Enjoying the content? Let us know your feedback! In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization's security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the game. Threat emulation aims to identify and mitigate security…

Enjoying the content? Let us know your feedback! In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and delivering malicious payloads in ways that are both creat…

Enjoying the content? Let us know your feedback! In today's episode, we're diving deep into Data Exfiltration; one of the most serious threats facing organizations today. We'll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools and techniques attackers use, and, most importantly, how organizations c…

Enjoying the content? Let us know your feedback! We are continuing with part 2 of "Behind the Login Screen - Understanding OS Authentication." If you missed our first episode, I highly recommend giving it a listen before diving into today's content. In part one, we started to explore the fascinating world of operating system authentications, focusi…

Enjoying the content? Let us know your feedback! In today's episode, we're going to explore the fascinating topic of operating systems authentications. We all use it but how many of us wondered how the behind the curtains machinery work. We'll be focusing on Windows, Linux/Unix, and Mac OS. We'll discuss how hashes are used in authentication, the c…

Enjoying the content? Let us know your feedback! As AI-generated content becomes more advanced, the risk of adversarial misuse—where bad actors manipulate AI for malicious purposes—has skyrocketed. But what does this mean in practical terms? What risks do we face, and how one of the big players is addressing them? Stick around as we break Google’s …

Enjoying the content? Let us know your feedback! Today, we’ve got something really exciting for you. If you’ve been following the world of artificial intelligence lately, you’ve probably heard a lot about a new player in town: DeepSeek. Now, let me tell you, DeepSeek is shaking things up. They’re doing something completely different that’s not only…

Enjoying the content? Let us know your feedback! In this episode we will detail the significant announcement from Let’s Encrypt – the trusted nonprofit Certificate Authority that has been at the forefront of making the web more secure. Let’s Encrypt has revealed its plans to drastically reduce the lifetime of its TLS certificates from 90 days to ju…

Enjoying the content? Let us know your feedback! This episode is one for you system admins out there! Today we’re discussing three actively exploited vulnerabilities you absolutely need to know about—CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These vulnerabilities have been making headlines, and understanding them could mean the difference…

Enjoying the content? Let us know your feedback! This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I’m your host, Yusuf, and today’s episode is all about starting the new year with a solid plan. We’re diving into _Cybersecurity Resolutions for 2025: Best Practice…

Enjoying the content? Let us know your feedback! Today, we’re tackling a fundamental yet often misunderstood tool in every cybersecurity professional's arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short? As always, we’ll cut through the jargon and break things do…

Enjoying the content? Let us know your feedback! This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all. Lets start with the first eisode 191 - Is The Browser The New Operating System? released on the 28th of September. Next is episode 172 …

Enjoying the content? Let us know your feedback! It is a topical episode we’re diving into a high-stakes challenge every organization faces: It is holiday season, how do you manage threats when most of the security team is off duty. Imagine a holiday season, a long weekend, or even an unexpected emergency. With key team members unavailable, how do …

Enjoying the content? Let us know your feedback! In this week's episode, we’re diving into a concerning and highly consequential topic: the Volt Typhoon espionage campaign—an advanced persistent threat that has sent shockwaves through the cybersecurity and telecommunications industries. Volt Typhoon, a state-backed APT group, has been making headli…

Enjoying the content? Let us know your feedback! This week episode, we dive into one of the most fascinating aspects of digital investigations: Windows forensic artifacts. It does not matter who you are: a security professional, an aspiring investigator, or simply curious about how experts uncover the digital breadcrumbs left on your computer, this…

Enjoying the content? Let us know your feedback! Today, we’re tackling a topic that every organization, big or small, absolutely must take seriously: Incident Response Playbook Imagine this: It’s 3 a.m., and your phone buzzes with an alert. A possible ransomware attack has been detected in your network. Do you panic, or do you execute a clear, stru…

Enjoying the content? Let us know your feedback! This week, we’re diving into a hot-off-the-presses report from the FBI, CISA, and NSA —a breakdown of the most exploited vulnerabilities of 2023. Think of this as the hackers' “most wanted” list: the weaknesses in software and systems that bad actors love to exploit because they’re effective and wide…

Enjoying the content? Let us know your feedback! Today, we’ll dive into what browser engines are, how they power your online experiences, and the security efforts shaping the modern web. We’ll also unpack extension security, with a spotlight on Google’s Manifest v3, and see how Safari and Firefox approach these challenges. Whether you’re a casual b…

