David Bombal

David Bombal

Want to learn about IT? Want to get ahead in your career? Well, this is the right place! On this channel, I discuss Python, Ethical Hacking, Networking, Network Automation, CCNA, Virtualization and other IT related topics. This YouTube channel has new videos every week! Subscribe for technical, detailed, no fluff content. David’s details: Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co Website: http://www.davidbombal.com YouTube: https://www.youtube.com/davidbombal All the best! David

  1. #564: Hackers can bypass Your MFA In 2026 (And How To Stop It)

    3 HR AGO

    #564: Hackers can bypass Your MFA In 2026 (And How To Stop It)

    Thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Are your passwords and 2FA enough to stop a modern cyber attack? In this interview, Rob from ThreatLocker breaks down the dangerous reality of password reuse, SIM swapping, and why traditional SMS MFA is no longer bulletproof. We dive deep into how threat actors use reverse proxies like Evilginx to steal session cookies, allowing them to bypass multi-factor authentication and hijack your accounts without ever needing your password. Discover why relying on legacy VPNs and leaving firewall ports open to the internet massively increases your attack surface, leaving your organization just one brute-force attack away from ransomware. Finally, we explore the mechanics of ThreatLocker’s Zero Trust Network Access and Cloud Access, detailing how denying by default and routing through secure proxies can lock down Microsoft 365 and make your internal network effectively invisible to hackers. // Rob Allen’s SOCIAL // LinkedIn: / threatlockerrob X: https://x.com/threatlockerrob // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:57 - What is 2FA/MFA and why is it important? 02:54 - Reusing passwords 04:38 - Malicious Chrome extensions 05:39 - Average person vs cybersecurity 12:18 - SMS 2FA 13:37 - Authenticator apps 16:26 - Yubikeys 17:58 - No one is "unhackable" 21:52 - "Cookie stealing" explained 22:53 - ThrearLocker's new tool/solution 28:22 - How ThreatLocker protects Office365 29:06 - ThreatLocker protecting organizations 33:11 - Should I trust ThreatLocker? 35:54 - How safe is ThreatLocker? 38:00 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #hacker #hack

    38 min
  2. #563: Securing LLMs and fighting Prompt Injection with Algorithmic Red Teaming

    3 HR AGO

    #563: Securing LLMs and fighting Prompt Injection with Algorithmic Red Teaming

    Thank you to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. In this interview, Cisco VP Rick Miles breaks down the evolution of the firewall, the massive hardware leap of the 6100 series, and how AI agents and eBPF are completely reshaping the industry. Whether you're trying to secure AI models against prompt injection or wondering if AI will replace your networking job by 2030, this is the technical reality check every engineer needs to hear right now. Has the role of the traditional firewall changed? Rick Miles, VP of Product at Cisco, joins David Bombal at Cisco Live EMEA to reveal the massive architectural shift from static "firewalls" to dynamic "firewalling." This deep-dive interview covers the incredible specs of the new Cisco Secure Firewall 6100 series—boasting 80% less space, 60% less power, and up to 8 Terabits of clustered throughput in a 2RU form factor. We also explore how eBPF is revolutionizing deep visibility and virtual patching directly at the application layer, moving security beyond the edge. But hardware is only half the story. We also break down the new "Wild West" of AI cybersecurity. Learn how to secure the network against prompt injection, poisoned AI models, and unsecured Model Context Protocols (MCP). Finally, Rick shares his vision for 2030: "Agentic" security. Will AI agents replace network engineers, or will they become the ultimate force multiplier for your career? // Rick Miles’ SOCIAL // LinkedIn: / rcmiles09 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:19 - Introduction 01:17 - Are Firewalls Dead? 04:18 - Cisco and Firewalls 08:30 - Hyperscalers vs Neo-Clouds vs Enterprises 10:46 - EBPF and Switches as Firewalls 14:32 - Managing your Hybrid Mesh Firewall 16:20 - Cisco’s Compatibility with other Firewalls 17:40 - Identity within Systems 19:05 - More on Hybrid Mesh Firewall 19:53 - Model Context Protocol and Security 23:57 - The Future of “Firewalling” 25:15 - The Effect of Agentic AI 26:57 - Will AI take all our Jobs? 27:56 - Should you get into Cyber Security? 28:48 - Cool Story about Firewall 30:30 - Talk to your Younger Self 32:32 - Does AI give Advantage to Attackers? 33:09 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #firewall #cisco #cybersecurity

