164 - What Is Platform Approach To Security? - Part 2

YusufOnSecurity.com

Player FM - Internet Radio Done Right

הוסף לפני four שנים

תוכן מסופק על ידי YusufOnSecurity.Com. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי YusufOnSecurity.Com או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

לפני שנה 32:41

MP3•בית הפרקים

Enjoying the content? Let us know your feedback!

In our second episode, we continue exploring the concept of adopting a platform security.
In this second part we will continue where we left off from last week and will encourage you to listed to the first episode if you have not done so.
Before we get into the main topic, lets touch one important top trending piece of news this week. And that is:

- Github added AI powered vulnerability auto-fix feature

- https://www.cisco.com: XDR- Platform approach to security
- https://github.blog: Introducing Code Ccanning Auto-Fix Powered By Ggithub Copilot And CodeQL

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

228 פרקים

#Tech #YusufOnSecurity.Com #Cyber Security #Security #Threats #Vulnerable #Exploitation #Malware #Viruses #Trojan Horse #Worm #Cve

164 - What Is Platform Approach To Security? - Part 2

YusufOnSecurity.com

published לפני שנה

שתפו

MP3•בית הפרקים

Enjoying the content? Let us know your feedback!

- Github added AI powered vulnerability auto-fix feature

- https://www.cisco.com: XDR- Platform approach to security
- https://github.blog: Introducing Code Ccanning Auto-Fix Powered By Ggithub Copilot And CodeQL

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

228 פרקים

#Tech #YusufOnSecurity.Com #Cyber Security #Security #Threats #Vulnerable #Exploitation #Malware #Viruses #Trojan Horse #Worm #Cve

כל הפרקים

1
228 - How the Emergence of AI-Powered Malware works 26:19

לפני 8 ימים26:19

26:19

Enjoying the content? Let us know your feedback! In today’s episode is about a seismic shift in the world of cyber threats. The emergence of AI-powered malware. We’ll unpack how this new breed of malware works, the science behind it, real-world incidents, and what the latest academic research reveals. We will also look at the latest news that some are calling "The mother of all breaches". We have all that coming up next, in this week's podcast! - https://www.bleepingcomputer.com : No, the 16 billion credentials leak is not a new data breach Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
227 - Is UTM Still Relevant? 44:36

לפני 15 ימים44:36

44:36

Enjoying the content? Let us know your feedback! Today, we’ll answer a pressing question in cybersecurity: Is UTM still relevant in 2025? We’ll trace the origins of UTM, explain why it was created, break down its core features, compare it to newer technologies, and finish by busting a common cybersecurity myth. Before we dive into our main topic, let’s take a quick look at a major tech update making headlines: The emergence of AI powered malware is becoming more real - https://en.wikipedia.org : UTM - https://perception-point.io : AI Malware: Types, Real Life Examples, and Defensive Measures Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
226 - Inside A Stealthy Malware Powering Modern Cyber Attacks 47:28

לפני 22 ימים47:28

47:28

Enjoying the content? Let us know your feedback! In this week's episode, we get into some detailed exploration of an up and coming malware. Looking at it closer, it is one of the most advanced post-exploitation code families shaping the cybersecurity landscape in 2025. Over the time we have together, we’ll unravel what this malware is, how it works, why it’s so dangerous, and most importantly what businesses can do to defend themselves. Along the way, we’ll break down technical terms and processes, to make the topic less complex as I need it to be accessible and engaging to everyone. Before we dive into our main topic, let’s take a quick look at a major tech update making headlines: Microsoft Authenticator Now Warns To Export Passwords Before July Cut Off - https://www.bleepingcomputer.com : Ransomware gangs increasingly use Skitnet post-exploitation malware - https://otx.alienvault.com : Skitnet IOCs Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
225 - What Is a Content Delivery Network—And Do They Really Protect Businesses? 24:29

לפני 29 ימים24:29

24:29

Enjoying the content? Let us know your feedback! This week we are exploring what Content Delivery Networks —commonly known as CDNs— are and whether they protect modern businesses. We’ll dive deep into the mechanics of how CDNs work, the technologies behind them, and whether they defend organizations from threats or just deliver content at blazing speeds. Along the way, we’ll highlight two of the world’s leading CDN providers. - https://en.wikipedia.org : Content Delivery Network - https://www.cloudflare.com : What Is CDN? - https://www.akamai.com : What Is CDN? Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
224 - Cisco Talos Year 2024 In Review 34:38

