This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM - Internet Radio Done Right
Checked 3d ago
เพิ่มแล้วเมื่อ fourปีที่ผ่านมา
เนื้อหาจัดทำโดย YusufOnSecurity.Com เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดหาให้โดยตรงจาก YusufOnSecurity.Com หรือพันธมิตรแพลตฟอร์มพอดแคสต์ของพวกเขา หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่แสดงไว้ที่นี่ https://th.player.fm/legal
ที่คล้ายกับ YusufOnSecurity.com
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - แอป Podcast
ออฟไลน์ด้วยแอป Player FM !
ออฟไลน์ด้วยแอป Player FM !
))
พอดคาสต์ที่ควรค่าแก่การฟัง
สปอนเซอร์
<
<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/mind-the-business-small-business-success-stories">Mind The Business: Small Business Success Stories</a></span>
Owning a small business can be one of the most rewarding and challenging things a person does. Amid an uncertain economy and ever-evolving consumer trends, there is a lot to figure out and navigate to ensure your business thrives. Join hosts Jannese Torres (Yo Quiero Dinero) and Austin Hankwitz (Rate of Return) as they connect with small business owners and hear their stories about managing the ups and downs of starting and growing a small business. Listen to "Mind the Business: Small Business Success Stories" and learn valuable lessons from their experiences that will guide you along the way through your own small business journey.
167 - Preparing for and responding to ransomeware attack
Manage episode 413375978 series 2872461
เนื้อหาจัดทำโดย YusufOnSecurity.Com เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดหาให้โดยตรงจาก YusufOnSecurity.Com หรือพันธมิตรแพลตฟอร์มพอดแคสต์ของพวกเขา หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่แสดงไว้ที่นี่ https://th.player.fm/legal
Enjoying the content? Let us know your feedback!
Ransomware is a threat that will be around us for the foreseeable future.
In this week's episode we will look at the history of ransomware, the common TTPs in use by threat actors such as Turla, how to align our incident response to that threat and others, and finally how to contain, eradicate, and recover from it.
In addition we will answer the following pertinent question that are top of minds for the SOC team. Questions such as:
- What are the best methods to inhibiter Threat actor's lateral movement?
- What are the critical components that drive ransomware?
etc...
But before we dig into these gems, lets touch one important top trending piece of news. And that is:
- CISA makes its malware analysis system publicly available
- https://www.cisa.gov: CISA Announces Malware Next-Gen Analysis
- https://attack.mitre.org: Turla
- https://www.chainalysis.com: ransomware 2024
- https://www.cohesity.com: Ransomware Recovery
Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.
219 ตอน
แบ่งปัน
Manage episode 413375978 series 2872461
เนื้อหาจัดทำโดย YusufOnSecurity.Com เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดหาให้โดยตรงจาก YusufOnSecurity.Com หรือพันธมิตรแพลตฟอร์มพอดแคสต์ของพวกเขา หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่แสดงไว้ที่นี่ https://th.player.fm/legal
Enjoying the content? Let us know your feedback!
Ransomware is a threat that will be around us for the foreseeable future.
In this week's episode we will look at the history of ransomware, the common TTPs in use by threat actors such as Turla, how to align our incident response to that threat and others, and finally how to contain, eradicate, and recover from it.
In addition we will answer the following pertinent question that are top of minds for the SOC team. Questions such as:
- What are the best methods to inhibiter Threat actor's lateral movement?
- What are the critical components that drive ransomware?
etc...
But before we dig into these gems, lets touch one important top trending piece of news. And that is:
- CISA makes its malware analysis system publicly available
- https://www.cisa.gov: CISA Announces Malware Next-Gen Analysis
- https://attack.mitre.org: Turla
- https://www.chainalysis.com: ransomware 2024
- https://www.cohesity.com: Ransomware Recovery
Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.
