![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
126 episodes
![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
The Cyber Threat Perspective SecurIT360
-
- Technology
-
-
5.0 • 10 Ratings
-
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.
-
Episode 101: Infostealers - 10,000 Victims a Day
Text us feedback!In this episode, Spencer and Brad dive into the deep underworld of infostealer malware. They discuss what infostealers are, how they are used and what they are used for. They will dig into how the information obtained from infostealers can help cyber threat actors compromise large and small organizations, cloud providers and more but also how the infostealer data and logs can be used by authorities for good.Resources10,000 Victims a Day: Infostealer Garden of Low-Hanging Frui...
-
(Replay) How We Hack Medical Devices To Save Lives
Text us feedback!Discover the vulnerabilities lurking within medical devices and how ethical hacking can safeguard patient care. Join Brad, VP of Offensive Security at SecurIT360, as he unpacks the risks and protections against cyber threats in healthcare tech.- Unveiling the risks of wireless communication vulnerabilities in insulin pumps and glucose monitors that could be exploited through advanced hacking techniques.- Demonstrating the use of tools like ESP32, Hashcat, and attack scenarios...
-
Episode 100: The OpenSSH RegreSSHion Vulnerability
Text us feedback!In this episode, Spencer and Brad discuss the OpenSSH "regreSSHion" vulnerability. This is being tracked as CVE-2024-6409 & CVE-2024-6387. A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.Links:https://nvd.nist.gov/vuln/detail/CVE-2024-6...
-
Episode 99: Tool Time - OneDriveEnum & AD Miner
Text us feedback!In this episode, Spencer and Tyler discuss two of their current favorite tools: OneDriveEnum for enumerating user accounts in Microsoft 365 and AD Miner for visualizing attack paths in Active Directory. We hope you enjoy and get value from this episode!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
-
Episode 98: Current State of M365 Attacks: Initial Access
Text us feedback!In this episode, we discuss the latest trends and techniques for enumerating Microsoft 365. We break down how attackers may identify M365 tenants, how they discover and validate accounts and what you as an IT admin can do to protect your organization in-light of this. Topics covered: Credential Stuffing, Brute Force Attacks, Password Spraying, Prompt Bombing, Session Hijacking, Adversary-in-the-Middle (AiTM) Attacks, OAuth Phishing, Legacy Authentication Protoc...
-
Episode 97: Current State of M365 Attacks: Enumeration
Text us feedback!In this episode, we discuss the latest trends and techniques for enumerating Microsoft 365. We break down how attackers may identify M365 tenants, how they discover and validate accounts and what you as an IT admin can do to protect your organization in-light of this.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
Customer Reviews
Pentesting 101
My go to podcast for understanding the nuts/bolts of pentesting. Appreciate you guys!
Worth a listen
Great insight and advice and actually very entertaining.
Rock stars!
This group of folks are the best of the best! Amazing talent sharing their brains with the world. I’m here for it.