Enjoying the content? Let us know your feedback! It is another week and another podcast shaw on YusufOnSecurity where we deep dive into the complex world of cybersecurity that concerns both professionals and anyone interested in how attackers continue to evolve their methods. This week we will be covering advanced malware evasion techniques—strateg…

Enjoying the content? Let us know your feedback! In this week's episode I will unpack the complexities of the cybersecurity world and help you stay informed and secure. Today, we’re going to dig into some intriguing concepts shaping the cybersecurity landscape: the Shared Fate Model and Trust Anchors. Some say these concepts are becoming so vital i…

Enjoying the content? Let us know your feedback! Lets face it, the cyber crooks are always lurking aroud waiting for an opportunity to come in. They choose the path of least resistant and password is often their way in. Unfortunately password is still with us and for sometime to come too. In today episode, we’re digging deep into top common types o…

Enjoying the content? Let us know your feedback! This week's episode is an interview with Nadim Lahoud from Red Sift at GITEX the Global IT Expo that is held yearly in Dubai. It is the largest tech startup gathering in the world. Redsift is a company that provides a cloud-based DMARC, DKIM and SPF configuration and management platform called OnDMAR…

Enjoying the content? Let us know your feedback! Today we’re going to peel back the layers of Microsoft Windows architecture. For many of us, Windows has been a part of our computing lives for decades, whether at work or at home. But how much do we really know about how it works under the hood? In this episode, we’ll take a closer look at what make…

Enjoying the content? Let us know your feedback! In today's episode, we’re diving into the world of APIs and Webhooks—two key technologies that power much of the automation and interaction between services online. Whether you’re a developer, security expert, or someone just curious about how data flows through the internet, this episode will give y…

Enjoying the content? Let us know your feedback! Today we’re discussing an exciting trend in the world of technology—the browser is no longer just a window to the web. So we asked is it becoming the operating system itself? From the early days of Mosaic and Netscape Navigator to today’s cloud-powered Chromebooks, the browser has evolved dramaticall…

Enjoying the content? Let us know your feedback! In this episode lets look at the world of DevSecOps—a vital practice in modern software development that has implication on security. We’ll trace the history of software development, discuss the evolution of methodologies, and examine the challenges that have led to the emergence of DevSecOps. So, wh…

Enjoying the content? Let us know your feedback! Today’s topic is one that mixes the marvel of modern technology with some very real concerns. We’re talking about the rise of Large Language Models, or LLMs, how they’re rapidly being adopted across industries, and the potential for sensitive data leakage on the open web. It’s a thrilling time for AI…

Enjoying the content? Let us know your feedback! In this episode we’re diving into an important topic that concerns one of the most trusted hardware security tokens on the market—the YubiKey 5 series. We’ll discuss a recently discovered vulnerability affecting YubiKeys and go over what it means for the broader world of authentication and cryptograp…

Enjoying the content? Let us know your feedback! Today, we will look into two essential cybersecurity solutions: File Integrity Monitoring or FIM and Endpoint Detection and Response, commonly known as EDR. Both of these technologies are crucial for protecting systems, but they work in very different ways. We’ll be comparing and contrasting their ca…

Enjoying the content? Let us know your feedback! In today episode we’re diving into something that’s been making waves in the cybersecurity community—NIST Cybersecurity Framework 2.0. The NIST Cybersecurity Framework has long been a cornerstone for building robust security practices, and with the release of version 2.0, there are some exciting new …

Enjoying the content? Let us know your feedback! In this week's episode we will dig in exploring a critical framework that’s reshaping how organizations approach cybersecurity—especially in the energy sector—known as the Cybersecurity Capability Maturity Model. This is also refer to C2M2. We’ll unpack what C2M2 is, why it’s so important, and how it…

Enjoying the content? Let us know your feedback! In this week's episode, we’re unpacking a topic that’s crucial for anyone connected to the digital world: _Why Hackers Target Stolen Credentials_. From understanding the value behind those stolen usernames and passwords to exploring the dark web marketplaces where they’re traded, we’ll break it all d…

Enjoying the content? Let us know your feedback! In this week's episode, we're diving into the Malware Information Sharing Platform, or MISP. We'll explore how MISP helps organizations share and leverage threat intelligence, enhancing their defense against cyber threats. Stay tuned as we unpack its features, benefits, challenges, and practical tips…

Enjoying the content? Let us know your feedback! In this week's episode, we will dig into the risk benefit analysis of allowing kernel level access to third party application. We will look into the inherent risks this brings into the operating system and the benefit thereof. We will also compare the approach the two major operatic system makers too…

