InfoSec.Watch

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/3b/7e/62/3b7e620b-f0e4-23aa-389c-c83e8a4e1f9a/mza_1988086332616705939.jpg/600x600bb.jpg

InfoSec.Watch

Infosec.Watch

7 episodes

3 hours ago

In this week’s InfoSec.Watch Podcast, we break down a series of critical security developments shaping the threat landscape. The episode opens with urgent guidance on two actively exploited, unauthenticated remote-code-execution vulnerabilities—one affecting WatchGuard Firebox appliances and the other impacting HPE OneView across multiple versions. The hosts outline the immediate actions every defender must take, from emergency patching to post-patch hunting and access-control validation. The...

All content for InfoSec.Watch is the property of Infosec.Watch and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Episodes (7/7)

InfoSec.Watch

InfoSec.Watch Podcast — Episode 118: Perimeter zero-days, email gateway attacks, and weaponized GitHub PoCs

3 days ago

8 minutes

InfoSec.Watch

InfoSec.Watch Podcast — Episode 117: Choke Points Under Fire: Email Gateways, WebKit Zero-Days, and DPRK's $2B Crypto Heist

In this week's InfoSec.Watch Podcast, we dive into the latest high-impact threats targeting enterprise security choke points. Key stories include: A sophisticated campaign against Cisco Secure Email appliances, with essential guidance on hardening management interfaces and proactive threat hunting.Chainalysis' alarming report on North Korea-linked actors stealing a record $2.02 billion in cryptocurrency in 2025 through fewer, more targeted attacks.Ongoing disruption of municipal services, und...

1 week ago

9 minutes

InfoSec.Watch

InfoSec.Watch Podcast — Episode 116: React2Shell mass exploitation, Apple & Microsoft zero-days, and the BRICKSTORM hypervisor breach

This week’s episode dives into a packed slate of high-impact cybersecurity threats shaking the industry. We break down React2Shell (CVE-2025-55182) — a rapidly evolving remote code execution flaw driving mass scanning across the internet and prompting CISA to issue an urgent KEV directive. They also unpack Apple’s emergency WebKit zero-day patches and Microsoft’s latest actively exploited kernel and security-bypass vulnerabilities from December Patch Tuesday. The team explores BRICKSTORM, a s...

2 weeks ago

8 minutes

InfoSec.Watch

InfoSec.Watch Podcast — React2Shell Supply Chain Risk, Android Zero-Days, and BRICKSTORM Hardware Sabotage

In this week’s episode of InfoSec.Watch Weekly, Grant Lawson and Sloane Parker take listeners on a guided tour of the entire modern attack surface — from developer laptops to mobile devices to the physical circuit boards inside IoT hardware. Three major security stories illustrate how deeply interconnected and exposed the stack has become. We begin with React2Shell, a newly surfaced command-injection vulnerability in the widely used react-dev-utils package. Grant and Sloane break down how an ...

3 weeks ago

8 minutes

InfoSec.Watch

InfoSec.Watch Podcast — Episode 114: Identity zero-days, analytics leaks, and emergency-alert outages expose your weakest vendor links

In this week’s InfoSec.Watch episode, hosts Grant Lawson and Sloane Parker analyze the top cybersecurity stories: an actively exploited Oracle IdM zero-day added to CISA’s Known Exploited Vulnerabilities catalog, OpenAI cutting off Mixpanel after a data breach, and ransomware disrupting the CodeRED emergency alert system. Additional coverage includes FortiWeb WAF vulnerabilities, SonicWall SSL VPN exploitation by Akira ransomware, Windows kernel privilege-escalation flaws, and the escalating ...

1 month ago

7 minutes

InfoSec.Watch

InfoSec.Watch Podcast — Episode 113: China-linked AI agents, logistics ransomware, and Germany’s NIS2 law are reshaping your 2025 risk map.

In this episode of the InfoSec.Watch Podcast, we unpack one of the most consequential weeks of cybersecurity developments in 2025. This episode covers a rare convergence of AI-augmented state-backed espionage, logistics and retail supply-chain ransomware, and Europe’s accelerating drive toward digital sovereignty—and this episode takes you step-by-step through every story, every insight, and every actionable takeaway. Whether you're a CISO, a threat intelligence analyst, a red teamer, SOC lea...

1 month ago

8 minutes

InfoSec.Watch

InfoSec.Watch Podcast — Episode 112: Windows Kernel 0-Day, FortiWeb RCE, Akira Targets Nutanix

Here’s what we cover in Episode 112: Actively Exploited Windows Kernel 0-Day: A privilege-escalation flaw in the Windows kernel is now being abused in real attacks. We cover what’s known, how attackers are chaining it, and the immediate mitigations security teams should prioritize.FortiWeb Critical Vulnerability Added to CISA’s KEV Catalog: A newly disclosed remote code execution vulnerability in Fortinet FortiWeb has officially landed in the Known Exploited Vulnerabilities list. We explain...

1 month ago

8 minutes