Eric has some travel news and Jon smells like plums. Eric's beloved Yubikey is unpatchable. AT&T want VMWare security updates and Android malware uses OCR to find cryptocurrency creds in your photo album. Eric doesn't understand transparent flesh while Jon looks at a diamond making machine.

• 0:00 - Introduction
• 10:24 - Yubikey Vuln
• 14:08 - Security Updates for VMWare
• 18:06 - OCR for Cryptocurrency Creds
• 21:52 - Transparent flesh
• 27:45 - Making Diamonds

Eric gets productive, while Jon goes to the fair. An airline service to register crew can be SQL Injected, scammers combine location data and photos in sextortion emails, and Microsoft's Mac apps are vulnerable-ish. For fun Eric will be visiting the Monterey Bay Aquarium, and Ganymede had a smashing past.

• 0:00 - Introduction
• 12:46 - Pilot Test TestOnly
• 19:39 - Location Aware Sextortion
• 22:27 - Secure Your Plugins
• 28:02 - Monterey Bay Aquarium
• 30:46 - Intriguing Ganymede

Eric finishes his chess set project, Jon goes camping. Claude shares some of it's AI internals. Google fixes a zero-day exploit. Slack's AI allows extraction of unexpected data. 3D Printing with Glass?!?! Finally, a Grace Hopper YouTube video you should watch.

• 0:00 - Introduction
• 9:46 - System Prompts
• 14:09 - Browser CVE
• 16:13 - AI Exfil
• 22:36 - Printing with Glass
• 25:44 - Grace Hopper

Eric moves daughters to college, Jon extracts honey. The Oregon Zoo is compromised for ~6 months, a 60 million dollar BEC, and a new flavor of Mac Malware. Restoring and repairing an old Chess set, and Scientific American stories from 50, 100, and 150 years ago.

• 0:00 - Intro
• 9:38 - Zoo Heist
• 14:17 - Sixty Million Dollars
• 16:51 - TodoSwift
• 20:37 - Chess Repair
• 25:58 - Historical Stories

Eric is sending kids to college, Jon has four peaches, small green lemons (not limes), and other harvest bounty. Using 0.0.0.0 to attack local networks. Using SEC filings to disclose a breach. Using AI to craft content for Phishing Attacks in real time. Using non conductive liquid as a heat sink. Using Medieval Gibberish as a reference book.

• 0:00 - Introduction
• 4:40 - 0.0.0.0 Websites on the Rise
• 12:11 - ADT Breach Disclosure
• 14:12 - Realtime Phishing Attacks
• 19:28 - Dunking Servers in Liquid
• 24:59 - The Voynich Manuscript

Lazy(-ish) summer weekends for both. Crowdstrike releases their RCA (20!=21), an MDM vendor wipes 13k student devices in Singapore, and the results of a comprehensive audit of Homebrew. For fun we have electrostatics based propulsion and a long lost branch of the Nile likely used to help build the pyramids.

• 0:00 - Intro
• 8:20 - Missing Argument
• 13:43 - Wiped
• 21:55 - Brew Audit
• 31:48 - Propellantless Propulsion
• 37:44 - Nile Branch

Eric is afraid of getting his car washed. Jon has blackberries. Bits about Money has a humorous take on CrowdStrike and Banks. Google misplaces users' passwords for the better part of a day. Secure Boot isn't as secure as the name suggests. Forget Tamagotchi, here's a Friend. Blaze Star go Boom. Finally, Eric had way too much fun with the chapter titles and associated images this week.

• 0:00 - Introduction
• 8:32 - Because that's where the money is
• 14:03 - Dude, Where's my Passwords?
• 17:54 - NO MORE SECRETS
• 24:42 - Eliza 2024
• 29:29 - Blaze of Glory

Jon made it home, and Eric's away. Telegram has a zero day 'EvilVideo' allowing APK installation, and Crowdstrike's content update outage over the past weekend that caused mayhem. For fun we have a new game from Panic and the State Hall of the Austrian National Library.

• 0:00 - Intro
• 7:47 - Telegram Zero Day
• 12:22 - Crowdstrike Content Update
• 30:43 - Thank Goodness
• 32:51 - State Hall