All topics
It was 30 years ago this week that Michael Mann's masterpiece Heat hit theaters like a semi T-boning an armored car. In addition to being a masterful heist movie and insightful depiction of the toll that obsession can exact, Heat is also a criminally underrated hacker movie.
Dennis and Lindsey react (!) to the React2Shell vulnerability disclosure and the quick exploitation of it by Chinese threat actors, then discuss the continues intrusions into critical infrastructure by the Salt Typhoon actors and this week’s congressional hearing on telecom network security. Finally, we talk about some upcoming hacker movie episodes, including Die Hard and maybe Home Alone!
It’s an acronym-filled, government-only bonanza this week! We discuss the DoJ sanctioning Russian bulletproof hosting provider Media Land (0:53), the SEC dropping its enforcement action against SolarWinds and its CISO (13:25), and the FCC reversing course on a longstanding security rule for telecom providers (26:00).
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the […]
There are plenty of challenges and pitfalls for security teams looking to deploy AI tools and Zadig said Yahoo is taking a measured, careful approach. This is a condensed and edited portion of our discussion.
November 6, 2025 | 4 min read
We don’t do holiday themed episodes in this house, so no tricks, but we have some treats for you. First we discuss the problem of shadow AI (1:00) and how it seems like we’re just repeating the mistakes of previous tech waves in ignoring security until it’s too late. Then we dig into a new […]
