Are You Down With RDP? - PSW #873

Security news for this week:

• RDP and credentials that are not really revoked, and some RDP bitmap caching fun
• Some magic info on MagicINFO
• Vulnerability Management Zombies
• There is a backdoor in your e-commerce
• Airborne: vulnerabilities in AirPlay
• Bring your own installer - crafty EDR bypass
• The Signal clone used by US government officials: shocker: has been hacked
• AI slop vulnerability reporting
• Bricking iPhones with a single line of code
• Hacking planet technology
• Vibe hacking for the win?
• Cybersecurity CEO arrested for deploying malware
• Hello my perverted friend
• FastCGI - fast, but vulnerable

Chapters:

0:00 Opening and introductions 2:43 Panel introductions and conference recaps 4:46 Conference announcements and Corncon discussion 8:05 RSAC 2025 recap and vulnerability management trends 15:44 RDP credential revocation flaw in Windows 11 34:57 Apple AirPlay "wormable" vulnerabilities and third-party device risks 44:10 Signal clone breach used by US officials (TeleMessage incident) 55:38 Supply chain attack: Magento extensions backdoor 66:12 "Hello my perverted friend": Sextortion scam analysis 72:10 Security culture and phishing awareness at home 75:25 Digital signage vulnerabilities: Samsung MagicInfo 81:41 Threat hunting tradecraft and blue team operations 88:38 AI slop in vulnerability reporting and vibe hacking 98:59 Apple notification DoS and sandbox bypass 101:24 VMware licensing controversy and alternatives 107:14 CEO arrested for planting malware in hospital systems 116:06 FastCGI vulnerabilities in embedded/IoT systems 122:12 Rooting Android phones and device locking 124:08 Closing and outro

Show Notes: https://securityweekly.com/psw-873