Player FM - Internet Radio Done Right
5,811 subscribers
Checked 3d ago
Added eight years ago
Content provided by Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
Defensive Security Podcast Episode 245
Manage episode 252884612 series 1344233
Content provided by Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
296 episodes
Defensive Security Podcast Episode 245
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Manage episode 252884612 series 1344233
Content provided by Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
296 episodes
All episodes
×D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec Links: https://www.theregister.com/2025/07/10/cisa_citrixbleed_kev/ https://www.axios.com/2025/07/08/scattered-spider-cybercrime-hackers https://www.bleepingcomputer.com/news/security/employee-gets-920-for-credentials-used-in-140-million-bank-heist/ Additional links for Patreon donors: https://www.theregister.com/2025/07/13/fake_it_worker_problem/ https://www.theregister.com/2025/07/09/chatgpt_jailbreak_windows_keys/…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec https://www.youtube.com/watch?v=BRzMJbBZ490 Links: https://www.csoonline.com/article/4012801/the-top-red-teamer-in-the-us-is-an-ai-bot.html https://www.darkreading.com/endpoint-security/attackers-top-brands-callback-phishing https://www.darkreading.com/cyber-risk/initial-access-broker-self-patches-zero-days https://www.darkreading.com/cybersecurity-operations/ransomware-reshaped-how-cyber-insurers-perform-security-assessments https://www.darkreading.com/endpoint-security/phishing-training-doesnt-work…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec Links: https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/ https://www.bleepingcomputer.com/news/security/man-pleads-guilty-to-hacking-networks-to-pitch-security-services/ https://www.helpnetsecurity.com/2025/06/23/new-hire-phishing-risk/ Patreon exclusive discussions: https://www.helpnetsecurity.com/2025/06/27/cybersecurity-risk-reduction-breach-transparency/ https://www.theregister.com/2025/06/24/vulnerability_management_gap_noone_talks/…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links: https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/ https://www.bleepingcomputer.com/news/security/russian-hackers-bypass-gmail-mfa-using-stolen-app-passwords/ https://www.bleepingcomputer.com/news/security/north-korean-hackers-deepfake-execs-in-zoom-call-to-spread-mac-malware/ https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links: https://www.bleepingcomputer.com/news/security/sentinelone-shares-new-details-on-china-linked-breach-attempt/ https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html?m=1 https://www.csoonline.com/article/4002103/cisos-beware-genai-use-is-outpacing-security-controls.html https://thehackernews.com/2025/06/fin6-uses-aws-hosted-fake-resumes-on.html?m=1…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 309 1:00:41
1:00:41
Play Later
Play Later
Lists
Like
Liked1:00:41
Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links: https://www.theregister.com/2025/06/06/chatgpt_for_evil/ https://www.theregister.com/2025/06/06/ransomware_negotiation/ https://www.darkreading.com/cyber-risk/how-to-approach-security-era-ai-agents https://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/ https://www.theregister.com/2025/06/04/kiranapro_cyberattack_deletes_cloud_resources/ / https://x.com/deepakravindran/status/1930776943101894869…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of topics including the introduction of a new cryptocurrency, Guard Llama Coin, and the implications of recent cybersecurity incidents involving ConnectWise and ransomware attacks. They explore the challenges organizations face in responding to nation-state attacks, the complexities of ransomware tactics, and the importance of employee security awareness. The conversation emphasizes the need for timely patching and proactive security measures to protect against evolving threats. Links: https://www.theregister.com/2025/05/30/connectwise_compromised_by_sophisticated_government/ https://www.darkreading.com/application-security/dragonforce-ransomware-msp-supply-chain-attack https://www.darkreading.com/threat-intelligence/3am-ransomware-adopts-email-bombing-vishing…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 307 1:06:20
1:06:20
Play Later
Play Later
Lists
Like
Liked1:06:20
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant data breach at Coinbase, the challenges of cryptocurrency security, the importance of patch management, and the evolving landscape of cyber threats. They also discuss insider threats, the failures of rigid security programs, and the overlooked cybersecurity risks in mergers and acquisitions. The episode concludes with a discussion on emerging threats, particularly the potential for ransomware to infect CPUs. Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec Links: https://go.theregister.com/feed/www.theregister.com/2025/05/21/coinbase_confirms_insider_breach_affects/ https://www.theregister.com/2025/05/14/improve_patching_strategies/ https://www.bleepingcomputer.com/news/security/ransomware-gangs-increasingly-use-skitnet-post-exploitation-malware/ https://www.darkreading.com/vulnerabilities-threats/rigid-security-programs-fail https://www.darkreading.com/cyber-risk/hidden-cybersecurity-risks-mergers-acquisitions https://www.theregister.com/2025/05/11/cpu_ransomware_rapid7/…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


In this episode, Jerry and Andrew discuss the importance of data security, phishing attacks targeting hiring managers, the implications of paying ransoms, and the recent Disney data breach incident. They emphasize the need for better training for employees and the challenges of managing software supply chains. The conversation highlights the evolving landscape of cyber threats and the necessity for organizations to adopt more robust security practices. Links: https://www.darkreading.com/cyber-risk/venom-spider-phishing-scheme https://go.theregister.com/feed/www.theregister.com/2025/05/08/powerschool_data_extortionist/ https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads/ https://www.theregister.com/2025/05/02/disney_slack_hacker_revealed_to/ Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 305 1:25:09
