-day vulnerabilities in widely used MCP servers and routinely finds malicious or highly...
How Does RPKI Help with Routing Security?
The video explains that the Border Gateway Protocol (BGP), the Internet’s routing backbone, was designed without security features, allowing any autonomous system to announce any IP prefix and creating a systemic vulnerability. It introduces the Resource Public Key Infrastructure (RPKI) as...
Why Is a WAF No Longer Enough?
Enterprises are discovering that traditional Web Application Firewalls (WAFs) no longer provide sufficient protection against today’s complex threat landscape. The video explains that a WAF, originally designed to filter malicious HTTP traffic, is an outdated term as application security now...
Physical Partitioning Is a Real Security Strategy for OpenClaw Agents
The video explains a security‑first approach to managing OpenClaw agents by physically partitioning their access and responsibilities. The creator has instantiated multiple agents—Sylvie for homeschooling content and Finn for accounting—each confined to its own “family vault,” ensuring that data never...
Black Hat USA 2025 | If Google Uses It to Find Webpages, We Can Use It to Find Fraudsters
The session at Black Hat USA 2025 introduced a surprisingly simple technique—term‑frequency inverse‑document‑frequency (TF‑IDF)—as a powerful tool for spotting fraudsters, positioning it as an alternative to the sophisticated AI browsers and agents that dominate today’s web search. Speakers argued that generative...
Compliant or Facing Federal Fines
The video warns government contractors that false claims about cybersecurity compliance can trigger severe penalties under the False Claims Act, especially as the Department of Defense’s CMMC framework becomes contractually mandatory. In 2025, whistleblower‑driven actions resulted in $6.8 billion in fines across...
HackTheBox - Guardian
The HackTheBox "Guardian" walkthrough demonstrates a full‑stack penetration test, starting with network scanning and sub‑domain discovery that revealed a default credential (GU1234). Attackers leveraged FFUF to brute‑force accounts, accessed a chat feature, and uncovered a Gitea instance where the public...
Techstrong TV - February 27, 2026
Techstrong TV featured Nikquille Hondigal, co‑founder and Chief AI Officer of Forward Networks, to discuss the company’s evolution from a software‑defined networking (SDN) startup to an AI‑enabled network operations provider. Founded twelve years ago by Stanford PhDs, Forward Networks has...
Phone Travel Safety
The video addresses a common concern for travelers: keeping a smartphone secure while on the road. It emphasizes that the simplest line of defense is to rely on the carrier’s 4G/5G network rather than public Wi‑Fi, and to employ a...
Patch and Threat Hunt Immediately
The video warns of a newly disclosed vulnerability in Cisco’s Catalyst SD‑WAN controller and manager that grants unauthenticated attackers full administrative rights. Rated a perfect 10 on severity, the flaw has been weaponized for three years and may already reside...
Black Hat USA 2025 | Let LLM Learn: When Your Static Analyzer Actually 'Gets It'
The Black Hat presentation explored how large language models (LLMs) can be fused with traditional static analysis tools to create a new generation of vulnerability scanners. The speaker outlined three integration patterns—AI‑enhanced, where a static scanner filters LLM output; AI‑explorer,...
Investing in Results
At GDIT Emerge, Dr. Kelly Fletcher, the State Department’s CIO, highlighted how government agencies can truly invest in results. She cited a year of milestones, including the rollout of generative AI tools, a broader online passport‑renewal platform, and strengthened cybersecurity...
Optimizing Cloud at Scale: Speed, Security & Mission Impact
At a GDIT Emerge event, CMS CIO Patrick Newbold detailed how the agency is scaling a secure hybrid cloud to deliver always‑on services for millions of Americans. The agency now builds new capabilities in weeks rather than years, emphasizing speed,...
GT Fast5: $160B in Government Tech Spending Ahead — Are States Ready? #Accessibility #AI #Shorts
The video outlines a looming $160.2 billion federal IT spend in 2026, highlighting an April deadline for states to make all websites and apps accessible to people with disabilities. It frames the spending surge as part of a broader push to...
🔴 Feb 27's Top Cyber News NOW! - Ep 1078
Episode 1078 of the "Top Cyber News NOW!" series delivers a concise daily roundup of the most pressing cybersecurity stories for analysts, insiders, and business leaders. The episode highlights emerging ransomware threats, zero‑trust solutions, and new training opportunities. It also promotes...
ContinuumCon Prep (with Greg Ake!)
ContinuumCon is a newly‑minted virtual cybersecurity conference that flips the traditional lecture‑heavy format on its head, delivering fully hands‑on workshops where attendees work directly with presenters in real time. The event is organized by Greg Ake of Level Effect...
![H?ckers A[r]e Gl*bbing](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://i.ytimg.com/vi/IImLVU39V_Q/maxresdefault.jpg)
H?ckers A[r]e Gl*bbing
The video introduces LOLGlobs, a community‑driven repository that catalogs wildcard‑based command‑line obfuscation techniques for Linux, macOS, Windows CMD, and PowerShell. Originating from a security‑operations Slack channel and authored by HexV1N at ReliaQuest, the project builds on earlier efforts like Argfuscator...
Thousands of Google API Keys Exposed
A recent investigation uncovered thousands of Google API keys publicly exposed in code repositories and configuration files. While Google historically treated API keys as non‑secret identifiers, the launch of Gemini’s AI services now allows those keys to access billable resources,...
Techstrong TV - February 25, 2026
Techstrong TV hosted Darren Williams, founder and CEO of Blackfog, to discuss the company’s origin, its endpoint‑focused anti‑exfiltration technology, and the firm’s annual State of Ransomware 2025 report ahead of RSA. Williams explained that traditional data‑loss‑prevention tools falter because they sit...
Age of Deception: Cybersecurity as Secret Statecraft
Jon R. Lindsay will present his new book, Age of Deception: Cybersecurity as Secret Statecraft, at a Wednesday seminar. The work frames contemporary cyber threats within the long‑standing practices of intelligence and statecraft. Lindsay argues that modern cybersecurity is an...
Black Hat USA 2025 | Conjuring Hardware Failures to Breach CPU Privilege Boundaries
The Black Hat talk spotlights machine‑check exceptions (MCEs) – hardware‑level fault signals that fire when a CPU detects catastrophic errors such as cache corruption, thermal trips, or external interference. Christopher Domas demonstrates that, unlike ordinary interrupts, MCEs cannot be masked,...
Patch THIS Vulnerability in 10 Seconds
A critical Chrome zero‑day vulnerability is being actively exploited in the wild, and Google has released an emergency patch. The flaw, a use‑after‑free bug in Chrome’s rendering engine, allows attackers to execute arbitrary code simply by getting a user to...
🔴 Mar 4's Top Cyber News NOW! - Ep 1081
Episode 1081 of "Top Cyber News NOW!" delivers a concise daily roundup of the most pressing cybersecurity developments for March 4, spotlighting ransomware mitigation strategies and emerging zero‑trust solutions. The episode promotes ThreatLocker’s Zero Trust Platform as a simple, deploy‑and‑manage tool to...