219 ตอน
ทุกตอน
×
Enjoying the content? Let us know your feedback! In this week's episode we are touching an intriguing topic. We're going to explore Agentic AI, a fascinating area within artificial intelligence that focuses on autonomous systems capable of making decisions and performing tasks without human intervention. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear But we before we dive into the topic, lets recap the top security news this week: Microsoft defender will isolate undiscovered endpoing to block attacks - https://learn.microsoft.com : Whatsbnew in Microsoft Defender Endpoint - Apri 2025 - https://en.wikipedia.org : Alan Turing - https://www.nvidia.com : Agentic AI Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! This week, we re going to explore what Fast Flux is, a sophisticated technique used by cybercriminals to evade detection and maintain their malicious activities. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear. So without further ado, grab your coffee, or keep your eyes on the road if you are driving, sit back, and let's get started!" HellCat Ransomware - https://therecord.media: Schneider Electric Hackers Accessed Internal Project Tracking Platform - https://www.infosecurity-magazine.com: Hellcat Ransomware Humiliation - https://attack.mitre.org : Dynamic Resolution: Fast Flux DNS - https://www.cisa.gov : Fasst Flux, A National Security Threat Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! This week's episode is continuation of Troy Hunt's cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll continue to break down what happened, how it happened, and what we can all learn from this incident. Stay tuned till the end where we bust our myth of the week! We will also look at this week's cyber security news which is Ubuntu Linux security bypasses - https://blog.qualys.co m: Qualys TRU Discovers Three Bypasses of Ubuntu Unprivileged User Namespace Restrictions - https://www.troyhunt.com : A sneaky phish just grabbed my Mailchimp mailing list Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! In this week's episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll break down what happened, how it happened, and what we can all learn from this incident. Stay tuned till the end for tips on how to stay vigilant against phishing attacks and our myth of the week! we will also look at the cyber security news. Here is what caught my attention this week. - PSTools dll injection vulnerability - https://www.foto-video-it.de : Disclosure Sysinternals (You will need to translate to English if you are not a German speaker) - https://learn.microsoft.com : PSTool - https://www.troyhunt.com : A sneaky phish just grabbed my Mailchimp mailing list Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization's security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the game. Threat emulation aims to identify and mitigate security gaps before attackers exploit them, providing a more comprehensive evaluation than traditional assessments. Before we dive into the main topic, lets glance what is happening on the security front: March Microsoft Patch Tuesday has landed! - https://msrc.microsoft.com : March 2025 Security Updates - https://detect-respond.blogspot.com : Pyramid Of Pain - https://www.atomicredteam.io : Atomic Read Team - https://www.ecb.europa.eu /paym/cyber-resilience/tiber-eu/html/index.en.html Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and delivering malicious payloads in ways that are both creative and devastating. Over the next 20 to 30 minutes or so, we’ll break down what polyglot files are, how they work, and why they’re so dangerous. We’ll also examine some real-world examples where polyglot files were used in cyberattacks. We will reference the MITRE ATT&CK framework to understand how these techniques fit into the broader landscape of adversarial tactics. Finally, we’ll discuss mitigation strategies and close with a cybersecurity myth that needs busting Before we dive into the main topic, lets glance what is happening on the security front: UEFI Secure Boot bypass vulnerability - https://en.wikipedia.org : Polyglot - https://attack.mitre.org : Masquerading - https://arxiv.org : Where the Polyglots Are: How Polyglot Files Enable Cyber Attack Chains and Methods for Detection & Disarmament - https://medium.com : Polyglot Files A Hackers Best Friend - https://www.bleepingcomputer.com : New polyglot malware hits aviation, satellite communication firms Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
1 213 - Stealing Data in Plain Sight -How Cybercriminals Exfiltrate Your Secrets and How to Stop Them 50:53
