『Initial Access』のカバーアート

Initial Access

Initial Access

著者: Bishop Fox
無料で聴く

Bishop Fox offensive security researchers, experts, and hackers take a real look at the latest cybersecurity news headlines and have a straight take on them. The goal is simple: do you actually need to care about this, or is it just another variation of the same fundamental security problems we've been dealing with for years?

2026 Bishop Fox
エピソード
  • Old Backdoors, Ghost Phishing, and Borrowed AI
    2026/07/13

    This episode breaks down a Tenda router backdoor that turns out to be three years old, a phishing kit called EvilTokens that hides until a victim's browser builds it, and CISA turning Anthropic's Mythos model on the government's own code, plus a sit-down with IoT researcher Matt Evans on why Tenda keeps getting away with it.

    Security Headlines:

    · CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware, The Hacker News

    · New Ghost Phishing Wave Is Breaking Traditional Email Security, The Hacker News

    · CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws, Security Week

    Also mentioned:

    · Blog: Matt ‘uturn’ Evans

    · Event: Boston Security Meetup 2026

    · Workshop: Social Engineering: How to Build Pressure-Proof Pretexts

    · Virtual Session: The Prioritization Problem: Why More Findings Don’t Mean Less Risk

    Join the conversation in the Bishop Fox Discord server and in the new Bishop Fox subreddit.

    続きを読む 一部表示
    38 分
  • Cisco Root Access, FortiBleed Credentials, Sparkplug Fuzzing, AI Arms Race
    2026/07/06

    This episode breaks down a Cisco flaw exploited within 24 hours of disclosure, a credential-harvesting campaign that hit 430,000+ FortiGate firewalls, and what Fable's restricted return and China's Tulongfeng mean for controlling offensive AI. Plus, a sit-down with Bishop Fox's Shad Malloy on building the first open-source Sparkplug B fuzzer for ICS environments.

    Security Headlines:

    • In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw, Dark Reading
    • FortiBleed campaign steals 110M credentials from FortiGate targets, SC Media
    • Buckle Up: The Bad Guys Now Have A Model As Powerful As Mythos, Forbes

    Also Mentioned:

    • Research: On Favicons: From Browser Icons to Attack Surface Intelligence
    • Event: Summercon 2026
    • Event: San Diego Comic-Con 2026

    Join the conversation in the Bishop Fox Discord Server.

    続きを読む 一部表示
    48 分
  • FIFA Takeover, FFMpeg RCE, Klue Breach, Hardware Hacking
    2026/06/29

    This episode breaks down a public FIFA signup form wired straight to World Cup broadcast controls, an FFmpeg RCE buried in half your media apps, a SaaS breach cascading through delegated OAuth, and home routers conscripted into proxy infrastructure, plus a sit-down with Bishop Fox's Marco Sanchez on hardware hacking.

    Security Headlines:

    • I Could've Rickrolled the Entire FIFA World Cup. All I Needed Was My ID, BobDaHacker
    • FFmpeg fixes PixelSmash flaw in widely used video decoder, BleepingComputer
    • Klue hack results in data breach at several cybersecurity firms, TechCrunch
    • How Hackers Found a Back Door Into the American Living Room, The Wall Street Journal

    Also Mentioned:

    • Workshop: Debug to Root: A Friendly Introduction to Hardware Hacking (available in English and Spanish)
    • Virtual Session: Beyond the Hype: What Mythos Actually Means for Security Teams
    • Event: SummerCon 2026
    • XKCD Comic: Dependency

    Join the conversation in the Bishop Fox Discord Server.

    続きを読む 一部表示
    51 分
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません