
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Defensive Security is a weekly information security podcast that reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that can be learned and applied to the organizations we protect.
Episodes
Defensive Security Podcast Episode 352
Please consider supporting the DefSec podcast here.
This week’s stories:
https://www.securityweek.com/npm-12-will-change-script-execution-behavior-to-prevent-supply-chain-attacks/
https://www.bleepingcomputer.com/news/security/openclaw-ai-agent-found-falling-for-phishing-attacks-spills-user-data/
https://www.cybersecuritydive.com/news/cisa-vulnerability-remediation-prioritization-dire
Defensive Security Podcast Episode 351
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.theregister.com/cyber-crime/2026/06/05/if-you-dont-fall-for-these-extortionists-calls-theyll-show-up-with-usb-sticks/5251891
https://thehackernews.com/2026/06/only-10-of-socs-say-theyre-getting.html?m=1
https://arstechnica.com/security/2026/06/dashlane-explains-how-attackers-managed-to-d
Defensive Security Podcast Episode 350
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.darkreading.com/threat-intelligence/ai-assisted-exploit-development-scanner-detection
https://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/
https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-f
Defensive Security Podcast Episode 349
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://thehackernews.com/2026/05/claude-mythos-ai-finds-10000-high.html
https://www.tenable.com/blog/key-findings-from-the-verizon-dbir-2026
https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/
https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-
Defensive Security Podcast Episode 348
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.securityweek.com/openai-hit-by-tanstack-supply-chain-attack/
https://thehackernews.com/2026/05/developer-workstations-are-now-part-of.html
https://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.html
https://www.theregister.com/cyber-crime/2026/05/14/security-pros-doubt-
Defensive Security Podcast Episode 347
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/
https://www.theregister.com/security/2026/05/06/1-in-8-workers-say-selling-company-logins-is-justifiable/5231104
https://www.theregister.com/security/2026/05/02/ai-digs-up-decades-of-code-de
Defensive Security Podcast Episode 346
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.darkreading.com/cloud-security/csa-cisos-prepare-post-mythos-exploit-storm
https://www.csoonline.com/article/4159292/insurance-carriers-quietly-back-away-from-covering-ai-outputs.html
https://www.livescience.com/technology/artificial-intelligence/hackers-used-ai-to-steal-hundreds-of-
Defensive Security Podcast Episode 345
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrialized
https://www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/
https://www.bleepingcomputer.com/news/security/google-new-unc6783-hackers-steal-co
Defensive Security Podcast Episode 344
Please consider supporting the DefSec podcast here.
Links to stories:
https://www.computerweekly.com/news/366640648/Emergency-Microsoft-Oracle-patches-point-to-wider-cyber-issues
https://www.theregister.com/2026/03/27/security_boffins_harvest_bumper_crop/
https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html?m=1
https://www.theregister.com/2026/03/24/trivy_compromise_l
Defensive Security Podcast Episode 343
Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.darkreading.com/identity-access-management-security/more-attackers-logging-in-not-breaking-in
https://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/
https://www.csoonline.com/article/4147833/cisa-urges-it-to-harden-endpoint-ma
Defensive Security Podcast Episode 342B
This time it’s not a rerun!
]Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.bleepingcomputer.com/news/security/ransomware-payment-rate-drops-to-record-low-as-attacks-surge/
https://www.securityweek.com/recent-cisco-catalyst-sd-wan-vulnerability-now-widely-exploited/
https://www.darkreading.com/cyberattacks-data-breaches/nati
Defensive Security Podcast Episode 341
Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/
https://www.theregister.com/2026/02/16/open_source_registries_fund_security/
https://www.bleepingcomputer.com/news/security/infostealer-malware-found-stealing-openclaw-secrets-for-fi
Defensive Security Podcast Episode 340
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.theregister.com/2026/02/02/notepad_hijacking_lotus_blossom/
https://www.bleepingcomputer.com/news/security/fake-job-recruiters-hide-malware-in-developer-coding-challenges/
https://www.bleepingcomputer.com/news/security/amos-infostealer-targets-macos-through-a-popular-ai-app/
https://www.there
Defensive Security Podcast Episode 339
Please consider supporting the DefSec podcast here.
Links to the stories we cover in this episode:
https://www.theregister.com/2026/01/29/faster_patching_please_cry_infoseccers/
https://thehackernews.com/2026/01/mandiant-finds-shinyhunters-using.html?m=1
https://www.bleepingcomputer.com/news/security/marquis-blames-ransomware-breach-on-sonicwall-cloud-backup-hack/
https://thehackernews.com
Defensive Security Podcast Episode 338
Please consider supporting the DefSec podcast here.
Links to the stories we cover in this episode:
https://www.bleepingcomputer.com/news/security/hackers-exploit-security-testing-apps-to-breach-fortune-500-firms/
https://www.securityweek.com/analysis-of-6-billion-passwords-shows-stagnant-user-behavior/
https://www.theregister.com/2026/01/20/group_ib_ai_cycercrime_subscriptions/
https://ww
Defensive Security Podcast Episode 337
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to the stories in this episode:
https://www.theregister.com/2026/01/09/pyongyangs_cyberspies_are_turning_qr/
https://www.scworld.com/perspective/five-ways-to-conduct-a-more-secure-hiring-process
https://cybersecuritynews.com/vmware-esxi-exploited-toolkit/
https://www.darkreading.com/cyber-risk/ciso-suc
Defensive Security Podcast Episode 336
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.darkreading.com/cyber-risk/cybersecurity-tech-recommended-by-cyber-insurer-claims-data
https://www.bleepingcomputer.com/news/security/trust-wallet-links-85-million-crypto-theft-to-shai-hulud-npm-attack/
https://www.securityweek.com/hacker-claims-theft-of-40-million-c
Defensive Security Podcast Episode 335
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.bleepingcomputer.com/news/security/webrat-malware-spread-via-fake-vulnerability-exploits-on-github/
https://cybersecuritynews.com/mongobleed-poc-exploit-mongodb/
https://cybersecuritynews.com/fortigate-firewall-vulnerability/
https://cybersecuritynews.com/oracle
Defensive Security Podcast Episode 334
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Merry Christmas and Happy Holidays!
Links to this week’s stories:
https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/
https://thehackernews.com/2025/12/russia-linked-hackers-use-microsoft-365.html?m=1
https://cybersecuritynews.com/amazon-catches-north-korean-it-worker/
Defensive Security Podcast Episode 333
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.theregister.com/2025/12/09/hypervisor_ransomware_attacks_increasing
https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable
https://www.infosecurity-magazine.com/news/log4shell-downloade
Defensive Security Podcast Episode 332
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics
https://www.theregister.com/2025/11/28/posthog_shaihulud/?td=keepreading / https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem
https://www.theregister.com/2025/11/27/scattered_laps
Defensive Security Podcast Episode 331B
Reposting Episode 331 due to the wrong mp3 attached to the original.
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations
https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/ne
Defensive Security Podcast Episode 330
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.cybersecuritydive.com/news/nevada-ransomware-attack-traced-back-to-malware-download-by-employee/805011/
https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools
https://www.darkreading.com/application-security/owasp-highlights-s
Defensive Security Podcast Episode 329
https://www.youtube.com/watch?v=3BaNujBx62Y
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.theregister.com/2025/11/03/mit_sloan_updates_ai_ransomware_paper/
https://www.theregister.com/2025/10/29/ey_exposes_4tb_sql_database/
https://www.darkreading.com/cyber-risk/zombie-projects-rise-again-undermine-securit
Defensive Security Podcast Episode 328
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links we discuss this week:
https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html?m=1
https://www.cybersecuritydive.com/news/artificial-intelligence-security-risks-ey-report/803490/
https://www.cybersecuritydive.com/news/ai-augment-security-identity-soc/803608/
https://www.darkreadin
Defensive Security Podcast Episode 327
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.cybersecurity-insiders.com/how-ai-will-shape-the-future-of-cyber-defense-a-one-three-and-five-year-outlook/
https://www.helpnetsecurity.com/2025/10/15/f5-big-ip-data-breach/
https://www.bleepingcomputer.com/news/security/fake-lastpass-bitwarden-breach-alerts-l
Defensive Security Podcast Episode 326
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Here are the stories we discuss this week:
https://cybersecuritynews.com/hackers-actively-compromising-databases/
https://www.bleepingcomputer.com/news/security/hackers-target-university-hr-employees-in-payroll-pirate-attacks/
https://securityaffairs.com/183154/security/threat-actors-steal-firewall-configs-
Defensive Security Podcast Episode 325
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Here are links to the stories we discuss this week:
https://www.theregister.com/2025/09/29/postmark_mcp_server_code_hijacked/
https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/
https://www.bleepingcomputer.com/news/security/westjet-data-breach-expo