Enjoying the content? Let us know your feedback! In today's episode, we're diving deep into Data Exfiltration; one of the most serious threats facing organizations today. We'll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools and techniques attackers use, and, most importantly, how organizations can defend themselves. We’ll also cover real-world examples, including publicly known cases that had major consequences. So, whether you're a seasoned security professional or just starting out in the field, stick around as we unravel the methods attackers use and how to stop them. First lets look at one of the trending security news this week, and that is: News: Caldera Vulnerability - https://github.com/mitre/caldera : Security Notice - https://nvd.nist.gov : CVE-2025-27364 - https://medium.com : MITRE Caldera Security Advisory — Remote Code Execution (CVE-2025–27364) - https://www.mitre.org : Caldera Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! We are continuing with part 2 of "Behind the Login Screen - Understanding OS Authentication." If you missed our first episode, I highly recommend giving it a listen before diving into today's content. In part one, we started to explore the fascinating world of operating system authentications, focusing on Windows, Linux/Unix, and Mac OS. We discussed how hashes are used in authentication, the concept of salt in passwords, rainbow table attacks. In today's episode, we'll build on that foundation and delve even deeper into the topic of OS authentication mechanisms. So again, if you haven't already, make sure to catch up on part one to get the full picture. Now, let's get started with part two of our journey into the world of OS authentication! lets look at one of the trending security news this week, and that is: - Newly discovered OpenSSH vulnerabilities. - https://blog.qualys.com : Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466 - https://learn.microsoft.com : Kerberos Authentication Overview Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! In today's episode, we're going to explore the fascinating topic of operating systems authentications. We all use it but how many of us wondered how the behind the curtains machinery work. We'll be focusing on Windows, Linux/Unix, and Mac OS. We'll discuss how hashes are used in authentication, the concept of salt in passwords, rainbow table attacks and their countermeasures, the benefits of password-less authentication using hardware keys, password cracking, the shadow file in Unix/Linux, and the mechanics of how each OS protects passwords and how attackers try to circumvent these protections. Scareware blocker, now available in Microsoft Edge - https://blogs.windows.com : Stand Up To Scareware With Scareware Blocker - https://learn.microsoft.com : Kerberos Authentication Overview - https://www.microsoft.com : Scareware Blocker Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! As AI-generated content becomes more advanced, the risk of adversarial misuse—where bad actors manipulate AI for malicious purposes—has skyrocketed. But what does this mean in practical terms? What risks do we face, and how one of the big players is addressing them? Stick around as we break Google’s Adversarial Misuse of Generative AI report, explain the key jargon, and bust a cybersecurity myth at the end of the show. Before we get into the main topic, lets have a look at one important news update, and that is: Microsoft has expanded its Windows 11 administrator protection tests - https://cloud.google.com : Adversarial Misuse of Generative AI - https://deepmind.google : Mapping the misuse of generative AI - https://learn.microsoft.com : User Account Control overview - https://learn.microsoft.com : How User Account Control works Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! Today, we’ve got something really exciting for you. If you’ve been following the world of artificial intelligence lately, you’ve probably heard a lot about a new player in town: DeepSeek. Now, let me tell you, DeepSeek is shaking things up. They’re doing something completely different that’s not only disrupting the AI space but could also be a game-changer in how we approach cost, performance, and security in the future of AI technology. So, grab a seat on a solid ground and buckle up—this week, we’re diving into how **DeepSeek** is leveling the playing field for AI vendors everywhere, cutting costs, and leveraging some really smart techniques that are turning heads in the industry. And, of course, at the end of today’s episode, we’ll be busting a big cybersecurity myth that might surprise you. But first, let’s talk all things DeepSeek. Before we dive into the main, we will also bring you update todate on the news front: - Deepseek date breach. Yes they were hit already! - https://www.technologyreview.com : How DeepSeek ripped up the AI playbook—and why everyone’s going to follow its lead - https://www.digitaltrends.com : Microsoft is letting anyone use ChatGPT’s $200 reasoning model for free - https://www.wiz.io : Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! In this episode we will detail the significant announcement from Let’s Encrypt – the trusted nonprofit Certificate Authority that has been at the forefront of making the web more secure. Let’s Encrypt has revealed its plans to drastically reduce the lifetime of its TLS certificates from 90 days to just 6 days. This decision, outlined in their 2024 annual report, is aimed at strengthening the security of online communications by minimizing the risks associated with compromised keys. But what does this mean for website owners, IT administrators, and the broader cybersecurity landscape? That’s what we’ll explore in detail today. - https://community.letsencrypt.org : 2024 ISRG Annual Report - https://www.malwarebytes.com : 7-zip bug could allow a bypass of a windows security feature update now - https://digital.nhs.uk : Proof-of-Concept Exploit Released for CVE-2025-0411 in 7-Zip Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! This episode is one for you system admins out there! Today we’re discussing three actively exploited vulnerabilities you absolutely need to know