Threat Talks - Your Gateway to Cybersecurity Insights

Threat Talks
  • 5.0 (1)
  • TECH NEWS
  • UPDATED WEEKLY

Threat Talks is your cybersecurity knowledge hub. Unpack the latest threats and explore industry trends with top experts as they break down the complexities of cyber threats. We make complex cybersecurity topics accessible and engaging for everyone, from IT professionals to every day internet users by providing in-depth and first-hand experiences from leading cybersecurity professionals. Join us for monthly deep dives into the dynamic world of cybersecurity, so you can stay informed, and stay secure!

  1. Inside the MongoBleed Memory Leak

    10H AGO

    Inside the MongoBleed Memory Leak

    Imagine your memory just became the attack surface.That’s MongoBleed. Or as others know it: CVE-2025-14847. No passwords to crack, no complex exploit chain.  Just normal protocol behavior, repeated at scale. Each request leaks a little more MongoDB memory until something valuable shows up, even in environments that already follow network segmentation best practices. Rob Maas (Field CTO, ON2IT) hosts Luca Cipriano (CTI & Red Team Program Lead) to dissect MongoBleed, an unauthenticated memory leak vulnerability in MongoDB, in this episode of Threat Talks. They break down how MongoBleed exploits MongoDB’s wire protocol before authentication and why repetition matters more than a single request.  MongoDB is everywhere: cloud platforms, scalable applications, and data-heavy environments where availability matters more than friction. If MongoDB is part of your environment, or you want to understand how this vulnerability is exploited in practice, the full breakdown is worth your time. Timestamps   Key Topics Covered ·         How malformed compressed messages manipulate MongoDB memory allocation ·         Why BSON string parsing can expose unintended data ·         How repeated burst requests turn small leaks into valuable information ·         Why MongoDB deployments are attractive targets in the cloud Resources ·         Threat Talks: https://threat-talks.com/  ·         ON2IT (Zero Trust as a Service): https://on2it.net/  ·         AMS-IX: https://www.ams-ix.net/ams ·         Threat Talks episode on Citrix Bleed: https://youtu.be/YwDpRPBfAzs  Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.   🔔 Follow and Support our channel! 🔔  ===   ► YOUTUBE:    / @threattalks   ► SPOTIFY: https://open.spotify.com/show/1SXUyUE... ► APPLE: https://podcasts.apple.com/us/podcast...   👕 Receive your Threat Talks T-shirt https://threat-talks.com/   🗺️ Explore the Hack's Route in Detail 🗺️ https://threat-talks.com   🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    14 min
  2. How to pass any cybersecurity certification

    FEB 10

    How to pass any cybersecurity certification

    Certifications play a central role in cybersecurity career development.Yet many experienced engineers find themselves failing exams they should easily pass. The problem isn’t a lack of knowledge or skills. It’s the disconnect between real-world security work, and certifications built around memorization, UI trivia, and version-specific details that will be obsolete in two months. In this episode of Threat Talks, Rob Maas (Field CTO, ON2IT) and Nicholai Piagentini(Technical Enablement Engineer, ON2IT) break down why this happens, how certification exams are designed, and how to pass any cybersecurity certification without memorization or falling for trick questions.  They explore how well-written exams validate real job tasks, while poorly designed ones drift into reading comprehension, UI trivia, and version-specific details that lose value the moment the product changes. From blueprint-driven preparation to smart elimination tactics and knowing when not to overthink an answer, this is a grounded look at how to pass any certification for meaningful cybersecurity qualifications. Timestamps Key Topics Covered ·         Why many certification exams fail at measuring real-world cybersecurity skills ·         How to pass cybersecurity certification exams by focusing on concepts, not memorization ·         What makes a good vs bad exam (and how vendors design them) ·         Practical tactics for exam day, preparation strategies, and dealing with nerves   Resources ·         Threat Talks: https://threat-talks.com/  ·         ON2IT (Zero Trust as a Service): https://on2it.net/  ·         AMS-IX: https://www.ams-ix.net/ams Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.   🔔 Follow and Support our channel! 🔔  ===  ► YOUTUBE:    / @threattalks   ► SPOTIFY: https://open.spotify.com/show/1SXUyUE... ► APPLE: https://podcasts.apple.com/us/podcast...   👕 Receive your Threat Talks T-shirt https://threat-talks.com/   🗺️ Explore the Hack's Route in Detail 🗺️ https://threat-talks.com

