Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Follow Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Share on
Copy link to clipboard

Defensive Security is a weekly information security podcast which reviews recent high profile security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.

Jerry Bell and Andrew Kalat


    • Jun 19, 2025 LATEST EPISODE
    • every other week NEW EPISODES
    • 52m AVG DURATION
    • 259 EPISODES

    4.7 from 350 ratings Listeners of Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec that love the show mention: infosec podcasts, info sec, security news, security podcasts, cyber security, security issues, jerry, enterprise, defensive, hacking, andrew, you'll find, andy, it's worth, can't wait to listen, bell, bob, know their stuff, fluff, guys know.


    Ivy Insights

    The Defensive Security Podcast is an exceptional resource for individuals interested in the field of cybersecurity. Hosted by Andrew Kalat and Jerry Bell, this podcast covers a variety of important and informed topics related to malware, hacking, cyber security, and infosec. The hosts have recently reduced the frequency of their episodes, but the content they provide is always valuable and informative. From discussing industry news to offering insights into working in the cybersecurity field, this podcast guarantees that listeners will gain something from every episode.

    One of the best aspects of The Defensive Security Podcast is the vast amount of knowledge and experience that Andrew and Jerry bring to each episode. They are seasoned professionals who know their stuff, providing listeners with valuable information about current trends and issues in cybersecurity. The casual nature of the podcast makes it easy to listen to, even for non-technical individuals. Additionally, the hosts inject humor and sarcasm into their discussions, making it an entertaining experience while still remaining educational.

    While there are numerous positives to this podcast, one potential downside is that it may not be suitable for complete beginners in cybersecurity. The hosts assume a certain level of knowledge about terminology and concepts within the industry. However, they do not take listeners by the hand to explain these concepts thoroughly. As such, it may be challenging for newcomers to fully grasp all the information discussed.

    In conclusion, The Defensive Security Podcast is a must-listen for anyone interested in staying up-to-date with cyber security topics or gaining insight into working in the industry. The hosts bring extensive experience and knowledge to each episode while also injecting humor and entertainment value. Although it may not be ideal for beginners without prior knowledge of cyber security concepts, this podcast remains a valuable resource for those looking to expand their understanding of this ever-evolving field.



    Search for episodes from Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec with a specific topic:

    Latest episodes from Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

    Defensive Security Podcast Episode 310

    Play Episode Listen Later Jun 19, 2025 53:44


    Like what we're doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links:  https://www.bleepingcomputer.com/news/security/sentinelone-shares-new-details-on-china-linked-breach-attempt/https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html?m=1https://www.csoonline.com/article/4002103/cisos-beware-genai-use-is-outpacing-security-controls.htmlhttps://thehackernews.com/2025/06/fin6-uses-aws-hosted-fake-resumes-on.html?m=1

    defensive security podcast
    Defensive Security Podcast Episode 309

    Play Episode Listen Later Jun 10, 2025 60:41


    Like what we're doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links:  https://www.theregister.com/2025/06/06/chatgpt_for_evil/https://www.theregister.com/2025/06/06/ransomware_negotiation/https://www.darkreading.com/cyber-risk/how-to-approach-security-era-ai-agentshttps://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/https://www.theregister.com/2025/06/04/kiranapro_cyberattack_deletes_cloud_resources/ / https://x.com/deepakravindran/status/1930776943101894869

    defensive security podcast
    Defensive Security Podcast Episode 308

    Play Episode Listen Later Jun 2, 2025 51:45


    Like what we're doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of topics including the introduction of a new cryptocurrency, Guard Llama Coin, and the implications of recent cybersecurity incidents involving ConnectWise … Continue reading Defensive Security Podcast Episode 308 →

    connectwise jerry bell defensive security podcast
    Defensive Security Podcast Episode 307

    Play Episode Listen Later May 27, 2025 66:20


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant data breach at Coinbase, the challenges of cryptocurrency security, the importance of patch management, and the evolving landscape of cyber threats. They also discuss insider threats, the failures of rigid security programs, and the … Continue reading Defensive Security Podcast Episode 307 →

    coinbase jerry bell defensive security podcast
    Defensive Security Podcast Episode 306

