This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
תוכן מסופק על ידי Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לDefensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Syntax - Tasty Web Development Treats
Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers
4k
901
Full Stack Developers Wes Bos and Scott Tolinski dive deep into web development topics, explaining how they work and talking about their own experiences. They cover from JavaScript frameworks like React, to the latest advancements in CSS to simplifying web tooling.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Defensive Security Podcast Episode 296
Fetch error
Hmmm there seems to be a problem fetching this series right now.
Last successful fetch was on May 12, 2025 15:32 (
What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Manage episode 465678455 series 1344233
תוכן מסופק על ידי Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
In this episode of the Defense of Security Podcast, Jerry Bell and Andrew Kalat discuss the evolving landscape of cybersecurity threats, focusing on ransomware tactics that exploit insider threats, the hijacking of LLM resources, and the effectiveness of phishing simulations. They explore how adversaries are increasingly targeting employees to gain access to sensitive data and how organizations can better protect themselves against these threats. The conversation also covers the ethical implications of phishing tests and the need for a more supportive approach to security awareness training. In this episode, Jerry and Andrew discuss the challenges faced by cybersecurity teams, the dynamics between security and other business units, and the importance of learning from incidents to improve security practices. They explore the balance between enabling business operations and maintaining security, the implications of generative AI in the workplace, and the need for effective governance around AI usage. The conversation emphasizes the proactive role security professionals must take in navigating these complexities while ensuring organizational safety.
Takeaways
- Ransomware attackers are increasingly using insider threats to gain access.
- Greed can turn employees into insider threats, especially in tough economic times.
- LLM hijacking is a new tactic that exploits compromised API keys.
- Phishing simulations may create a rift between users and IT security teams.
- Punitive measures for phishing failures can lead to underreporting of actual attacks.
- Security awareness training should focus on protecting users, not punishing them.
- Adversaries are finding valid API keys to exploit cloud resources.
- The effectiveness of phishing simulations is being questioned by experts.
- Organizations need to do a better job at protecting their secrets and credentials.
- The cybersecurity landscape is rapidly evolving, requiring constant adaptation. Cybersecurity teams often feel like janitors cleaning up after others.
- Organizational dynamics can create resentment in security teams.
- Learning from incidents is crucial for improving security practices.
- Balancing security needs with business operations is essential.
- Generative AI presents both risks and opportunities for organizations.
- Effective governance is needed for AI usage in business.
- Security professionals must help businesses understand risk management.
- Building relationships across departments can improve security outcomes.
- AI tools should be used with proper agreements to protect data.
- The landscape of AI in business is rapidly evolving and requires adaptation.
Links
- https://www.scworld.com/news/ransomware-attackers-turn-to-workers-for-data-breach-access
- https://www.darkreading.com/application-security/llm-hijackers-deepseek-api-keys
- https://www.wsj.com/tech/cybersecurity/phishing-tests-the-bane-of-work-life-are-getting-meaner-76f30173
- https://www.securityweek.com/security-teams-pay-the-price-the-unfair-reality-of-cyber-incidents/
- https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
288 פרקים
Defensive Security Podcast Episode 296
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
שתפו
Fetch error
Hmmm there seems to be a problem fetching this series right now.
Last successful fetch was on May 12, 2025 15:32 (
What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Manage episode 465678455 series 1344233
תוכן מסופק על ידי Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Jerry Bell and Andrew Kalat, Jerry Bell, and Andrew Kalat או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
In this episode of the Defense of Security Podcast, Jerry Bell and Andrew Kalat discuss the evolving landscape of cybersecurity threats, focusing on ransomware tactics that exploit insider threats, the hijacking of LLM resources, and the effectiveness of phishing simulations. They explore how adversaries are increasingly targeting employees to gain access to sensitive data and how organizations can better protect themselves against these threats. The conversation also covers the ethical implications of phishing tests and the need for a more supportive approach to security awareness training. In this episode, Jerry and Andrew discuss the challenges faced by cybersecurity teams, the dynamics between security and other business units, and the importance of learning from incidents to improve security practices. They explore the balance between enabling business operations and maintaining security, the implications of generative AI in the workplace, and the need for effective governance around AI usage. The conversation emphasizes the proactive role security professionals must take in navigating these complexities while ensuring organizational safety.
Takeaways
- Ransomware attackers are increasingly using insider threats to gain access.
- Greed can turn employees into insider threats, especially in tough economic times.
- LLM hijacking is a new tactic that exploits compromised API keys.
- Phishing simulations may create a rift between users and IT security teams.
- Punitive measures for phishing failures can lead to underreporting of actual attacks.
- Security awareness training should focus on protecting users, not punishing them.
- Adversaries are finding valid API keys to exploit cloud resources.
- The effectiveness of phishing simulations is being questioned by experts.
- Organizations need to do a better job at protecting their secrets and credentials.
- The cybersecurity landscape is rapidly evolving, requiring constant adaptation. Cybersecurity teams often feel like janitors cleaning up after others.
- Organizational dynamics can create resentment in security teams.
- Learning from incidents is crucial for improving security practices.
- Balancing security needs with business operations is essential.
- Generative AI presents both risks and opportunities for organizations.
- Effective governance is needed for AI usage in business.
- Security professionals must help businesses understand risk management.
- Building relationships across departments can improve security outcomes.
- AI tools should be used with proper agreements to protect data.
- The landscape of AI in business is rapidly evolving and requires adaptation.
Links
- https://www.scworld.com/news/ransomware-attackers-turn-to-workers-for-data-breach-access
- https://www.darkreading.com/application-security/llm-hijackers-deepseek-api-keys
- https://www.wsj.com/tech/cybersecurity/phishing-tests-the-bane-of-work-life-are-getting-meaner-76f30173
- https://www.securityweek.com/security-teams-pay-the-price-the-unfair-reality-of-cyber-incidents/
- https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
288 פרקים
Alle episoder
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לDefensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Syntax - Tasty Web Development Treats
Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers
4k901
Full Stack Developers Wes Bos and Scott Tolinski dive deep into web development topics, explaining how they work and talking about their own experiences. They cover from JavaScript frameworks like React, to the latest advancements in CSS to simplifying web tooling.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