    22 min
  3. The Battle of Defending a Digital City

    FEB 3

    The Battle of Defending a Digital City

    When it comes to running an airport, there’s no room for error. Any casualty is one too much.   That’s the reality of all airports, including DFW Airport. It’s a 28-square-mile operation, bigger than the island of Manhattan, functioning as a city with its own police, fire services, OT environments, and always-on digital infrastructure.   In this Threat Talks episode, Lieuwe-Jan Koning (Co-Founder and CTO, ON2IT) sits down with Eric Bowerman (CISO of DFW Airport), to unpack how cybersecurity actually works when IT, OT, and physical safety collide.    From digital transformation security to real-world OT security and IT/OT convergence, this is a rare, grounded look at defending critical infrastructure where failure isn’t theoretical - it’s operational. Timestamps Key Topics Covered How a major airport functions as a digital city with IT, OT, and cyber-physical riskPractical OT security strategies when patching and downtime aren’t optionsWhy IT/OT convergence changes threat modeling, segmentation, and detectionResilience-first security: keeping passengers, planes, and operations moving Click here to view the episode transcript. Related ON2IT Content & Referenced Resources Threat Talks website: https://threat-talks.com/ ON2IT website: https://on2it.net/ If you’re responsible for critical infrastructure, OT environments, or large-scale digital transformation, this episode is essential viewing. 🔔 Subscribe and turn on notifications to stay ahead of emerging cyber threats across IT, OT, and critical infrastructure. ===► YOUTUBE: / @threattalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

    47 min
  4. From IPs to people

    JAN 27

    From IPs to people

    Detection fails without identity. When activity isn’t tied to a person, anomalies stop telling a story - they’re just signals without context. And when your logs only show IP addresses, your security team is left responding to shadows, not real risk.  In this Threat Talks Deep Dive, Rob Maas (Field CTO, ON2IT) and Nicholai Piagentini (Technical Enablement Engineer, ON2IT) show how identity-based firewalling fixes that-by enforcing policy based on who the user is, not where they connect from.The result: stronger network access control, cleaner zero trust firewall enforcement, and better enterprise security decisions.  (00:56) - Intro - Detection fails without identity (01:02:07) - Identity signals - users, devices, tags (02:15:43) - Why identity-based firewalls win - zero trust & threat detection (04:48:01) - Why teams skip it -“as-is” migrations & fear of complexity (07:08:13) - Terminal servers - a network access control blind spot (08:17:11) - NAT & service accounts - who is the real identity? (10:15:12) - When user ID feels impossible - the wireless workaround (11:12:12) - How to start safely - turn it on, validate, tighten policy (14:16:30) - Not optional anymore - zero trust firewall due diligence (15:30:01) - Best advice - start imperfect, identity data wins (17:09:58) - Wrap - stop guessing, know who’s acting Key Topics Covered• Why anomaly detection breaks without identity correlation in firewall logs• How identity-based policy improves network access control and reduces lateral movement• Common failure points: terminal servers, NAT, service accounts, AD timeouts• A low-risk rollout: enable for visibility first, then enforce zero trust rulesRelated ON2IT content & explicitly referenced resourceshttps://threat-talks.com/https://on2it.net/https://www.ams-ix.net/ams Threat Talks connects cyber threats to operational reality-so CISOs and architects can make decisions faster. Subscribe, follow, and turn on notifications to stay ahead of what changes enterprise security next. Click here to view the episode transcript. 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    18 min
  5. Beyond NIS2 Compliance

    JAN 21

    Beyond NIS2 Compliance

    Most organizations ask one question: “Are we compliant?” The question that actually matters is: “Will we still be operating when things go wrong?” In this Threat Talks episode, Lieuwe Jan Koning speaks with Jasper Nagtegaal about what NIS2 is really trying to change - and why cyber resilience fails when organizations treat it as a policy exercise instead of a business risk. This isn’t about regulators.It’s about how digital risk is explained, understood, and acted on - from technical teams to the boardroom - and why organizations that meet NIS2 in practice think very differently from those that end up explaining them. (00:15) - Fine or resilience: the question that changes everything (02:20:26) - Why cyber incidents are business failures, not IT failures (05:30:35) - NIS2 in plain terms: resilience over compliance (06:35:31) - Building resilience before incidents — not after fines (13:31:12) - Risk-based focus: you can’t protect everything (16:12:37) - Why consequences still matter - and when they appear (18:37:18) - What cybersecurity can learn from aviation, energy & healthcare (18:18) - Why digital risk is still treated as a compliance burden (05:18:14) - Why cyber regulation works differently across countries (09:14:13) - What to do tomorrow: risk, boards, and real accountability (21:13:28) - Wrap: resilience first, compliance follows Speakers Lieuwe Jan Koning - Security Operations Center, ON2IT Jasper Nagtegaal - Director of Digital Resilience, Dutch Authority for Digital Infrastructure (RDI)Click here to view the episode transcript.