לפני 5 weeks34:38

34:38

Enjoying the content? Let us know your feedback! In this week's episode, we are looking at the latest Cisco Talos’ 2024 report. In this comprehensive report, we will delve into the major cybersecurity trends and threats observed over the past year. Cisco Talos team, has compiled this report to provide valuable insights and guidance for organizations to enhance their security postures. But before we get in to the main topic, I have one security news for you and that is: - The European Union launches a new vulnerability Database - EUVD - https://euvd.enisa.europa.eu : EUVD - https://euvd.enisa.europa.eu/faq : EUVD FAQ - https://blog.talosintelligence.com : 2024 Year In Review Report - https://www.forbes.com : Why Quantum Computers Will Work Alongside Classical Systems Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
223 - RSAC 2025 - Part 2 21:55

לפני 6 weeks21:55

21:55

Enjoying the content? Let us know your feedback! This is the part 2 of RSAC 2025 episode. If you have not listened to episode 1 (that episode 222), I would suggest you listen to episode 1 before you listen this episode. Before you we get into part 2, lets review what has been happening last week on the news front. - UK shares security tips after major retail cyberattacks - https://www.bleepingcomputer.com : UK NCSC Cyber Attack A Wake Up call - https://www.ncsc.gov.uk :NCSC statement - Incident impacting retailers Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
222 - RSAC 2025 - Part 1 35:54

לפני 7 weeks35:54

35:54

Enjoying the content? Let us know your feedback! It was RSAC week and it would be remiss of me if I did not give you a highlight on what went on this year, 2025. After all, RSAC has a critical role in security. We will be reviewing the top key announcements from this year's event, including some exciting news from the major security players in the industry. Whether you're a cybersecurity professional, a tech enthusiast, or just curious about the latest in the world of cyber security, this episode is definitely for you. So, let's get started! Before we dive into the main segment, we will also add one more topic that I think is of major importance on top of everything else and that is from Microsoft. Microsoft makes All new Account Passwordless by default - https://techcommunity.microsoft.com : New User Experience - https://www.rsaconference.com : RSA Conference 2025 Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
221 - FBI’s 2024 Annual Internet Crime Report 32:16

לפני 8 weeks32:16

32:16

Enjoying the content? Let us know your feedback! This week's episode looks at the FBI’s 2024 Annual Internet Crime Report -an analysis that not only highlights the scale of cybercrime but also reveals the evolving tactics of cybercriminals and the staggering financial impact on individuals and businesses alike. This of course relates to US but it is an indicative what might be happening elsewhere. - https://www.ic3.gov : Federal Bureau Of Investigation - Internet Crime Report 2024 Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
220 - Watering Hole Attacks-The Hidden Danger of Trusted Spaces 32:41

לפני 9 weeks32:41

32:41

Enjoying the content? Let us know your feedback! Imagine visiting your favorite website-one you trust, one you’ve browsed a hundred times before-only to discover it’s become a silent gateway for cybercriminals. What if the real danger wasn’t in suspicious emails or obvious scams, but lurking in the very places you feel safest online? In today’s episode, we’ll unravel a cunning technique that preys on trust and routine, catching even the most vigilant users off guard. Stay tuned as we explore the origins, methods, and real-world impact of one of the most deceptive cyber threats in existence. But before we get to the main topic, lets cover the top security news first Lazarus hackers breach multiple organisation in a not so new attack method. We will find out what the technique is. - https://attack.mitre.org : Lazarus - https://attack.mitre.org : Drive by compromise Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
219 - What Is Agentic AI? 33:36

לפני 10 weeks33:36

33:36

Enjoying the content? Let us know your feedback! In this week's episode we are touching an intriguing topic. We're going to explore Agentic AI, a fascinating area within artificial intelligence that focuses on autonomous systems capable of making decisions and performing tasks without human intervention. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear But we before we dive into the topic, lets recap the top security news this week: Microsoft defender will isolate undiscovered endpoing to block attacks - https://learn.microsoft.com : Whatsbnew in Microsoft Defender Endpoint - Apri 2025 - https://en.wikipedia.org : Alan Turing - https://www.nvidia.com : Agentic AI Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
218 - Fast Flux-The Cybercriminal's Hide and Seek 26:49