about—CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These vulnerabilities have been making headlines, and understanding them could mean the difference between staying secure and falling victim to a breach. We’ll explore what these vulnerabilities are, how they’re being exploited, the adversaries leveraging them, and what organizations and individuals can do to protect themselves. And, as always, we’ll break down the jargon and bust a popular cybersecurity myth towards the end of the show. Before we get into the main topic, lets recap the top security news this week Microsoft dropped the January Patch Tuesday and boy was it a whopper! We will dig into the details in more ways than one! - https://isc.sans.edu : Microsoft January 2025 Patch Tuesday - https://www.theregister.com : Microsoft fixes under-attack privilege-escalation holes in Hyper-V Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I’m your host, Yusuf, and today’s episode is all about starting the new year with a solid plan. We’re diving into _Cybersecurity Resolutions for 2025: Best Practices for Individuals and Organizations._ As we step into a new year, it’s the perfect time to reflect on how we protect our digital lives—whether at home or in the workplace. From bolstering personal security habits to implementing stronger organizational policies, this episode will cover actionable resolutions you can adopt today. Along the way, we’ll explain key jargon, explore real-life examples, and, as always, bust a common cybersecurity myth at the end. - https://nypost.com : Apple users warned of hi-tech Mac malware that steals personal data, goes undetected for months— here’s how to stay safe - https://www.youtube.com : When Do We Get to Play On Easy Mode? Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! Today, we’re tackling a fundamental yet often misunderstood tool in every cybersecurity professional's arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short? As always, we’ll cut through the jargon and break things down for everyone—from seasoned professionals to those just beginning their journey in cybersecurity. And stick around until the end for this week’s myth-busting segment, where we debunk a misconception about cyber security in general that many people still believe. So grab your favorite beverage, get set, and let’s dive right in! Tenable Scanner Agent went offline globally All that coming up next, in this week episode. - https://docs.tenable.com : Tenable Nessus Agent 2025 Release Notes - https://www.splunk.com : Vulnerability Scanners Primer Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
1 204 - Recap of the best episodes of 2024 1:31:38
1:31:38 
ลิสต์เล่นในภายหลัง 
ลิสต์เล่นในภายหลัง 
ลิสต์ 
ถูกใจ 
ที่ถูกใจแล้ว1:31:38
ลิสต์เล่นในภายหลัง ลิสต์เล่นในภายหลัง ลิสต์ ถูกใจ ที่ถูกใจแล้วEnjoying the content? Let us know your feedback! This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all. Lets start with the first eisode 191 - Is The Browser The New Operating System? released on the 28th of September. Next is episode 172 - SSL VPN versus IPsec VPN - Part 1 and part 2 released 18th of May and 25 of May respectively. And finally Episode 191 - APIs and Webhooks released on the the 5th October. Enjoy and see you in the new year! Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! It is a topical episode we’re diving into a high-stakes challenge every organization faces: It is holiday season, how do you manage threats when most of the security team is off duty. Imagine a holiday season, a long weekend, or even an unexpected emergency. With key team members unavailable, how do we keep our defenses strong? This episode will provide actionable strategies, backed by real-world examples, to help you stay prepared. Stick around until the end, where we’ll also bust a common cybersecurity myth. - https://www.bleepingcomputer.com : CISA Urges Switch To Signal Like-Encrypted Messaging Apps After Telecom Hacks Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! In this week's episode, we’re diving into a concerning and highly consequential topic: the Volt Typhoon espionage campaign—an advanced persistent threat that has sent shockwaves through the cybersecurity and telecommunications industries. Volt Typhoon, a state-backed APT group, has been making headlines for its stealthy and highly sophisticated attacks on telecom networks. In this episode, we’ll dissect the technical details of this malware campaign, the vulnerabilities it exploited, and the regulatory loopholes that attackers took advantage of. We’ll also explore lessons the industry can learn to bolster defenses and, as always, bust a common cybersecurity myth along the way. As always, we will break down all the jargon so that anyone can understand. Whatever you are doing, settle in or keep your eyes on the road, and let’s get started. Before we get into the main topic, we will start with a recap of top trending security news this week...and that is: The Last Patch Tuesday - https://msrc.microsoft.com : Microsoft - December 2024 Security Updates - https://www.cisa.gov : CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity - https://www.cisco.com : China APT’s, Volt Typhoon, and what to do! - https://www.fcc.gov : Communications Assistance for Law Enforcement Act Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! This week episode, we dive into one of the most fascinating aspects of digital investigations: Windows forensic artifacts. It does not matter who you are: a security professional, an aspiring investigator, or simply curious about how experts uncover the digital breadcrumbs left on your computer, this episode will walk you through the essential pieces of evidence, known as _forensic artifacts_. We’ll dip our hand into that Shellbags...wait what bags? I heard you say, Don't worry we will break down those complex terms, discuss real-world cases, and provide you with an in-depth understanding of artifacts like Shellbags, Prefetch files, and more. Before we go any futher, we will review one top trending security news, this week... and that is: Microsoft NTLM Zero Won't get fixed until April 2025! - https://blog.0patch.com : NTLM Hash Disclosure Vulnerability (0day) - https://www.splunk.com : Cyber Forensics - https://www.coursera.org : Digital Forensics Concepts Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! Today, we’re tackling a topic that every organization, big or small, absolutely must take seriously: Incident Response Playbook Imagine this: It’s 3 a.m., and your phone buzzes with an alert. A possible ransomware attack has been detected in your network. Do you panic, or do you execute a clear, structured plan? That’s the difference an Incident Response (IR) playbook can make—it turns chaos into control. Today, we’ll break down what an IR playbook is, why it’s crucial, and how to implement one effectively. We’ll demystify technical jargon and provide actionable insights that you can apply right away. Stick around for the final section, where we’ll bust a common cybersecurity myth that everyone should know about. Before we go ahead with the show, lets review the top trending security news this week: https://www.bleepingcomputer.com : Microsoft TPM is non-negotiable https://learn.microsoft.com : Windows 11 Hardware and Software Requirements Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! This week, we’re diving into a hot-off-the-presses report from the FBI, CISA, and NSA —a breakdown of the most exploited vulnerabilities of 2023. Think of this as the hackers' “most wanted” list: the weaknesses in software and systems that bad actors love to exploit because they’re effective and widely available. Before we get into that, lets review the top security news this week. Pygmy Goat: The Sophisticated Linux Backdoor Targeting Network Devices - https://www.ncsc.gov.uk : Pygmy Goat Analysis - https://www.cisa.gov : 2023 Top Routinely Exploited Vulnerabilities Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! Today, we’ll dive into what browser engines are, how they power your online experiences, and the security efforts shaping the modern web. We’ll also unpack extension security, with a spotlight on Google’s Manifest v3, and see how Safari and Firefox approach these challenges. Whether you’re a casual browser user or a budding tech enthusiast, this episode is designed to give you insight into a part of your digital life that you might not even realize exists—the browser engine. So If phrases like “browser engines” and “Manifest v3” sound daunting, don’t worry! I’ll break it all down so it’s as simple as possible. By the end, you’ll not only understand these terms but also appreciate why they’re crucial for a safer internet. Before we get started, lets review a top trending piece of news this week....and that is: iOS 18.1 Forcing Reboots - https://www.macrumors.com : iOS 18.1 Forcing Reboots - https://en.wikipedia.org : Browser_engine, what they are - https://en.wikipedia.org : Comparison OF Browser Engines Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! It is another week and another podcast shaw on YusufOnSecurity where we deep dive into the complex world of cybersecurity that concerns both professionals and anyone interested in how attackers continue to evolve their methods. This week we will be covering advanced malware evasion techniques—strategies used by malicious software to avoid detection—and, crucially, the countermeasures that can help protect against these threats. Before we get started, lets review a top trending piece of news this week....and that is: SANS' Holiday Hack Challenge 2024 is Up - https://www.sans.org : SANS' Holiday Hack Challenge 2024 - https://redcanary.com : Defense- Evasion Why Is It So Prominent How Can You Detect It? - https://attack.mitre.org/tactics/TA0005/ Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! In this week's episode I will unpack the complexities of the cybersecurity world and help you stay informed and secure. Today, we’re going to dig into some intriguing concepts shaping the cybersecurity landscape: the Shared Fate Model and Trust Anchors. Some say these concepts are becoming so vital in modern IT security, their pros and cons, and how they compare with traditional security models that, quite frankly, aren’t cutting it anymore. Before we get started, lets review a top trending piece of news this week....and that is: Australia looks at setting a minimum for social media use - https://edition.cnn.com : Australia Minimum Age Limit on Social Media - https://cloud.google.com : Shared Fate Model - https://csrc.nist.gov : Trust Anchor Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! Lets face it, the cyber crooks are always lurking aroud waiting for an opportunity to come in. They choose the path of least resistant and password is often their way in. Unfortunately