Defensive Security Podcast Episode 324
Here are links to the stories we discuss this week:
https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign
https://thehackernews.com/2025/09/github-mandates-2fa-and-short-lived.html
https://www.theregister.com/2025/09/23/gartner_ai_attack/
https://www.bleepingcomputer.com/news/security/sonicwall-releases-sma100-firmware-update-to-wipe-rootkit-malware/
https://ww
Defensive Security Podcast Episode 323
Please follow us on YouTube!
Want episodes a week early? Consider becoming a Patreon sponsor of the DefSec podcast here.
Here are links to the stories we talked about this week:
https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
https://blog.lastpass.com/posts/att
Defensive Security Podcast Episode 322
Here are the stories we discuss this week:
https://natlawreview.com/article/qantas-airways-cuts-executive-pay-after-cyber-incident-governance-signal-industry
https://www.securityweek.com/ransomware-losses-climb-as-ai-pushes-phishing-to-new-heights
https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack
https://www.thereg
Defensive Security Podcast Episode 321
Listen and Watch Defensive Security Episodes a week early by becoming a Patreon donor: https://www.patreon.com/defensivesec
Please subscribe to our YouTube channel: Defensive Podcasts – Cyber Security & Infosec. – YouTube
Links:
https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen/
https://www.bleepingcomputer.com/news/security/ai-powered-malwar
Defensive Security Podcast Episode 320
Links to stories:
https://securityaffairs.com/181430/security/after-sharepoint-attacks-microsoft-stops-sharing-poc-exploit-code-with-china.html
https://www.cybersecuritydive.com/news/software-vulnerabilities-breaches-checkmarx-report/757793/
https://www.securityinfowatch.com/cybersecurity/article/55309774/even-security-leaders-are-breaking-ai-rules-calypsoai-report
https://www.dar
Defensive Security Podcast Episode 318
I have no idea why Riverside.fm (the service we use to record the podcast) has such an audio/video sync problem for the first minute or so of the recording. We’re working on it…
On to the show. Here are the links for this week’s episode:
https://www.bleepingcomputer.com/news/security/new-downgrade-attack-can-bypass-fido-auth-in-microsoft-entra-id
https://www.ble
Defensive Security Podcast Episode 317
Want to support our show? Want to get access to episodes a week before everyone else? Become a patreon sponsor here: https://www.patreon.com/defensivesec
If you’re in Atlanta on August 20, you can join us for a LIVE episode at Mission 25. Register here: MCS Mission: Security’25
Our new merch store is live: DefSec Store
We’ve added a lot of new items and will continue to do so over time.
On to the
Defensive Security Podcast Episode 316
Want to support our show? Want to get access to episodes a week before everyone else? Become a patreon sponsor here: https://www.patreon.com/defensivesec
If you’re in Atlanta on August 20, you can join us for a LIVE episode at Mission 25. Register here: MCS Mission: Security’25
Our new merch store is live: DefSec Store
We’ve added a lot of new items and will continue
Defensive Security Podcast Episode 315
If you’re in Atlanta on August 20, you can join us for a LIVE episode at Mission 25. Register here: MCS Mission: Security’25
Our new merch store is live(ish): DefSec Store – We’ll be adding more items as time goes on. This is managed through Printify, which has a quite expansive range of products to logo up.
Also, some of you may know that Jerry is into ph
Defensive Security Podcast Episode 314.5
Episode 315 is available for our patreon donors and will be posted for everyone else on Monday, July 28. Going forward, episodes will be released to our patreon donors shortly after recording and will be released to everyone else a week later. If you want to become a patreon donor, you can do so here: https://www.patreon.com/defensivesec
Also, our new merch store is live and available here: http
Defensive Security Podcast Episode 314
Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec
Links:
https://www.theregister.com/2025/07/10/cisa_citrixbleed_kev/
https://www.axios.com/2025/07/08/scattered-spider-cybercrime-hackers
https://www.bleepingcomputer.com/news/security/employ
Defensive Security Podcast Episode 313
Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec
https://www.youtube.com/watch?v=BRzMJbBZ490
Links:
https://www.csoonline.com/article/4012801/the-top-red-teamer-in-the-us-is-an-ai-bot.html
https://www.darkreading.com/endpoint-security
Defensive Security Podcast Episode 312
Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec
Links:
https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/
https://www.bleepingcomputer.com/news/security/man-pleads-guilty-to-hack
Defensive Security Podcast Episode 311
Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec
Links:
https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/
https://www.bleepingcomputer.com/news/security/russian-hackers-bypass-gmail-mfa-using-stolen-app-passwords/
