Security Weekly

Every system action is now an API call. And authorization decides who gets in.

Identity security is shifting. From SSH access to cloud buckets to AI tool calls, everything runs through APIs. That means every request must be governed and scoped carefully. The real change is subtle but critical: authorization is becoming the true control point in modern infrastructure.

If everything is an API, what breaks when authorization fails?

Now booking interviews at Black Hat 2026. Early access pricing is open. Message us for details!

SIEM correlation was supposed to solve alert overload.
Years later, most teams still struggle with it.

Every organization has different tools, different telemetry, and different rules. That makes reliable correlation incredibly difficult — and noisy detections pile up fast.

A lot of security teams keep waiting for correlation logic to clean things up later. In many environments, that moment never comes.

Is SIEM correlation fundamentally too complex to scale cleanly?

Tokenized banking doesn’t necessarily mean cryptocurrency.
And that distinction matters.

In this clip, the idea gets broken down using a simple analogy: the blockchain holds a “pointer” to deposits, while the actual money stays inside the traditional banking system.

The goal? Banks get faster blockchain-style rails without giving up control of deposits.

Is this the future of banking infrastructure — or just traditional finance wrapped in new technology?

Cisco SD-WAN has already seen seven vulnerabilities exploited this year.
And the latest one allows root command ex*****on.

The catch? Attackers need authenticated access first — but the clip immediately points out how realistic credential compromise already is in modern environments.

Then comes the bigger problem: edge devices frequently stay unpatched for long periods of time.

At what point do recurring edge-device vulnerabilities become an operational crisis instead of isolated incidents?

When does vulnerability research cross the line into enabling attacks?

Microsoft argues that publishing exploit code before patches are available can directly help threat actors and harm customers. The discussion highlights the growing tension between responsible disclosure, public research, and real-world exploitation risks.

Should researchers prioritize openness—or protection from immediate abuse?

“Sanctions don’t kill demand—they redirect investment.”

The hosts discuss how export restrictions on advanced chips may have unintentionally accelerated domestic semiconductor development efforts in China. Instead of stopping progress entirely, the controls may have pushed investment into building competing infrastructure and supply chains.

What happens when technology restrictions create stronger competitors instead of weaker ones?

A firewall doesn’t stop risk from existing.

It mainly changes what happens after something goes wrong.

The “Peltzman effect” explains why security controls can create a false sense of safety. A tightrope walker is still just as likely to fall whether there’s a safety net or not — the difference is the outcome after the fall.

Cybersecurity works the same way more often than people realize.

Are security teams confusing reduced impact with reduced risk?

A malicious webpage can turn AI summaries into phishing surfaces.

When an AI assistant renders content from third-party sources, markdown links and images can be interpreted and displayed inside the trusted response UI. That opens the door for hidden phishing messages embedded directly into what looks like a normal summary.

The danger isn't just what the AI says—it's what external content can make it look like it says.

Should users trust AI-generated summaries when the source can rewrite the interface itself?

A $10 million business used to be a life-changing exit.

For many founders, that milestone once meant selling the company, retiring comfortably, and moving on. But changing valuations and market conditions may be shifting that equation.

Are founders being pushed to build bigger companies simply because the old exit path no longer works?

A single compromised account can go much further than most people realize.

With single sign-on and SaaS platforms, one login can become a gateway into multiple systems—and even multiple organizations.

The question isn't just how secure one account is. It's what that account connects to.

How much damage can one credential really unlock today?