    Play Episode Listen Later May 12, 2025 52:40


    In this episode, Jerry and Andrew discuss  the importance of data security, phishing attacks targeting hiring managers, the implications of paying ransoms, and the recent Disney data breach incident. They emphasize the need for better training for employees and the challenges of managing software supply chains. The conversation highlights the evolving landscape of cyber threats … Continue reading Defensive Security Podcast Episode 306 →

    disney defensive security podcast
    Defensive Security Podcast Episode 305

    Play Episode Listen Later May 5, 2025 85:09


    In this episode, we discuss the Google Mandiant 2025 M-Trends report.  The report is available here: https://services.google.com/fh/files/misc/m-trends-2025-en.pdf Like what we're doing and want to help support us? Donate here: https://www.patreon.com/defensivesec

    defensive security podcast
    Defensive Security Podcast Episode 304

    Play Episode Listen Later Apr 28, 2025 62:48


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss the latest trends in cybersecurity, focusing on the rise of BEC scams and the significant losses attributed to cybercrime in 2024. They explore emerging threats, including social engineering tactics and hardware vulnerabilities, particularly in management interfaces. The conversation also delves … Continue reading Defensive Security Podcast Episode 304 →

    bec jerry bell defensive security podcast
    Defensive Security Podcast Episode 303

    Play Episode Listen Later Apr 14, 2025 61:33


    Summary In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the rise of ransomware, the importance of backup strategies, and the implications of AI in phishing attacks. They discuss into the challenges of managing non-human identities and the need for effective communication of security metrics. … Continue reading Defensive Security Podcast Episode 303 →

    ai jerry bell defensive security podcast
    Defensive Security Podcast Episode 302

    Play Episode Listen Later Apr 7, 2025 72:02


    In this episode, Jerry and Andrew discuss various cybersecurity topics, including the recent Oracle Cloud security breach, a GitHub supply chain attack, insider threats, and the implications of AI in cybersecurity. They explore the challenges of maintaining trust in cloud services, the complexities of insider threats, and the evolving landscape of cybercrime driven by AI … Continue reading Defensive Security Podcast Episode 302 →

    ai github oracle cloud defensive security podcast
    Defensive Security Podcast Episode 301

    Play Episode Listen Later Apr 1, 2025 69:18


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of cybersecurity topics, including the recent Oracle Cloud breach, the challenges of asset management in large environments, and the importance of prioritizing vulnerabilities. They also explore the findings from a pen test report, the implications of emerging threats … Continue reading Defensive Security Podcast Episode 301 →

    oracle cloud jerry bell defensive security podcast
    Defensive Security Podcast Episode 300

    Play Episode Listen Later Mar 18, 2025 62:00


    Summary In this episode, we celebrate the 300th episode of the Defensive Security Podcast then discuss various cybersecurity topics including the rise of AI-driven threats, the importance of zero trust architecture, best practices for incident response, the impact of human error on security breaches, and the risks associated with collaboration tools. We also cover the … Continue reading Defensive Security Podcast Episode 300 →

    ai defensive security podcast
    Defensive Security Podcast Episode 299

    Play Episode Listen Later Mar 10, 2025 67:40


    Summary In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a Disney employee's mishap with an AI tool that led to a significant hack, vulnerabilities in VMware ESX hypervisors, and a developer's sabotage of their ex-employer. They also explore the implications of GitHub repository exposure … Continue reading Defensive Security Podcast Episode 299 →

    ai disney github jerry bell defensive security podcast
    Defensive Security Podcast Episode 298

    Play Episode Listen Later Feb 22, 2025 77:06


    In this episode of the Defense of Security podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a recent incident involving notorious hackers breaching a company network in under an hour, strategies to defend against deepfake attacks, the targeting of freelance developers by North Korean adversaries, vulnerabilities in Palo Alto firewalls, and … Continue reading Defensive Security Podcast Episode 298 →