https://www.bleepingcomputer.com
Defensive Security Podcast Episode 310
Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec
Links:
https://www.bleepingcomputer.com/news/security/sentinelone-shares-new-details-on-china-linked-breach-attempt/https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html?m=1https://www.csoonline.com/article/4002103/cisos-beware-genai-use-is-ou
Defensive Security Podcast Episode 309
Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec
Links:
https://www.theregister.com/2025/06/06/chatgpt_for_evil/https://www.theregister.com/2025/06/06/ransomware_negotiation/https://www.darkreading.com/cyber-risk/how-to-approach-security-era-ai-agentshttps://www.bleepingcomputer.com/news/security/coin
Defensive Security Podcast Episode 308
Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of topics including the introduction of a new cryptocurrency, Guard Llama Coin, and the implications of recent cybersecurity incidents involving ConnectWise and ran
Defensive Security Podcast Episode 307
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant data breach at Coinbase, the challenges of cryptocurrency security, the importance of patch management, and the evolving landscape of cyber threats. They also discuss insider threats, the failures of rigid security programs, and the overlooked cybe
Defensive Security Podcast Episode 306
In this episode, Jerry and Andrew discuss the importance of data security, phishing attacks targeting hiring managers, the implications of paying ransoms, and the recent Disney data breach incident. They emphasize the need for better training for employees and the challenges of managing software supply chains. The conversation highlights the evolving landscape of cyber threats and the necessity
Defensive Security Podcast Episode 305
In this episode, we discuss the Google Mandiant 2025 M-Trends report. The report is available here: https://services.google.com/fh/files/misc/m-trends-2025-en.pdf
Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec
Defensive Security Podcast Episode 304
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss the latest trends in cybersecurity, focusing on the rise of BEC scams and the significant losses attributed to cybercrime in 2024. They explore emerging threats, including social engineering tactics and hardware vulnerabilities, particularly in management interfaces. The conversation also delves into the
Defensive Security Podcast Episode 303
Summary
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the rise of ransomware, the importance of backup strategies, and the implications of AI in phishing attacks. They discuss into the challenges of managing non-human identities and the need for effective communication of security metrics. The conversati
Defensive Security Podcast Episode 302
In this episode, Jerry and Andrew discuss various cybersecurity topics, including the recent Oracle Cloud security breach, a GitHub supply chain attack, insider threats, and the implications of AI in cybersecurity. They explore the challenges of maintaining trust in cloud services, the complexities of insider threats, and the evolving landscape of cybercrime driven by AI advancements. The convers
Defensive Security Podcast Episode 301
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of cybersecurity topics, including the recent Oracle Cloud breach, the challenges of asset management in large environments, and the importance of prioritizing vulnerabilities. They also explore the findings from a pen test report, the implications of emerging threats like Medusa ransomware, and
Defensive Security Podcast Episode 300
Summary
In this episode, we celebrate the 300th episode of the Defensive Security Podcast then discuss various cybersecurity topics including the rise of AI-driven threats, the importance of zero trust architecture, best practices for incident response, the impact of human error on security breaches, and the risks associated with collaboration tools. We also cover the dangers of malvertising
Defensive Security Podcast Episode 299
Summary
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a Disney employee’s mishap with an AI tool that led to a significant hack, vulnerabilities in VMware ESX hypervisors, and a developer’s sabotage of their ex-employer. They also explore the implications of GitHub repository exposure and the gro
Defensive Security Podcast Episode 298
In this episode of the Defense of Security podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a recent incident involving notorious hackers breaching a company network in under an hour, strategies to defend against deepfake attacks, the targeting of freelance developers by North Korean adversaries, vulnerabilities in Palo Alto firewalls, and the emergence
Defensive Security Podcast Episode 297
Become a Patreon supporter of the show here: https://www.patreon.com/defensivesec
Links:
https://www.cybersecuritydive.com/news/ransomware-gangs–tactics-/739937/