לפני 11 weeks26:49

26:49

Enjoying the content? Let us know your feedback! This week, we re going to explore what Fast Flux is, a sophisticated technique used by cybercriminals to evade detection and maintain their malicious activities. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear. So without further ado, grab your coffee, or keep your eyes on the road if you are driving, sit back, and let's get started!" HellCat Ransomware - https://therecord.media: Schneider Electric Hackers Accessed Internal Project Tracking Platform - https://www.infosecurity-magazine.com: Hellcat Ransomware Humiliation - https://attack.mitre.org : Dynamic Resolution: Fast Flux DNS - https://www.cisa.gov : Fasst Flux, A National Security Threat Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
217 - Phishing the Expert-The Unexpected Cybersecurity Breach - Part 2 28:32

לפני 12 weeks28:32

28:32

Enjoying the content? Let us know your feedback! This week's episode is continuation of Troy Hunt's cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll continue to break down what happened, how it happened, and what we can all learn from this incident. Stay tuned till the end where we bust our myth of the week! We will also look at this week's cyber security news which is Ubuntu Linux security bypasses - https://blog.qualys.co m: Qualys TRU Discovers Three Bypasses of Ubuntu Unprivileged User Namespace Restrictions - https://www.troyhunt.com : A sneaky phish just grabbed my Mailchimp mailing list Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
216 - Phishing The Expert-The Unexpected Cybersecurity Breach - Part 1 32:15

לפני 13 weeks32:15

32:15

Enjoying the content? Let us know your feedback! In this week's episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll break down what happened, how it happened, and what we can all learn from this incident. Stay tuned till the end for tips on how to stay vigilant against phishing attacks and our myth of the week! we will also look at the cyber security news. Here is what caught my attention this week. - PSTools dll injection vulnerability - https://www.foto-video-it.de : Disclosure Sysinternals (You will need to translate to English if you are not a German speaker) - https://learn.microsoft.com : PSTool - https://www.troyhunt.com : A sneaky phish just grabbed my Mailchimp mailing list Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
215 - Cyber Threat Emulation - Strategies for Staying Ahead Of Cyber Attacks 37:04

לפני 14 weeks37:04

37:04

Enjoying the content? Let us know your feedback! In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization's security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the game. Threat emulation aims to identify and mitigate security gaps before attackers exploit them, providing a more comprehensive evaluation than traditional assessments. Before we dive into the main topic, lets glance what is happening on the security front: March Microsoft Patch Tuesday has landed! - https://msrc.microsoft.com : March 2025 Security Updates - https://detect-respond.blogspot.com : Pyramid Of Pain - https://www.atomicredteam.io : Atomic Read Team - https://www.ecb.europa.eu /paym/cyber-resilience/tiber-eu/html/index.en.html Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

1
214 - What are polyglot files and how bad are they? 31:58

לפני 15 weeks31:58

31:58

Enjoying the content? Let us know your feedback! In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and delivering malicious payloads in ways that are both creative and devastating. Over the next 20 to 30 minutes or so, we’ll break down what polyglot files are, how they work, and why they’re so dangerous. We’ll also examine some real-world examples where polyglot files were used in cyberattacks. We will reference the MITRE ATT&CK framework to understand how these techniques fit into the broader landscape of adversarial tactics. Finally, we’ll discuss mitigation strategies and close with a cybersecurity myth that needs busting Before we dive into the main topic, lets glance what is happening on the security front: UEFI Secure Boot bypass vulnerability - https://en.wikipedia.org : Polyglot - https://attack.mitre.org : Masquerading - https://arxiv.org : Where the Polyglots Are: How Polyglot Files Enable Cyber Attack Chains and Methods for Detection & Disarmament - https://medium.com : Polyglot Files A Hackers Best Friend - https://www.bleepingcomputer.com : New polyglot malware hits aviation, satellite communication firms Be sure to subscribe! You can also stream from https://yusufonsecurity.com In there, you will find a list of all previous episodes in there too.…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.