password is still with us and for sometime to come too. In today episode, we’re digging deep into top common types of password attacks—and, most importantly, I’ll walk you through effective ways to stop them. Passwords are often the first line of defense, but they’re also a favorite target for hackers. Understanding these attack methods can empower you to protect your data better, avoid common pitfalls, and even educate those around you. So, let’s get into it! A newly discovered ransomware serves a wake up all for Mac Users. - https://xkcd.com : How To Create A Strong Password - https://haveibeenpwned.com : Have I Been Pawned - https://pages.nist.gov : Password - https://www.infosecurity-magazine.com : NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! This week's episode is an interview with Nadim Lahoud from Red Sift at GITEX the Global IT Expo that is held yearly in Dubai. It is the largest tech startup gathering in the world. Redsift is a company that provides a cloud-based DMARC, DKIM and SPF configuration and management platform called OnDMARC. They also provide: -Continuous certificate discovery and monitoring as well as -Brand Trust through AI-driven brand impersonation discovery and monitoring. Before we get into that we will recap the top trending security this week. That is: FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms - https://fidoalliance.org : Specifications Credential Exchange Specifications - https://redsift.com : About Red Sift Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! Today we’re going to peel back the layers of Microsoft Windows architecture. For many of us, Windows has been a part of our computing lives for decades, whether at work or at home. But how much do we really know about how it works under the hood? In this episode, we’ll take a closer look at what makes Windows tick, compare it with Unix/Linux systems, and explore how it has evolved over the years. Before we get into the topic, lets review this week's top trending security news: Criminals Are Testing Their Ransomware Campaigns in Africa - https://www.performanta.com : Africa A testing Ground - https://en.wikipedia.org : Architecture Of Windows NT - https://techcommunity.microsoft.com : Windows Architecture The Basics - https://learn.microsoft.com : Explore Windows Architecture/ Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! In today's episode, we’re diving into the world of APIs and Webhooks—two key technologies that power much of the automation and interaction between services online. Whether you’re a developer, security expert, or someone just curious about how data flows through the internet, this episode will give you valuable insights into how these tools work, their history, and, most importantly, how to keep them secure. We’ll also look at real-world examples of API-based attacks on major brands and break down what went wrong. By the end of this episode, you’ll have a full understanding of both APIs and Webhooks, and you’ll be armed with the must-know security measures for each. So, stick around and by keep listening! Having said that, lets have a look at the top trending news this week. Mitre launches AI Incident Sharing Initiative. Awsome move! - https://owasp.org : OWASP API Security Top 10 - https://ai-incidents.mitre.org : Mitre ATLAS Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Enjoying the content? Let us know your feedback! Today we’re discussing an exciting trend in the world of technology—the browser is no longer just a window to the web. So we asked is it becoming the operating system itself? From the early days of Mosaic and Netscape Navigator to today’s cloud-powered Chromebooks, the browser has evolved dramatically. In this episode, we’ll explore the security implication, the history of browsers, the famous browser wars, and how today’s browsers are blurring the lines between web interfaces and operating systems. Having said that, lets recap a top trending security news shall we? Exploiting CUPS: How Recent Vulnerabilities Could Compromise Linux Security - https://www.evilsocket.net : Attacking On UNIX Systems Via CUPS Part I - https://en.wikipedia.org : History of The Web Browsers - https://en.wikipedia.org : Browser Wars Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
Y
YusufOnSecurity.com
Enjoying the content? Let us know your feedback! In this episode lets look at the world of DevSecOps—a vital practice in modern software development that has implication on security. We’ll trace the history of software development, discuss the evolution of methodologies, and examine the challenges that have led to the emergence of DevSecOps. So, whether you’re a seasoned developer who is curious about the cyber security world, or a veteran security practitioner, this is an episode you would not want to miss.. As always, lets review what is trending in the news front first. Microsoft officially deprecates Windows Server Update Service aka WSUS. - https://techcommunity.microsoft.com : Windows Server Update Services WSUS Deprecation - https://www.cisco.com : Addressing Security Challenges in a Fast Evolving Landscape White Paper Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…
ขอต้อนรับสู่ Player FM!
Player FM กำลังหาเว็บ
Daily Deals
Daily Deals
ที่คล้ายกับ YusufOnSecurity.com
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - แอป Podcast
ออฟไลน์ด้วยแอป Player FM !
ออฟไลน์ด้วยแอป Player FM !
))