    33 min
  3. #562: Warning and demo: It's possible to Prompt Engineer Malware

    3 HR AGO

    #562: Warning and demo: It's possible to Prompt Engineer Malware

    Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Discover how easily hackers prompt engineer malware in 2026. Kieran Human from ThreatLocker demonstrates bypassing Microsoft Copilot guardrails to write PowerShell ransomware. // Kieran Human’s SOCIAL // LinkedIn: / kieran-human-5495ab170 // GitHub page REFERENCE // https://github.com/ztwAdmin/ZTW-2026 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:17 - Intro 01:00 - Demo 01:37 - Sponsored by Threatlocker 01:55 - Demo continued 07:38 - Where to Find these Tools 08:38 - Disclaimer 09:33 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #threatlocker #copilot #locallm

    10 min
  4. #561: Why 1 small network FAIL breaks your massive 2026 AI job

    4 DAYS AGO

    #561: Why 1 small network FAIL breaks your massive 2026 AI job

    Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. The AI revolution is putting unprecedented strain on global network architectures. In this exclusive deep dive with networking leaders from Cisco and NTT, we break down the critical infrastructure challenges and hardware innovations shaping 2026. Discover how emerging NeoClouds are competing with traditional hyperscalers to deliver dedicated GPU clusters, and why a single non-blocking network failure can bring an entire AI deployment to a grinding halt. We explore the reality of deploying agentic AI across enterprise networks, the vital role of international data sovereignty, and the extreme power demands driving the shift toward liquid-cooled data centers and innovations like the Cisco Silicon One G300 Chip. We also dive into the future of physical AI at the edge, where robotics and autonomous systems demand ultra-low latency inferencing. For IT professionals and network engineers, the stakes have never been higher. Learn the proven skills you need to stay relevant in 2026, from mastering zero-trust AI network security and observability with Splunk to managing predictive networking autonomously. Finally, get a sneak peek into the spooky future of post-quantum cryptography and what it means for the next generation of cybersecurity. // Gary Middleton’s SOCIAL // LinkedIn: / middletongary // Hendrik Blokhuis’ SOCIAL // LinkedIn: / hendrik-blokhuis-886a8910 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:30 - Introduction 01:48 - NeoClouds and the Importance of Networking 02:52 - Data Sovereignty 04:47 - Challenges faced for Data Centres 07:31 - Electricity and Data Centres 09:18 - Technical Problems and Cisco’s Solutions 12:41 - Lack of Skills in the Industry 13:21 - Is it still Worth Getting into Cyber today? 15:44 - Security of AI and Trusting your AI 18:06 - NTT Data and Cisco Partnership 20:01 - Who is Buying and Deploying this New Tech 21:52 - Could Agentic AI help solve Problems 23:46 - Customer Feedback on Agentic AI 24:57 - Physical AI is the Next Step in AI 25:58 - The Future of AI and Networking 28:05 - Post Quantum Cryptography 28:57 - Advice for Young People today 30:17 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ntt #agenticai #postquantum

