Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Jerry Bell and Andrew Kalat
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Defensive Security is a weekly information security podcast which reviews recent high profile security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.

  1. -3 J

    Defensive Security Podcast Episode 291

    Summary In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant incident involving a Tenable plugin update that disrupted Nessus agents worldwide. They delve into the implications of malicious Chrome extensions and sophisticated phishing attacks, particularly focusing on a recent incident involving OAuth trust exploitation. The conversation shifts to new HIPAA cybersecurity rules that aim to enhance security measures in healthcare, followed by a discussion on the rise of AI-generated phishing emails targeting executives. Finally, they explore the challenges of passkey technology in achieving usable security across different platforms.   Links: * https://www.bleepingcomputer.com/news/security/bad-tenable-plugin-updates-take-down-nessus-agents-worldwide/ * https://www.bleepingcomputer.com/news/security/new-details-reveal-how-hackers-hijacked-35-google-chrome-extensions/ * https://www.darkreading.com/vulnerabilities-threats/hipaa-security-rules-pull-no-punches * https://arstechnica.com/security/2025/01/ai-generated-phishing-emails-are-getting-very-good-at-targeting-executives/ * https://arstechnica.com/security/2024/12/passkey-technology-is-elegant-but-its-most-definitely-not-usable-security/

    51 min

  2. 30/12/2024

    Defensive Security Podcast Episode 290

    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the FTC’s order for Marriott and Starwood to enhance their data security measures, a recent hijacking of a Chrome extension, and emerging threats for 2025. They also delve into the implications of AI in cybersecurity, emphasizing the need for governance and risk management as AI technologies become more pervasive in the workplace. Takeaways * The FTC has mandated Marriott and Starwood to implement a comprehensive security program for 20 years. * Data breaches can lead to significant regulatory actions and long-term consequences for companies. * The hijacking of browser extensions poses a serious risk to user data and security. * Emerging threats for 2025 include zero-day exploits and supply chain attacks. * AI governance is crucial as employees increasingly use AI tools without oversight. Links * https://www.bleepingcomputer.com/news/security/ftc-orders-marriott-and-starwood-to-implement-strict-data-security/ * https://www.bleepingcomputer.com/news/security/cybersecurity-firms-chrome-extension-hijacked-to-steal-users-data/ * https://www.darkreading.com/vulnerabilities-threats/emerging-threats-vulnerabilities-prepare-2025 * https://www.securityweek.com/beware-of-shadow-ai-shadow-its-less-well-known-brother/

    1 h 24 min

  3. 19/12/2024

    Defensive Security Podcast Episode 289

    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a year-long supply chain attack that compromised 390,000 credentials, the U.S. government’s bounty for information on North Korean IT worker farms, and the alarming number of vulnerabilities found in software containers. They also delve into the implications of the False Claims Act for cybersecurity whistleblowers and the evolving landscape of AI in security.

    1 h

  4. 09/12/2024

    Defensive Security Podcast Episode 288

    In this episode of the Defensive Security Podcast, we discuss the anticipated rise of Mac malware, the economic implications of new top-level domains (TLDs) for phishing, innovative phishing techniques using corrupt documents, and the risks associated with open-source software. We also explore the concept of risk homeostasis in cybersecurity, examining how users’ perceptions of security can influence their behavior and risk-taking. The conversation emphasizes the importance of education, robust security measures, and the need for a deeper understanding of complex systems in the face of evolving threats. If you would like to support this podcast, please consider donating here: https://www.patreon.com/defensivesec Links: * https://appleinsider.com/articles/24/12/04/what-a-new-threat-report-says-about-mac-malware-in-2024 * https://krebsonsecurity.com/2024/12/why-phishers-love-new-tlds-like-shop-top-and-xyz/ * https://www.bleepingcomputer.com/news/security/novel-phishing-campaign-uses-corrupted-word-documents-to-evade-security/ * https://www.bleepingcomputer.com/news/security/ultralytics-ai-model-hijacked-to-infect-thousands-with-cryptominer/ and https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection

    1 h

  5. 01/12/2024

    Defensive Security Podcast Episode 287

    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various topics including their holiday plans, updates on their podcast, and significant cybersecurity incidents. They delve into a recent Wi-Fi breach involving Russian hackers, CrowdStrike’s IT outage and its implications for customer retention, and the discovery of malware exploiting vulnerable device drivers. The conversation emphasizes the importance of security practices such as multi-factor authentication and the challenges of managing cybersecurity risks in a rapidly evolving landscape. In this engaging conversation, Andrew Kalat and Jerry Bell explore various themes in cybersecurity, including the shift towards self-service IT solutions, the rise of phishing as a service, and the evolving landscape of multi-factor authentication. They discuss the implications of new threats like BootKitty and the challenges posed by firmware vulnerabilities. The conversation also touches on the future of cloud security and the often-overlooked role of marketing in cybersecurity threats, culminating in a light-hearted discussion about their pets. You can support the Defensive Security Podcast through our Patreon site here: https://patreon.com/defensivesec Links to the stories we discussed in this episode: * https://www.bleepingcomputer.com/news/security/hackers-breach-us-firm-over-wi-fi-from-russia-in-nearest-neighbor-attack/ * https://www.cybersecuritydive.com/news/crowdstrike-retains-customers/734203/ * https://thehackernews.com/2024/11/researchers-uncover-malware-using-byovd.html?m=1 * https://securityaffairs.com/171532/cyber-crime/rockstar-2fa-phaas.html * https://arstechnica.com/security/2024/11/code-found-online-exploits-logofail-to-install-bootkitty-linux-backdoor/