1:25:09
Play Later
Play Later
Lists
Like
Liked1:25:09
In this episode, we discuss the Google Mandiant 2025 M-Trends report. The report is available here: https://services.google.com/fh/files/misc/m-trends-2025-en.pdf Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 304 1:02:48
1:02:48
Play Later
Play Later
Lists
Like
Liked1:02:48
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss the latest trends in cybersecurity, focusing on the rise of BEC scams and the significant losses attributed to cybercrime in 2024. They explore emerging threats, including social engineering tactics and hardware vulnerabilities, particularly in management interfaces. The conversation also delves into the complexities of vulnerability management, the risks associated with supply chain attacks in open source software, and the alarming rate at which CVEs are being exploited. The hosts emphasize the need for organizations to be proactive in their security measures and to understand the evolving landscape of cyber threats. Links: https://www.cybersecuritydive.com/news/fbi-internet-crime-bec-scams-investment-fraud-losses/746181/ https://www.bleepingcomputer.com/news/security/asus-releases-fix-for-ami-bug-that-lets-hackers-brick-servers/ https://www.theregister.com/2025/04/21/microsoft_apple_patch/ https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html https://thehackernews.com/2025/04/159-cves-exploited-in-q1-2025-283.html Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 303 1:01:33
1:01:33
Play Later
Play Later
Lists
Like
Liked1:01:33
Summary In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the rise of ransomware, the importance of backup strategies, and the implications of AI in phishing attacks. They discuss into the challenges of managing non-human identities and the need for effective communication of security metrics. The conversation also touches on the recent Oracle breach and the evolving landscape of cybersecurity threats. Links: https://www.cybersecuritydive.com/news/remote-access-tools-ransomware-entry/745144/ https://www.darkreading.com/cyberattacks-data-breaches/oracle-breach-2-obsolete-servers https://thehackernews.com/2025/04/explosive-growth-of-non-human.html?m=1 https://thehackernews.com/2025/04/security-theater-vanity-metrics-keep.html?m=1 https://www.securityweek.com/ai-now-outsmarts-humans-in-spear-phishing-analysis-shows/ Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 302 1:12:02
1:12:02
Play Later
Play Later
Lists
Like
Liked1:12:02
In this episode, Jerry and Andrew discuss various cybersecurity topics, including the recent Oracle Cloud security breach, a GitHub supply chain attack, insider threats, and the implications of AI in cybersecurity. They explore the challenges of maintaining trust in cloud services, the complexities of insider threats, and the evolving landscape of cybercrime driven by AI advancements. The conversation emphasizes the need for robust security measures and the importance of adapting to emerging threats in the cybersecurity realm. Links: https://www.bleepingcomputer.com/news/security/oracle-privately-confirms-cloud-breach-to-customers/ https://www.bleepingcomputer.com/news/security/recent-github-supply-chain-attack-traced-to-leaked-spotbugs-token/ ttps://www.securityweek.com/39-million-secrets-leaked-on-github-in-2024/ https://www.theregister.com/2025/04/02/deel_rippling_espionage/ https://www.securityweek.com/ai-giving-rise-of-the-zero-knowledge-threat-actor/ Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 301 1:09:18
1:09:18
Play Later
Play Later
Lists
Like
Liked1:09:18
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of cybersecurity topics, including the recent Oracle Cloud breach, the challenges of asset management in large environments, and the importance of prioritizing vulnerabilities. They also explore the findings from a pen test report, the implications of emerging threats like Medusa ransomware, and the need for better security practices in organizations. Links: https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/ https://thehackernews.com/2025/03/10-critical-network-pentest-findings-it.html?m=1 https://www.horizon3.ai/attack-research/attack-blogs/critical-or-clickbait-github-actions-and-apache-tomcat-rce-vulnerabilities-2025/ https://www.forbes.com/sites/daveywinder/2025/03/30/fbi-warns-use-2fa-as-time-traveling-hackers-strike/ https://www.reversinglabs.com/blog/epss-is-not-foolproof-shift-your-appsec-beyond-vulnerabilities Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec…
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec


1 Defensive Security Podcast Episode 300 1:02:00
1:02:00
Play Later
Play Later
Lists
Like
Liked1:02:00
Summary In this episode, we celebrate the 300th episode of the Defensive Security Podcast then discuss various cybersecurity topics including the rise of AI-driven threats, the importance of zero trust architecture, best practices for incident response, the impact of human error on security breaches, and the risks associated with collaboration tools. We also cover the dangers of malvertising campaigns exploiting platforms like GitHub. Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec Links: https://venturebeat.com/security/51-seconds-to-breach-how-cisos-are-fighting-back-against-lightning-fast-attacks/ https://www.theregister.com/2025/03/10/incident_response_advice/ https://www.scworld.com/news/95-of-data-breaches-involve-human-error-report-reveals https://www.darkreading.com/cyber-risk/remote-access-infra-remains-riskiest-corp-attack-surface https://www.bleepingcomputer.com/news/security/microsoft-says-malvertising-campaign-impacted-1-million-pcs/…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.