https://www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/
https://arstechnica.com/information-technology/2025/02/russian-spies-use-device-code-phishing-to-hijack
Defensive Security Podcast Episode 296
In this episode of the Defense of Security Podcast, Jerry Bell and Andrew Kalat discuss the evolving landscape of cybersecurity threats, focusing on ransomware tactics that exploit insider threats, the hijacking of LLM resources, and the effectiveness of phishing simulations. They explore how adversaries are increasingly targeting employees to gain access to sensitive data and how organizations ca
Defensive Security Podcast Episode 295
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the alarming statistics surrounding ransomware attacks, the implications of paying ransoms, and the evolving nature of ransomware as a broader category of cyber threats. They also discuss the consolidation of security tools and the skepticism surrounding it,
Defensive Security Podcast Episode 294
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a hidden backdoor in Juniper routers, PayPal’s recent data breach settlement, the exploitation of older Ivanti bugs, the PowerSchool data breach affecting millions, and CISA’s new software security recommendations. The conversation emphasizes the importan
Defensive Security Podcast Episode 293
“Another day, another data breach.”
In this episode of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss a significant data breach affecting hotel reservation data, regulatory actions taken against GoDaddy for poor security practices, and the evolving landscape of cyber attacks. They emphasize the importance of proactive defense strategies and innovative detection tec
Defensive Security Podcast Episode 292
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the dangers of malware disguised as proof of concept code on GitHub, the alarming rise in phishing attacks, the implications of a recent Treasury hack, and the targeted attacks on Ivanti’s security products. The conversation emphasizes the need for skepticism i
Defensive Security Podcast Episode 291
Summary
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant incident involving a Tenable plugin update that disrupted Nessus agents worldwide. They delve into the implications of malicious Chrome extensions and sophisticated phishing attacks, particularly focusing on a recent incident involving OAuth tru
Defensive Security Podcast Episode 290
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the FTC’s order for Marriott and Starwood to enhance their data security measures, a recent hijacking of a Chrome extension, and emerging threats for 2025. They also delve into the implications of AI in cybersecurity, emphasizing the need for governance and ris
Defensive Security Podcast Episode 289
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a year-long supply chain attack that compromised 390,000 credentials, the U.S. government’s bounty for information on North Korean IT worker farms, and the alarming number of vulnerabilities found in software containers. They also delve into the implications of
Defensive Security Podcast Episode 288
In this episode of the Defensive Security Podcast, we discuss the anticipated rise of Mac malware, the economic implications of new top-level domains (TLDs) for phishing, innovative phishing techniques using corrupt documents, and the risks associated with open-source software. We also explore the concept of risk homeostasis in cybersecurity, examining how users’ perceptions of security can
Defensive Security Podcast Episode 287
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various topics including their holiday plans, updates on their podcast, and significant cybersecurity incidents. They delve into a recent Wi-Fi breach involving Russian hackers, CrowdStrike’s IT outage and its implications for customer retention, and the discovery of malware exploiting vulnerable dev
Defensive Security Podcast Episode 286
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the launch of their new podcast, Getting Defensive. They delve into a CISA report on exploited vulnerabilities, highlighting the concerning trend of zero-day vulnerabilities being exploited. The conversation also covers a GitHub incident involving malicious commits a
Defensive Security Podcast Episode 285
In this episode of the Defensive Security Podcast, we discuss the theft of cloud credentials, the exploitation of SharePoint vulnerabilities, evolving malware techniques, and the importance of cyber due diligence for suppliers. They reflect on the challenges of managing secrets, the implications of auto-updates, and the need for robust risk management practices in the face of increasing cyber thre
Defensive Security Podcast Episode 284
Delta’s Lawsuit, SEC Penalties, and Fortinet’s Zero-Day Exploit In this episode, hosts Jerry Bell and Andrew Kellett discuss current cybersecurity issues, starting with Delta Air Lines’ $500 million lawsuit against CrowdStrike over an IT outage and data breach. They explore SEC penalties imposed on tech companies for downplaying the SolarWinds hack’s impact, followed by an