    57 min

  6. 24/11/2024

    Defensive Security Podcast Episode 286

    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the launch of their new podcast, Getting Defensive. They delve into a CISA report on exploited vulnerabilities, highlighting the concerning trend of zero-day vulnerabilities being exploited. The conversation also covers a GitHub incident involving malicious commits aimed at framing a researcher, Microsoft’s new Windows resiliency initiative, and insights from a CISA red team assessment of a critical infrastructure organization. We emphasize the importance of consent in security assessments and the challenges organizations face in managing risks associated with outdated software. Takeaways * The launch of the new podcast ‘Getting Defensive’ aims to explore deeper cybersecurity topics. * CISA’s report indicates a troubling trend of zero-day vulnerabilities being exploited more frequently. * Organizations must prioritize patching and mitigating controls to address vulnerabilities effectively. * The GitHub incident highlights the risks of malicious commits and the importance of code review. * Microsoft’s Windows resiliency initiative introduces new features to enhance security and system integrity. * Consent is crucial in penetration testing and security assessments. * Organizations often accept risks associated with outdated software, which can lead to vulnerabilities. * Effective monitoring and detection are essential to mitigate potential attacks. * Ransomware is not the only threat; organizations must be aware of various attack vectors. * The CISA red team assessment provides valuable insights into the security posture of critical infrastructure.   Links: * https://www.darkreading.com/cyberattacks-data-breaches/zero-days-wins-superlative-most-exploited-vulns * https://www.bleepingcomputer.com/news/security/github-projects-targeted-with-malicious-commits-to-frame-researcher/ * https://thehackernews.com/2024/11/microsoft-launches-windows-resiliency.html?m=1 * https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-326a

    1 h 12 min

  7. 11/11/2024

    Defensive Security Podcast Episode 285

    In this episode of the Defensive Security Podcast, we discuss the theft of cloud credentials, the exploitation of SharePoint vulnerabilities, evolving malware techniques, and the importance of cyber due diligence for suppliers. They reflect on the challenges of managing secrets, the implications of auto-updates, and the need for robust risk management practices in the face of increasing cyber threats. Links: * https://www.bleepingcomputer.com/news/security/hackers-steal-15-000-cloud-credentials-from-exposed-git-config-files/ * https://www.bleepingcomputer.com/news/security/microsoft-sharepoint-rce-bug-exploited-to-breach-corporate-network/ * https://thehackernews.com/2024/11/5-most-common-malware-techniques-in-2024.html * https://www.theregister.com/2024/11/06/windows_server_2025_surprise/ * https://databreaches.net/2024/11/08/nist-publishes-guide-on-due-diligence-for-cyber-supply-chain-risk-management/

    1 h 8 min

  8. 29/10/2024

    Defensive Security Podcast Episode 284

    Delta’s Lawsuit, SEC Penalties, and Fortinet’s Zero-Day Exploit In this episode, hosts Jerry Bell and Andrew Kellett discuss current cybersecurity issues, starting with Delta Air Lines’ $500 million lawsuit against CrowdStrike over an IT outage and data breach. They explore SEC penalties imposed on tech companies for downplaying the SolarWinds hack’s impact, followed by an analysis of the Black Basta ransomware group’s new method of posing as IT support via Microsoft Teams. The discussion concludes with concerns about the exploitation of a zero-day vulnerability in Fortinet’s firewall manager, highlighting the need for transparency and timely communication from vendors. Links: * https://www.cnbc.com/2024/10/25/delta-suit-against-crowdstrike-after-it-outage-caused-cancellations.html * https://go.theregister.com/feed/www.theregister.com/2024/10/22/sec_fines_four_tech_firms/ * https://www.bleepingcomputer.com/news/security/black-basta-ransomware-poses-as-it-support-on-microsoft-teams-to-breach-networks/ * https://arstechnica.com/security/2024/10/fortinet-stays-mum-on-critical-0-day-reportedly-under-active-exploitation/

    54 min
Tout afficher (200)

À propos

Defensive Security is a weekly information security podcast which reviews recent high profile security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.

Informations

Vous aimeriez peut‑être aussi

Pour écouter des épisodes au contenu explicite, connectez‑vous.

Recevez les dernières actualités sur cette émission

Connectez‑vous ou inscrivez‑vous pour suivre des émissions, enregistrer des épisodes et recevoir les dernières actualités.
Choisissez un pays ou une région

Afrique, Moyen‑Orient et Inde

Asie‑Pacifique

Europe

Amérique latine et Caraïbes

États‑Unis et Canada