    48 min
  6. Maritime Cybersecurity: Predictable = Hackable

    JAN 13

    Maritime Cybersecurity: Predictable = Hackable

    You’re Port Control. A vessel requests entry.No captain. No crew. Just autonomy. In maritime cybersecurity, the risk isn’t that the ship is autonomous.It’s that you no longer know who’s steering. Lieuwe Jan Koning (Co-Founder & CTO, ON2IT) joins Stephen McCombie (Professor of Maritime IT Security, NHL Stenden) and Hans Quivooij (CISO, Damen Shipyards) to expose the illusion of control in autonomous shipping - where technology moves fast, responsibility blurs, and regulation lags behind. (00:05) - No captain, just code: the Port Control dilemma (02:05:15) - Autonomous shipping is here - and it’s remote by design (06:15:48) - When it crashes: who owns the blame (and the bill)? (07:38:12) - Ready or not: why “keeping watch” breaks at sea (10:12:49) - Predictable = steerable: the risks most teams miss (13:49:46) - Visibility vs compromise: when the ship becomes a weapon (18:46:10) - The mindset shift: from castles to constant compromise (20:10:45) - Regulation gap: high impact, low control (21:45:50) - Too late? Only if you stay blind to real threats (01:50:19) - Stop splitting IT and OT: defend vessels like HQ (05:19:42) - Put it on the agenda: ask better questions, run scenarios (09:42:22) - Wrap: make it tangible, build security into autonomy Key Topics Covered• Why maritime cybersecurity now decides physical safety, not just data protection• How predictability in autonomous vessels creates exploitable maritime cyber risk• Where responsibility breaks down when humans leave the bridge• What cyber attacks on critical infrastructure look like once they reach the sea• What to do next to protect against cyber attacks at seaRelated ON2IT content & explicitly referenced resourcesBefore the Mayday: Cyber Attacks at Sea: https://www.youtube.com/watch?v=4rxWUmjbYOo Hack the Boat episode: https://www.youtube.com/watch?v=Xa0TJ3eRTCw Threat Talks: https://threat-talks.com/ON2IT (Zero Trust as a Service): https://on2it.net/AMS-IX: https://www.ams-ix.net/ams Threat Talks connects cyber threats to operational reality - every week.Subscribe and turn on notifications to stay ahead of emerging cyber threats across IT, OT, and critical infrastructure. Click here to view the episode transcript. 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    38 min
  7. Before the Mayday: Cyber ​​Attacks at Sea

    JAN 6

    Before the Mayday: Cyber ​​Attacks at Sea

    Could Stuxnet happen again - this time at sea? In this Threat Talks episode, host Lieuwe Jan Koning sits down with Professor Stephen McCombie, global expert in maritime cybersecurity, to unpack real-world cyber attacks on critical infrastructure and why the maritime sector is dangerously exposed. From GPS spoofing and insider threats to aging ship systems and state-sponsored attacks, this conversation reveals how maritime cyber risk is no longer theoretical - it’s already disrupting global trade, safety, and geopolitics. If your organization depends on shipping, ports, or industrial OT environments, this is an episode you really shouldn’t ignore. (00:00) - – 01:15 Why Cyber Attacks at Sea Matter (01:15) - – 04:01 What Makes the Maritime Industry Uniquely Vulnerable (04:01) - – 07:15 Legacy Ships vs. Modern Ships: Where the Real Risk Lies (07:15) - – 13:17 Stuxnet and the Blueprint for Physical Cyber Attacks (13:17) - – 14:17 Today’s Biggest Maritime Cyber Threats (14:17) - – 17:04 Learning from Real Incidents: The MCAT Database (17:04) - – 23:19 Real Attacks at Sea: Insider Threats & GPS Spoofing (24:34) - – 33:11 From Awareness to Action: Solutions That Actually Help (33:11) - – 37:25 The Ship Honeynet: Detecting Attacks Before the Mayday (37:25) - – 38:24 End Key Takeaways & What Comes Next Key Topics Covered• Why maritime cybersecurity failures can cripple global supply chains• Real examples of cyber attacks on critical infrastructure, including GPS spoofing and insider threats• How legacy OT, poor segmentation, and low awareness increase maritime cyber risk• Practical lessons: intelligence-led defense, openness, exercises, and Zero Trust thinkingRelated ON2IT Content & Referenced ResourcesThreat Talk episode - Hack the Boat: https://youtu.be/Xa0TJ3eRTCw?si=oQPhu4iyfVJEh0CQ Threat Talk episode - Maritime Cyber Attack Database: https://maritimecybersecurity.nl/ Threat Talk website: https://threat-talks.com/ON2IT website: https://on2it.net/AMS-IX website: https://www.ams-ix.net/amshttps://www.mcatdatabase.org/https://www.nhlstenden.com/https://www.marinetraffic.com/ Click here to view the episode transcript. Subscribe and turn on notifications to stay ahead of emerging cyber threats across IT, OT, and critical infrastructure. 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    38 min
  8. Looking Back at 2025: Cybersecurity at a Turning Point

