Category: Podcast

Defensive Security Podcast Episode 333

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Want to be the first to hear our episodes each week?  Become a Patreon donor here.

Links to this week’s stories:

https://www.theregister.com/2025/12/09/hypervisor_ransomware_attacks_increasing

https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable

https://www.infosecurity-magazine.com/news/log4shell-downloaded-40-million

https://www.infosecurity-magazine.com/news/ncsc-raises-alarms-prompt

https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html?m=1

Defensive Security Podcast Episode 332

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Want to be the first to hear our episodes each week?  Become a Patreon donor here.

Links to this week’s stories:

https://www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics

https://www.theregister.com/2025/11/28/posthog_shaihulud/?td=keepreading / https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem

https://www.theregister.com/2025/11/27/scattered_lapsus_hunters_zendesk/

https://www.theregister.com/2025/11/25/akira_ransomware_acquisitions

Browser extensions pushed malware to 4.3M Chrome, Edge users • The Register

Defensive Security Podcast Episode 323

Podcast: Play in new window | Download | Embed

Subscribe: RSS

 

Please follow us on YouTube

Want episodes a week early?  Consider becoming a Patreon sponsor of the DefSec podcast here.

Here are links to the stories we talked about this week:

https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/

https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages

https://cybersecuritynews.com/finwise-insider-breach/

https://arstechnica.com/security/2025/09/how-weak-passwords-and-other-failings-led-to-catastrophic-breach-of-ascension/

Defensive Security Podcast Episode 322

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Here are the stories we discuss this week:

https://natlawreview.com/article/qantas-airways-cuts-executive-pay-after-cyber-incident-governance-signal-industry

https://www.securityweek.com/ransomware-losses-climb-as-ai-pushes-phishing-to-new-heights

https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack

https://www.theregister.com/2025/09/12/huntress_attacker_surveillance

LunaLock Ransomware threatens victims by feeding stolen data to AI models
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

Defensive Security Podcast Episode 321

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Listen and Watch Defensive Security Episodes a week early by becoming a Patreon donor: https://www.patreon.com/defensivesec

Please subscribe to our YouTube channel: Defensive Podcasts – Cyber Security & Infosec. – YouTube

Links:

  • https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen/
  • https://www.bleepingcomputer.com/news/security/ai-powered-malware-hit-2-180-github-accounts-in-s1ngularity-attack/
  • https://www.cbc.ca/news/canada/hamilton/cybersecurity-breach-1.7597713
  • https://www.bleepingcomputer.com/news/security/6-browser-based-attacks-all-security-teams-should-be-ready-for-in-2025/
  • https://www.bleepingcomputer.com/news/security/hackers-use-new-hexstrike-ai-tool-to-rapidly-exploit-n-day-flaws/

Defensive Security Podcast Episode 317

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Want to support our show? Want to get access to episodes a week before everyone else? Become a patreon sponsor here: https://www.patreon.com/defensivesec

If you’re in Atlanta on August 20, you can join us for a LIVE episode at Mission 25. Register here: MCS Mission: Security’25

Our new merch store is live: DefSec Store

We’ve added a lot of new items and will continue to do so over time.

On to the show.

 

Here are the links for this week’s episode:

Defensive Security Podcast Episode 314

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Want to support us? Want even MORE DefSec? Starting this week, we are providing more DefSec for our Patreon donors. Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec

Links:

  • https://www.theregister.com/2025/07/10/cisa_citrixbleed_kev/
  • https://www.axios.com/2025/07/08/scattered-spider-cybercrime-hackers
  • https://www.bleepingcomputer.com/news/security/employee-gets-920-for-credentials-used-in-140-million-bank-heist/

Additional links for Patreon donors:

  • https://www.theregister.com/2025/07/13/fake_it_worker_problem/
  • https://www.theregister.com/2025/07/09/chatgpt_jailbreak_windows_keys/

Defensive Security Podcast Episode 313

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Want to support us?  Want even MORE DefSec?  Starting this week, we are providing more DefSec for our Patreon donors.  Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec

 

https://www.youtube.com/watch?v=BRzMJbBZ490

Links:

  • https://www.csoonline.com/article/4012801/the-top-red-teamer-in-the-us-is-an-ai-bot.html
  • https://www.darkreading.com/endpoint-security/attackers-top-brands-callback-phishing
  • https://www.darkreading.com/cyber-risk/initial-access-broker-self-patches-zero-days
  • https://www.darkreading.com/cybersecurity-operations/ransomware-reshaped-how-cyber-insurers-perform-security-assessments
  • https://www.darkreading.com/endpoint-security/phishing-training-doesnt-work

Defensive Security Podcast Episode 309

Podcast: Play in new window | Download | Embed

Subscribe: RSS

Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec

Links: 

https://www.theregister.com/2025/06/06/chatgpt_for_evil/
https://www.theregister.com/2025/06/06/ransomware_negotiation/
https://www.darkreading.com/cyber-risk/how-to-approach-security-era-ai-agents
https://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/
https://www.theregister.com/2025/06/04/kiranapro_cyberattack_deletes_cloud_resources/ / https://x.com/deepakravindran/status/1930776943101894869

Defensive Security Podcast Episode 307

Podcast: Play in new window | Download | Embed

Subscribe: RSS

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant data breach at Coinbase, the challenges of cryptocurrency security, the importance of patch management, and the evolving landscape of cyber threats. They also discuss insider threats, the failures of rigid security programs, and the overlooked cybersecurity risks in mergers and acquisitions. The episode concludes with a discussion on emerging threats, particularly the potential for ransomware to infect CPUs.

Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec

Links:
https://go.theregister.com/feed/www.theregister.com/2025/05/21/coinbase_confirms_insider_breach_affects/
https://www.theregister.com/2025/05/14/improve_patching_strategies/
https://www.bleepingcomputer.com/news/security/ransomware-gangs-increasingly-use-skitnet-post-exploitation-malware/
https://www.darkreading.com/vulnerabilities-threats/rigid-security-programs-fail
https://www.darkreading.com/cyber-risk/hidden-cybersecurity-risks-mergers-acquisitions
https://www.theregister.com/2025/05/11/cpu_ransomware_rapid7/