    30 min
  5. #560: The one BIG mistake you are making with DNS security today

    4 DAYS AGO

    #560: The one BIG mistake you are making with DNS security today

    Big thank you to Infoblox for sponsoring this video. To learn more about Infoblox please visit: https://www.infoblox.com/ Do you know the difference between encrypted DNS and secure DNS? DNS veteran Cricket Liu, author of DNS and Bind, joins David Bombal to break down common misconceptions, explain the crucial distinction between security and privacy; and outline a massive update to the NIST Secure DNS Deployment Guide (SP 800-81). If you run a network, you cannot afford to ignore this control point. Detailed Breakdown: DNS is the Achilles' heel of internet infrastructure. While newer protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT) solve the cleartext privacy problem, they do not stop malware, phishing, or data exfiltration. In fact, attackers are now using encrypted DNS against us. In this deep-dive interview, Cricket Liu explains how DNS security must evolve beyond simple encryption to include Protective DNS (PDNS) using Response Policy Zones (RPZ). Learn how to turn your existing DNS infrastructure into a low-cost, high-efficiency control point that blocks malicious C2 rendezvous, phishing links, and DNS tunneling automatically. We also tackle the DNSSEC confusion head-on. Cricket clarifies exactly why DNSSEC is about validation and integrity, not encryption, and discusses the looming threat of quantum computing on modern cryptographic standards. Finally, we discuss real-world attack vectors, including a wild story about a dangling CNAME record on CDC.gov that was hijacked to game search engine rankings, and how the updated NIST guide shifts focus from just network administrators to security practitioners. // Links to documents // NIST SP 800-81: https://nvlpubs.nist.gov/nistpubs/Spe... Inflox Q&A on NIST SP 800-81: https://www.infoblox.com/blog/securit... // Cricket Liu’s SOCIAL // LinkedIn: / cricketliu // Renee Burton’s SOCIAL // LinkedIn: / ren%c3%a9e-burton-b7161110b Blog Posts: https://www.infoblox.com/blog/author/... // Infoblox SOCIAL // LinkedIn: / infoblox Website: https://www.infoblox.com/ // Books by Cricket // DNS on Windows Server 2003: Mastering the Domain Name US: https://amzn.to/4byNAtQ UK: https://amzn.to/4rjqgoz DNS & BIND Cookbook: Solutions & Examples for System Administrators 1st Edition US: https://amzn.to/40iZPob UK: https://amzn.to/3Nk2MBM DNS and BIND on IPv6: DNS for the Next-Generation Internet 1st Edition US: https://amzn.to/3MXly1Y UK: https://amzn.to/4s2SFRe Learning CoreDNS: Configuring DNS for Cloud Native Environments 1st Edition US: https://amzn.to/4sC4GwS UK: https://amzn.to/4ro0T59 DNS & Bind 4th Edition: US: https://amzn.to/4s8WaWm UK: https://amzn.to/4sztLbB // Website REFERENCE // Nist: https://www.nist.gov/ Secure Domain Name System Deployment Guide: https://www.nist.gov/news-events/news... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #dns #dnssec #cybersecurity

    58 min
  6. #559: How Splunk unlocks the Agentic AI transition in 2026

    16 MAR

    #559: How Splunk unlocks the Agentic AI transition in 2026

    In this exclusive interview, Kamal Hathi reveals how the new Cisco Data Fabric and Splunk Machine GPT are unlocking agentic AI for cybersecurity. Discover the future of SOC analysts and network telemetry in 2026! Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. // Kamal Hathi’s’ SOCIAL // LinkedIn: / kamal-hathi // Website REFERENCE // https://www.splunk.com/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:36 - Kamal Hathi introduction and machine gpt update 03:36 - Splunk and machine data 05:47 - Resources to learn Splunk 06:48 - Cisco Time Series Model on Hugging Face 07:50 - Cisco Data Fabric explained 09:37 - Updates in 2026 15:51 - Cisco & Splunk 17:50 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #splunk #ciscolive

    18 min
  7. #558: Top 4 Web hacking demos for aspiring hackers (with labs and CTF)

    16 MAR

    #558: Top 4 Web hacking demos for aspiring hackers (with labs and CTF)

    Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Are you looking to get into bug bounty hunting but feel overwhelmed or worried the field is oversaturated? In this video, full-time bug bounty hunter Justin Gardner shares a realistic, actionable guide to web hacking for beginners. We dive straight into the practical side with five live demonstrations of common web vulnerabilities—all done using just your browser and DevTools. Justin explains how Insecure Direct Object Reference (IDOR), Broken Access Controls, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) work in the real world, including stories of finding these exact bugs on major platforms like Google. After the demos, we tackle the biggest questions new hackers have: Is there still money to be made in 2026? How has AI changed the landscape? And what is the exact roadmap to landing your first bounty? Justin breaks down his "200-hour rule" for learning, why you need to get comfortable with failing, and the best resources (like HackerOne and PortSwigger) to help you launch your cybersecurity career today. // Labs and more here: // Labs: https://ztw.ctbb.show/ More labs: https://labs.cai.do/ And more labs: https://portswigger.net/web-security // Justin Gardner’s SOCIAL // YouTube: / @criticalthinkingpodcast LinkedIn: / rhynorater X: https://x.com/Rhynorater GitHub: https://rhynorater.github.io/aboutme/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:40 - Introduction 01:50 - Getting Started in Bug Bounty 03:11 - Can I Make Money in Bug Bounty? 04:11 - Demo 1 06:55 - Demo 2 08:47 - Lessons for Upcoming Hackers 10:09 - Demo 3 13:49 - Are There Demos on Justin’s Podcast? 14:20 - Demo 4 18:11 - Real-Life Date of Birth Vulnerability 19:13 - Advice on Becoming a Hacker Like Justin 20:20 - What & Where to Study to Become a Bug Bounty Hacker 21:49 - How Long Does It Take? 25:07 - Outro & Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #webhacking #bugbounty #hack

    25 min
  8. #557: Every Reason Why I Hate AI and You Should Too

    14 MAR

    #557: Every Reason Why I Hate AI and You Should Too

    Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Cybersecurity expert Marcus Hutchins (MalwareTech) sits down to cut through the 2026 AI hype, explaining why threat actors aren't using generative AI and why it won't replace tech jobs. In this deep dive, Marcus reveals the reality behind the AI tech bubble and how executive hype is distracting from actual network vulnerabilities. We discuss the dangers of "vibe coding" critical infrastructure, why reactive SOC teams are giving attackers too much time, and why mastering foundational cybersecurity skills is more important now than ever. If you're navigating the current tech job market or working in threat intelligence, this is the reality check you need. // Blog Entry // Every Reason Why I Hate AI and you should too: https://malwaretech.com/2025/08/every... // Marcus Hutchins’ SOCIAL // YouTube: / malwaretechblog Website: https://marcushutchins.com/ Discord: / discord LinkedIn: / malwaretech BlueSky: https://bsky.app/profile/malwaretech.com TikTok: / itsmarcushutchins Mastadon: https://infosec.exchange/@malwaretech Instagram: / malwaretech X: https://x.com/malwaretechblog / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:58 - Intro 03:03 - Why Marcus Is Tired Of AI 04:49 - Threat Actors Hurting Themselves 06:35 - Data Centres In Space 09:07 - Will AI Damage Cybersecurity? 13:25 - AI Makes Developers Lazy (Vibe Coding) 19:58 - Every Reason Why Marcus Hates AI 24:07 - Is AI A Bubble? 25:54 - Will AI Take People's Jobs? 30:56 - When Will The AI Bubble Pop? 33:55 - Marcus' Advice To The Youth 34:40 - Is AI Malware Affective? 36:27 - Proactive Defence 40:26 - Marcus Is An AI Hater 45:58 - Will There Ever Be Enough Guardrails? 48:07 - Final Thoughts 49:57 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ai #cybersecurity #aimalware

    51 min
See All (500)

About

Want to learn about IT? Want to get ahead in your career? Well, this is the right place! On this channel, I discuss Python, Ethical Hacking, Networking, Network Automation, CCNA, Virtualization and other IT related topics. This YouTube channel has new videos every week! Subscribe for technical, detailed, no fluff content. David’s details: Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co Website: http://www.davidbombal.com YouTube: https://www.youtube.com/davidbombal All the best! David

Information

  • Creator
    David Bombal
  • Years Active
    2019 - 2026
  • Episodes
    500
  • Rating
    Clean
  • Copyright
    © All rights reserved
  • Show Website
    David Bombal

You Might Also Like