Enjoying the content? Let us know your feedback! This week's episode needs very little introduction: The CrowdStrike IT Outage. We will delve into the unprecedented IT outage caused by a corrupt update from CrowdStrike, which led to widespread Blue Screen of Death (BSOD) errors on Windows systems across globe. Join us as we explore how this inciden…

Enjoying the content? Let us know your feedback! As I said in part of this two part series episode, It's easy to feel like nothing is secure these days, with constant reports of data breaches and exploits occurring everywhere you look. From major corporations to small businesses, no one seems immune to these pervasive cyber threats. The frequency a…

Enjoying the content? Let us know your feedback! It's easy to feel like nothing is secure these days, with constant reports of data breaches and exploits occurring everywhere you look. From major corporations to small businesses, no one seems immune to these pervasive cyber threats. The frequency and scale of these incidents can make it seem like o…

Enjoying the content? Let us know your feedback! In this episode, we’re focusing on the rising trend of IT outsourcing and its implications for cybersecurity. As more businesses delegate non-core tasks to third-party providers, they inadvertently open doors to trust relationship attacks. We'll explore how attackers exploit the trust between compani…

Enjoying the content? Let us know your feedback! This week's episode will continue with part 2 of "The Importance of Automation and Orchestration in Cyber Security." As I said in the episode one, the need for efficient and effective security measures has never been more critical. I suggest you listen to E1, before you dive into this one. Without fu…

Enjoying the content? Let us know your feedback! In this week's episode of the podcast we dissect "The Importance of Automation and Orchestration in Cyber Security." As you are well aware cyber threats are becoming increasingly sophisticated and frequent. The need for efficient and effective security measures has never been more critical. Equally, …

Enjoying the content? Let us know your feedback! In this week's episode, we're tackling a topic that has become increasingly relevant in our post-pandemic world: the hidden dangers posed by remote work. As more companies embrace flexible work arrangements, the convenience and efficiency of working from home bring new set of challenges. From cyberse…

Enjoying the content? Let us know your feedback! In this week's episode we're exploring an exciting and transformative innovation: Digital Twins technology and its groundbreaking application in cybersecurity. Imagine having a virtual replica of your entire digital infrastructure—a detailed, dynamic model that mirrors every aspect of your environmen…

Enjoying the content? Let us know your feedback! In this episode we continue with part 2 on comparing SSL VPN and IPsec VPN, two popular technologies used for secure remote access. As I said last week, understanding the nuances of these technologies is therefore crucial. We'll explore how each VPN works, their security features, performance differe…

Enjoying the content? Let us know your feedback! In this week's episode we're diving into the world of VPNs, Specifically we will compare SSL VPN and IPsec VPN, two popular technologies used for secure remote access. In the post pandemic area, remote work become part of the new normal post. Understanding the nuances of these technologies is therefo…

Enjoying the content? Let us know your feedback! In this week's episode, we will be exploring the fascinating world of remote browser isolation technology or RBI as it appreciated. We will delve into what remote browser isolation is, how it works, and the limitations it faces. Join us as we uncover the complexities of this innovative cybersecurity …

Enjoying the content? Let us know your feedback! In part 2 on eBPF we continue demystifying this promising new technology that is strengthening the cyber space. Please listen to the previous episode i.e. Episode 169 before you to listen to this one. Having said that, lets recap a top trending security news, shall we? New UK Law: No Default Password…

Enjoying the content? Let us know your feedback! In this episode, we're diving deep to demystif a groundbreaking technology that's gathering pace on the security front. It is not something most people are aware of. This technology is bringing enhanced visibility, increased performance to enabling powerful security measures. Hang around as we unrave…

Enjoying the content? Let us know your feedback! In this week's episode, we will continue with part 2 on "Preparing for and responding to ransomeware attack" As I said last week, ransomware is a threat that will be around us for the foreseeable future. Do listen to part 1 before you listen to this episode. With that out of the way, lets have a look…

Enjoying the content? Let us know your feedback! Ransomware is a threat that will be around us for the foreseeable future. In this week's episode we will look at the history of ransomware, the common TTPs in use by threat actors such as Turla, how to align our incident response to that threat and others, and finally how to contain, eradicate, and r…

Enjoying the content? Let us know your feedback! This week we will dive into a collection of powerful system utilities and tools designed to help users diagnose, troubleshoot, and monitor Windows operating system. These utilities provide advanced functionality beyond what is typically available in Windows, as they offer insights into system interna…