Interview with Ravid Circus

Ravid will discuss why security and engineering misalignment is the biggest barrier to fast, effective remediation, using data from Seemplicity’s 2025 Remediation Operations Report. This is costing some teams days of unnecessary exposure, which can lead to major security implications for organizations.

Segment Resources:

• https://seemplicity.io/papers/the-2025-remediation-operations-report/

• https://seemplicity.io/news/seemplicity-releases-2025-remediation-operations-report-91-of-organizations-experience-delays-in-vulnerability-remediation/

• https://seemplicity.io/blog/2025-remediation-operations-report-organizations-still-struggle/

Topic Segment: Thoughts on Anthropic's latest security report

Ex-SC Media journalist Derek Johnson did a great job writing this one up over at Cyberscoop: China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work

There are a number of interesting questions that have been raised here. Some want more technical details and question the report's conclusions. How automated was it, really?

I found it odd that Anthropic's CEO was on 60 minutes the same week, talking about how dangerous AI is (which is his company's primary and only product).

I think one of the more interesting things to discuss is how Anthropic has based its identity and brand on AI safety. While so many other SaaS companies appear to be doing the bare minimum to stop attacks against their customers, Anthropic is putting significant resources into testing for future threats and discovering active attacks.

News Segment

Finally, in the enterprise security news,

1. vendor layoffs have started again
2. the sins of security vendor research
3. the pillars of the Internet are burning
4. selling out to North Korea isn’t worth what they’re paying you
5. ransom payments, in 24 easy installments?
6. a breach handled the right way
7. we probably shouldn’t be putting LLMs into kids toys
8. ordering coffee from the terminal

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-434

Segment 1: Interview with Rob Allen

It’s the Year of the (Clandestine) Linux Desktop!

As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or WSL to deploy tiny (120MB disk space and 256MB memory) Linux VMs to host a custom reverse shell and reverse proxy.

In this segment, we’ll discuss strategies and mitigations to battle this novel technique with Rob Allen from Threatlocker.

Segment Resources:

• Pro-Russian Hackers Use Linux VMs to Hide in Windows
• Russian Hackers Abuse Hyper-V to Hide Malware in Linux VMs
• Qilin ransomware abuses WSL to run Linux encryptors in Windows

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Segment 2: Topic - Threat Modeling Humanoid Robots

We're entering the age of human-shaped robots, so it seems like a good time to talk about the fact that they ALREADY HAVE CVEs assigned to them. I guess this isn't a terrible thing - John Connor might have had an easier time if he could simply hack the terminators from a distance...

Resources

• https://www.unitree.com/H2 (watch the video!)
• China’s humanoid robots get factory jobs as UBTech’s model scores US$112 million in orders
• The big reveal: Xpeng founder unzips humanoid robot to prove it’s not human
• Exploit Allows for Takeover of Fleets of Unitree Robots - Security researchers find a wormable vulnerability
• 100-page Paper: The Cybersecurity of a Humanoid Robot
• 5-page Paper: Cybersecurity AI: Humanoid Robots as Attack Vectors
• Amazingly, $300 smart vacuums have some of the same exact vulnerabilities and backdoors built into them as the $16,000 humanoid robots! The Day My Smart Vacuum Turned Against Me

Segment 3: Weekly News

Finally, in the enterprise security news,

1. A $435M venture round
2. A $75M seed round
3. a few acquisitions
4. the producer of the movie Half Baked bought a spyware company
5. AI isn’t going well, or is it?
6. maybe we just need to adopt it more slowly and deliberately?
7. ad-blockers are enterprise best practices
8. firewalls and VPNs are security risks, according to insurance claims
9. could you power an entire house with disposable vapes?

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-433

Segment 1: OT Security Doesn’t Have to be a Struggle

OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don’t care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical systems fit criminals’ plans nicely.

In this interview, we discuss the challenge of securing OT systems with Todd Peterson and Joshua Hay from Junto Security.

This segment is sponsored by Junto Security. Visit https://securityweekly.com/junto to learn more!

Segment 2: Topic - Spotting Red Flags in Online Posts

This week's topic segment is all about tuning your 'spidey sense' to spot myths and misconceptions online so we can avoid amplifying AI slop, scams, and other forms of Internet bunk. It was inspired by this LinkedIn post, but we've got a cybersecurity story in the news that we could have easily used for this as well (the report from MIT).

Segment 3: Weekly Enterprise News

Finally, in the enterprise security news,

1. Some interesting fundings
2. Some more interesting acquisitions
3. a new AI-related term has been coined: cyberslop
4. the latest insights from cyber insurance claims
5. The AI security market isn’t nearly as big as it might seem
6. cybercriminals are targeting trucking and logistics to steal goods
7. Sorry dads, science says the smarts come from mom

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-432

Segment 1: Interview with Joel Burleson-Davis

Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale.

Segment Resources:

• Putting Complex Passwords to Work For You

This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivata to learn more about them!

Topic Segment: The Economics of AI Agents

Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month.

As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity.

Jackie mentions this story from Wired in the segment: https://www.wired.com/story/ai-bubble-will-burst/

News Segment

Finally, in the enterprise security news,

1. we’ve got funding and acquisitions
2. 7 red flags you’re doing cloud wrong
3. security standards for open source projects
4. post mortems of attacks on open source supply chain
5. some analysis on current and historic AWS outages
6. a deep dive
7. some dumpster fires
8. and how much would you pay for a robot that puts away the dishes?

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-431