Episodes

  • PP098: What Goes On Inside a Firewall?

    PP098: What Goes On Inside a Firewall?
    Feb 24 2026
    On today’s show, we pop the lid off of a firewall (figuratively speaking) to understand what’s inside. We talk about how a packet moves through various packet-processing elements inside a firewall, how header analysis and de-encapsulation work, which hardware component has the biggest impact on performance, why stateful inspection still matters in an age of... Read more »
    Show more Show less
    58 mins
  • PP097: How and Why to Turn the Browser into a Universal Security Agent (Sponsored)

    PP097: How and Why to Turn the Browser into a Universal Security Agent (Sponsored)
    Feb 17 2026
    With the rise of cloud services and SaaS, the browser has become a primary productivity tool. It’s also a primary vector for malware, phishing, identity theft, data leaks, and other risks. On today’s sponsored episode with Palo Alto Networks, we dive into browser security. We discuss risks to the browser and how they differ from... Read more »
    Show more Show less
    44 mins
  • PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?

    PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?
    Feb 10 2026
    Everything old is new again in today’s Packet Protector news roundup, as a decade-old Telnet exploit resurfaces, and Microsoft unfolds its roadmap to phase out the ancient NTLM protocol. In other news, Google takes down a sprawling residential proxy network, the popular Notepad++ app takes steps to recover from a serious compromise, and a Polish... Read more »
    Show more Show less
    51 mins
  • PP095: OT and ICS – Where Digital and Physical Risks Meet

    PP095: OT and ICS – Where Digital and Physical Risks Meet
    Feb 3 2026
    Operation Technology (OT) and Industrial Control Systems (ICS) are where the digital world meets the physical world. These systems, which are critical to the operation of nuclear power plants, manufacturing sites, municipal power and water plants, and more, are under increasing attack. On today’s Packet Protector we return to the OT/ICS realm to talk about... Read more »
    Show more Show less
    54 mins
  • PP094: Understanding OAuth and Reducing Authorization Risks

    PP094: Understanding OAuth and Reducing Authorization Risks
    Jan 27 2026
    OAuth is a widely used authorization (not authentication) protocol that lets a resource owner grant access to a resource using access tokens. These tokens define access attributes, including scope and length of time. OAuth can be used to grant access to human and non-human entities (for example, AI agents). OAuth is increasingly being abused by... Read more »
    Show more Show less
    1 hr and 10 mins
  • PP093: Security Priorities for 2026 – A Roundtable Discussion

    PP093: Security Priorities for 2026 – A Roundtable Discussion
    Jan 20 2026
    The start of a new year is a good time to assess what’s important. We’ve gathered some Packet Protector listeners to talk about their security priorities for 2026 in a roundtable discussion with hosts JJ and Drew. We talk about key risks for 2026, whether those risks have changed since last year, use cases for... Read more »
    Show more Show less
    1 hr and 3 mins
  • PP092: News Roundup–Old Gear Faces New Attacks, Cyber Trust Mark’s Trust Issues, Alarms Howl for Kimwolf Botnet

    PP092: News Roundup–Old Gear Faces New Attacks, Cyber Trust Mark’s Trust Issues, Alarms Howl for Kimwolf Botnet
    Jan 13 2026
    Everything old is new again in this Packet Protector news roundup, from end-of-life D-Link routers facing active exploits (and no patch coming) to a five-year-old Fortinet vulnerability being freshly targeted by threat actors (despite a patch having been available for five years). We also dig into a clever, multi-stage attack against hotel operators that could... Read more »
    Show more Show less
    52 mins
  • PP091: News Roundup–Securing MCP, Hunting Backdoors, and Getting the Creeps From AI Kids’ Toys

    PP091: News Roundup–Securing MCP, Hunting Backdoors, and Getting the Creeps From AI Kids’ Toys
    Dec 16 2025
    Our final news roundup for 2025 is a holiday sampler of tasty, chewy (and a few yucky) confections. We look at a years-long exploit campaign that used browser extensions to steal credentials, inject malicious content, and track behavior; tracks ongoing exploits using the React2Shell vulnerability; and debates whether a surveillance camera maker’s pledge to follow... Read more »
    Show more Show less
    54 mins