    Defensive Security Podcast Episode 297

    Play Episode Listen Later Feb 18, 2025 64:21


      Become a Patreon supporter of the show here: https://www.patreon.com/defensivesec Links: https://www.cybersecuritydive.com/news/ransomware-gangs–tactics-/739937/ https://www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/ https://arstechnica.com/information-technology/2025/02/russian-spies-use-device-code-phishing-to-hijack-microsoft-accounts/ https://www.darkreading.com/cyber-risk/open-source-ai-models-pose-risks-of-malicious-code-vulnerabilities https://www.csoonline.com/article/3823429/24-of-vulnerabilities-are-abused-before-a-patch-is-available.html

    defensive security podcast
    Defensive Security Podcast Episode 296

    Play Episode Listen Later Feb 9, 2025 70:28


    In this episode of the Defense of Security Podcast, Jerry Bell and Andrew Kalat discuss the evolving landscape of cybersecurity threats, focusing on ransomware tactics that exploit insider threats, the hijacking of LLM resources, and the effectiveness of phishing simulations. They explore how adversaries are increasingly targeting employees to gain access to sensitive data and … Continue reading Defensive Security Podcast Episode 296 →

    defense llm security podcast jerry bell defensive security podcast
    Defensive Security Podcast Episode 295

    Play Episode Listen Later Feb 3, 2025 75:57


      In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the alarming statistics surrounding ransomware attacks, the implications of paying ransoms, and the evolving nature of ransomware as a broader category of cyber threats. They also discuss the consolidation of security tools and the skepticism … Continue reading Defensive Security Podcast Episode 295 →

    jerry bell defensive security podcast
    Defensive Security Podcast Episode 294

    Play Episode Listen Later Jan 26, 2025 64:21


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a hidden backdoor in Juniper routers, PayPal's recent data breach settlement, the exploitation of older Ivanti bugs, the PowerSchool data breach affecting millions, and CISA's new software security recommendations. The conversation emphasizes the importance of proactive … Continue reading Defensive Security Podcast Episode 294 →

    Defensive Security Podcast Episode 293

    Play Episode Listen Later Jan 20, 2025 48:17


    “Another day, another data breach.” In this episode of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss a significant data breach affecting hotel reservation data, regulatory actions taken against GoDaddy for poor security practices, and the evolving landscape of cyber attacks. They emphasize the importance of proactive defense strategies and innovative detection techniques … Continue reading Defensive Security Podcast Episode 293 →

    godaddy jerry bell defensive security podcast
    Defensive Security Podcast Episode 292

    Play Episode Listen Later Jan 12, 2025 44:51


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the dangers of malware disguised as proof of concept code on GitHub, the alarming rise in phishing attacks, the implications of a recent Treasury hack, and the targeted attacks on Ivanti's security products. The conversation emphasizes … Continue reading Defensive Security Podcast Episode 292 →

    treasury github ivanti jerry bell defensive security podcast
    Defensive Security Podcast Episode 291

    Play Episode Listen Later Jan 6, 2025 51:15


    Summary In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant incident involving a Tenable plugin update that disrupted Nessus agents worldwide. They delve into the implications of malicious Chrome extensions and sophisticated phishing attacks, particularly focusing on a recent incident involving OAuth trust … Continue reading Defensive Security Podcast Episode 291 →

    chrome oauth tenable nessus jerry bell defensive security podcast
    Defensive Security Podcast Episode 290

    Play Episode Listen Later Dec 30, 2024 83:40


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the FTC's order for Marriott and Starwood to enhance their data security measures, a recent hijacking of a Chrome extension, and emerging threats for 2025. They also delve into the implications of AI in cybersecurity, emphasizing … Continue reading Defensive Security Podcast Episode 290 →

