This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Contenuto fornito da Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Simile a Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Daily update on current cyber security threats
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
We help founders make something people want.
…
continue reading
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
))
Defensive Security Podcast Episode 283
Manage episode 446245515 series 1344233
Contenuto fornito da Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
“They Can’t All Be Winners”
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat explore several pressing cybersecurity topics as of October 2024. The discussion begins by addressing the rapid increase in vulnerability exploitation speeds, with a highlight that 70% of exploitable flaws in 2023 were zero-days, now being exploited within just five days. They stress the importance of effective patch management and prioritization tactics using tools like the CISA KEV list and Tenable’s Viper score. The episode also touches on the evolving nature of automated and targeted exploits, the critical role of timely patching, and the balance between production disruptions and security risks. The conversation broadens to include evolving endpoint security challenges, ransomware trends, and the need for vigilance in adapting to new threats. Additionally, the hosts discuss innovative ways to counter sophisticated attacks, such as leveraging more secure token-based authentication methods over SMS-based MFA. Lastly, the episode delves into how North Korean IT operatives infiltrate companies to steal sensitive data, the implications for remote work, and the importance of robust identity verification processes in hiring. Throughout, the focus remains on adapting to the dynamic threat landscape and continuous reassessment of security strategies.
00:00 Introduction and Casual Banter
00:41 Current Job Market Challenges
02:02 Cybersecurity Landscape Overview
02:20 Google’s Zero-Day Vulnerability Report
04:03 Importance of Patch Management
05:04 Trends in Exploitation Timelines
11:24 Strategies for Mitigating Vulnerabilities
20:03 Red Team Tool: EDR Silencer
26:52 Microsoft’s Ransomware Defense
27:25 Ransomware Attacks: A Decrease Despite the Increase
28:13 The Role of Unmanaged Devices in Cyber Attacks
28:39 Multi-Factor Authentication: Effectiveness and Adaptation
30:07 The Arms Race in Cybersecurity
30:49 The Importance of Phishing-Resistant MFA
32:11 The Rise of SIM Cloning in Ransomware
32:44 Challenges in Adopting Advanced Security Measures
36:46 North Korean IT Workers: A New Threat
40:50 The Future of Remote Hiring and Verification
49:03 Conclusion and Final Thoughts
Links:
- https://www.bleepingcomputer.com/news/security/google-70-percent-of-exploited-flaws-disclosed-in-2023-were-zero-days/
- https://www.trendmicro.com/en_us/research/24/j/edrsilencer-disrupting-endpoint-security-solutions.html
- https://www.theregister.com/2024/10/15/microsoft_ransomware_attacks/
- https://www.bleepingcomputer.com/news/security/undercover-north-korean-it-workers-now-steal-data-extort-employers/
272 episodi
Defensive Security Podcast Episode 283
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Condividi
Manage episode 446245515 series 1344233
Contenuto fornito da Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
“They Can’t All Be Winners”
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat explore several pressing cybersecurity topics as of October 2024. The discussion begins by addressing the rapid increase in vulnerability exploitation speeds, with a highlight that 70% of exploitable flaws in 2023 were zero-days, now being exploited within just five days. They stress the importance of effective patch management and prioritization tactics using tools like the CISA KEV list and Tenable’s Viper score. The episode also touches on the evolving nature of automated and targeted exploits, the critical role of timely patching, and the balance between production disruptions and security risks. The conversation broadens to include evolving endpoint security challenges, ransomware trends, and the need for vigilance in adapting to new threats. Additionally, the hosts discuss innovative ways to counter sophisticated attacks, such as leveraging more secure token-based authentication methods over SMS-based MFA. Lastly, the episode delves into how North Korean IT operatives infiltrate companies to steal sensitive data, the implications for remote work, and the importance of robust identity verification processes in hiring. Throughout, the focus remains on adapting to the dynamic threat landscape and continuous reassessment of security strategies.
00:00 Introduction and Casual Banter
00:41 Current Job Market Challenges
02:02 Cybersecurity Landscape Overview
02:20 Google’s Zero-Day Vulnerability Report
04:03 Importance of Patch Management
05:04 Trends in Exploitation Timelines
11:24 Strategies for Mitigating Vulnerabilities
20:03 Red Team Tool: EDR Silencer
26:52 Microsoft’s Ransomware Defense
27:25 Ransomware Attacks: A Decrease Despite the Increase
28:13 The Role of Unmanaged Devices in Cyber Attacks
28:39 Multi-Factor Authentication: Effectiveness and Adaptation
30:07 The Arms Race in Cybersecurity
30:49 The Importance of Phishing-Resistant MFA
32:11 The Rise of SIM Cloning in Ransomware
32:44 Challenges in Adopting Advanced Security Measures
36:46 North Korean IT Workers: A New Threat
40:50 The Future of Remote Hiring and Verification
49:03 Conclusion and Final Thoughts
Links:
- https://www.bleepingcomputer.com/news/security/google-70-percent-of-exploited-flaws-disclosed-in-2023-were-zero-days/
- https://www.trendmicro.com/en_us/research/24/j/edrsilencer-disrupting-endpoint-security-solutions.html
- https://www.theregister.com/2024/10/15/microsoft_ransomware_attacks/
- https://www.bleepingcomputer.com/news/security/undercover-north-korean-it-workers-now-steal-data-extort-employers/
272 episodi
सभी एपिसोड
×
Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.
Simile a Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Daily update on current cyber security threats
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
We help founders make something people want.
…
continue reading
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