Defensive Security Podcast Episode 283
“They Can’t All Be Winners”
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat explore several pressing cybersecurity topics as of October 2024. The discussion begins by addressing the rapid increase in vulnerability exploitation speeds, with a highlight that 70% of exploitable flaws in 2023 were zero-days, now being exploited within just five d
Defensive Security Podcast Episode 282
Episode 282: Exploiting Trust in Cybersecurity Practices In episode 282 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kallett discuss several cybersecurity topics. They highlight a phishing attack outlined by Microsoft, where cybercriminals leverage file-hosting services like OneDrive and Dropbox to exploit trust and compromise identities. The episode also explores concerns about
Defensive Security Podcast Episode 281
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity events and issues. The episode opens with discussion on the recent weather impacts affecting Asheville and lessons for disaster preparedness in the security industry. A significant portion of the episode is dedicated to CrowdStrike’s recent Capitol Hill testimony, examining the
Defensive Security Podcast Episode 280
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kellett delve into key cybersecurity topics. They discuss a recent statement by CISA director Jen Easterly on holding software manufacturers accountable for product defects rather than vulnerabilities, and the need for derogatory names for threat actors to deter cybercrime. The episode also covers Disney’s decisio
Defensive Security Podcast Episode 279
In Episode 279 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss the latest cybersecurity news and issues. Stories include Transportation for London requiring in-person password resets after a security incident, Google’s new ‘air-gapped’ backup service, the impact of a rogue ‘Whois’ server, and the ongoing ramifications of the Moveit breach. The e
Defensive Security Podcast Episode 278
In episode 278 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss various recent cybersecurity topics. The episode starts with light-hearted banter about vacations before diving into the main topics. Key discussions include a new vulnerability in YubiKey that requires sophisticated physical attacks, resulting in a low overall risk but sparking debate about hardware firmware upd
Defensive Security Podcast Episode 277
In this episode, Jerry Bell and Andrew Kalat discuss various topics in the cybersecurity landscape, including the influence of cyber insurance on risk reduction for companies and how insurers offer guidance to lower risks. They touch upon the potential challenges with cybersecurity maturity in organizations and the consultant effect. The episode also goes into detail about issues surrounding kerne
Defensive Security Podcast Episode 276
Check out the latest Defensive Security Podcast Ep. 276! From cow milking robots held ransom to why IT folks dread patching, Jerry Bell and Andrew Kalat cover it all. Tune in and stay informed on the latest in cybersecurity!
Summary:
In episode 276 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat delve into a variety of security topics including a ransomware attack on a Swedish
Defensive Security Podcast Episode 275
Links:
https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf
https://www.theregister.com/2024/08/05/crowdstrike_is_not_at_all/
https://www.theverge.com/2024/8/6/24214371/microsoft-delta-letter-crowdstrike-response-comments
https://www.linkedin.com/posts/alexstamos_why-crowdstrikes-baffling-bsod-disaster-activity-7224046054076243969-1
Defensive Security Podcast Episode 274
https://www.bleepingcomputer.com/news/security/over-3-000-github-accounts-used-by-malware-distribution-service/
https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us
https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/
https://www.darkreading.com/cybersecurity-operations/crowdstrike-outage-losses-estimate
Defensive Security Podcast Episode 273
The Joe Sullivan Verdict – Unfair? – Which Part? (cybertheory.io)
Fujitsu Details Non-Ransomware Cyberattack (webpronews.com)
5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy (thehackernews.com)
Sizable Chunk of SEC Charges Vs. SolarWinds Dismissed (darkreading.com)
CrowdStrike CEO apologizes for crashing IT systems around the world, details fix | CSO Online
Summary:
Cy
Recommended

Dear Dr. Tracy

Richard Syrett's Strange Planet

Beyond Broken Vows | Christian Marriage, Adultery, Pornography Addiction, Sexual Betrayal, Infidelity

The iLLogical Sense Podcast

GROWING IN TRUTH

The Prince by Niccolò Machiavelli

The Rise and Fall of Ruby Franke

Social Media for B2B Growth: LinkedIn Strategy for B2B Marketers

Somewhere in the Skies

Buddhability

Raíces - El Podcast de la Dra María Velasco

Artículos de Abre la Biblia