    12/30/2025

    Looking Back at 2025: Cybersecurity at a Turning Point

    2025 was the year detection stopped being enough.Because attacks stopped behaving the way detection was built to handle. OT systems were hit with real-world consequences. AI stopped being just a productivity tool and became an attacker. And SOCs discovered - often painfully - that speed alone still means reacting too late.In this special end-of-year Threat Talks episode, Lieuwe Jan Koning is joined by Luca Cipriano, Yuri Wit, and Rob Maas, all in ugly Christmas sweaters, to unpack why the cybersecurity trends of 2025 represent a structural break, not a gradual evolution.They trace how attackers scaled faster than defenders, why SOC automation became unavoidable, and how preemptive security and Zero Trust execution are emerging as the only way to regain control.This isn’t a recap for curiosity.It’s a map of how we got here - and what must change in 2026 to stay ahead. (00:00) - Introduction: why 2025 felt fundamentally different (01:31) - - 05:12 The threat landscape shifts: OT security and real-world impact (05:12) - - 07:27 A new normal: how AI changed daily security work (07:27) - - 09:31 The most surprising attacks of 2025 (09:31) - - 20:00 Inside the SOC: scale, speed, and analyst fatigue (20:00) - - 22:15 “There are protections against AI… right?” (22:15) - - 20:23 Zero Trust redefined: can it handle AI-driven attacks? (30:23) - - 32:04 Why prevention matters more than ever (32:04) - - 41:06 Looking ahead: predictions for cybersecurity in 2026 Key Topics Covered• How AI-powered attacks and autonomous malware altered attacker economics• Why OT security and critical infrastructure moved to the front line• Where SOC automation helps - and where it creates false confidence• Why preemptive security and Zero Trust shift defense from reaction to controlRelated ON2IT Content & Referenced ResourcesI-Soon episodehttps://www.youtube.com/watch?v=Rkp4OWOcCeU&t=1s Salesloft supply chain attack episodehttps://www.youtube.com/watch?v=_asJ2AN7cbA PromptLock malware episodehttps://www.youtube.com/watch?v=lKcUwLPBC8k MCP security episodehttps://www.youtube.com/watch?v=IkV6jkuYz5g Zero Trust episodes playlisthttps://www.youtube.com/playlist?list=PLF5mXtEG4t5wigSRB3fpyFfMYp3l1Ux2g Zero Trust infographic (PDF)https://on2it.s3.us-east-1.amazonaws.com/250429_Infographic_ZT.pdf Threat Talks is built for CISOs and security leaders navigating real trade-offs—not vendor promises.Subscribe for grounded insight on Zero Trust execution, AI-driven threats, SOC automation, and preemptive security from practitioners in the field. Click here to view the episode transcript. 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    41 min
See All (110)

Trailer

About

Threat Talks is your cybersecurity knowledge hub. Unpack the latest threats and explore industry trends with top experts as they break down the complexities of cyber threats. We make complex cybersecurity topics accessible and engaging for everyone, from IT professionals to every day internet users by providing in-depth and first-hand experiences from leading cybersecurity professionals. Join us for monthly deep dives into the dynamic world of cybersecurity, so you can stay informed, and stay secure!

Information