    Defensive Security Podcast Episode 289

    Play Episode Listen Later Dec 19, 2024 60:14


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a year-long supply chain attack that compromised 390,000 credentials, the U.S. government's bounty for information on North Korean IT worker farms, and the alarming number of vulnerabilities found in software containers. They also delve into the … Continue reading Defensive Security Podcast Episode 289 →

    jerry bell defensive security podcast
    Defensive Security Podcast Episode 288

    Play Episode Listen Later Dec 9, 2024 59:58


    In this episode of the Defensive Security Podcast, we discuss the anticipated rise of Mac malware, the economic implications of new top-level domains (TLDs) for phishing, innovative phishing techniques using corrupt documents, and the risks associated with open-source software. We also explore the concept of risk homeostasis in cybersecurity, examining how users' perceptions of security … Continue reading Defensive Security Podcast Episode 288 →

    mac tlds defensive security podcast
    Defensive Security Podcast Episode 287

    Play Episode Listen Later Dec 1, 2024 57:00


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various topics including their holiday plans, updates on their podcast, and significant cybersecurity incidents. They delve into a recent Wi-Fi breach involving Russian hackers, CrowdStrike's IT outage and its implications for customer retention, and the discovery of malware exploiting vulnerable … Continue reading Defensive Security Podcast Episode 287 →

    russian wifi crowdstrike jerry bell defensive security podcast
    Defensive Security Podcast Episode 286

    Play Episode Listen Later Nov 24, 2024 72:02


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the launch of their new podcast, Getting Defensive. They delve into a CISA report on exploited vulnerabilities, highlighting the concerning trend of zero-day vulnerabilities being exploited. The conversation also covers a GitHub incident involving malicious commits … Continue reading Defensive Security Podcast Episode 286 →

    github cisa jerry bell defensive security podcast
    Defensive Security Podcast Episode 285

    Play Episode Listen Later Nov 11, 2024 68:14


    In this episode of the Defensive Security Podcast, we discuss the theft of cloud credentials, the exploitation of SharePoint vulnerabilities, evolving malware techniques, and the importance of cyber due diligence for suppliers. They reflect on the challenges of managing secrets, the implications of auto-updates, and the need for robust risk management practices in the face … Continue reading Defensive Security Podcast Episode 285 →

    sharepoint defensive security podcast
    Select Defensive Security Podcast Episode 284

    Play Episode Listen Later Oct 29, 2024 54:19


    Delta's Lawsuit, SEC Penalties, and Fortinet's Zero-Day Exploit In this episode, hosts Jerry Bell and Andrew Kellett discuss current cybersecurity issues, starting with Delta Air Lines' $500 million lawsuit against CrowdStrike over an IT outage and data breach. They explore SEC penalties imposed on tech companies for downplaying the SolarWinds hack's impact, followed by an … Continue reading Select Defensive Security Podcast Episode 284 →

    Defensive Security Podcast Episode 283

    Play Episode Listen Later Oct 21, 2024 53:26


    “They Can't All Be Winners” In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat explore several pressing cybersecurity topics as of October 2024. The discussion begins by addressing the rapid increase in vulnerability exploitation speeds, with a highlight that 70% of exploitable flaws in 2023 were zero-days, now being exploited … Continue reading Defensive Security Podcast Episode 283 →

    jerry bell defensive security podcast
    Defensive Security Podcast Episode 282

    Play Episode Listen Later Oct 12, 2024 38:11


    Episode 282: Exploiting Trust in Cybersecurity Practices In episode 282 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kallett discuss several cybersecurity topics. They highlight a phishing attack outlined by Microsoft, where cybercriminals leverage file-hosting services like OneDrive and Dropbox to exploit trust and compromise identities. The episode also explores concerns about AI … Continue reading Defensive Security Podcast Episode 282 →

    Defensive Security Podcast Episode 281

    Play Episode Listen Later Sep 30, 2024 57:14


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity events and issues. The episode opens with discussion on the recent weather impacts affecting Asheville and lessons for disaster preparedness in the security industry. A significant portion of the episode is dedicated to CrowdStrike's recent Capitol Hill testimony, … Continue reading Defensive Security Podcast Episode 281 →

    Defensive Security Podcast Episode 280

    Play Episode Listen Later Sep 23, 2024 51:37


    In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kellett delve into key cybersecurity topics. They discuss a recent statement by CISA director Jen Easterly on holding software manufacturers accountable for product defects rather than vulnerabilities, and the need for derogatory names for threat actors to deter cybercrime. The episode also … Continue reading Defensive Security Podcast Episode 280 →

    cisa jerry bell defensive security podcast
    Defensive Security Podcast Episode 279

    Play Episode Listen Later Sep 18, 2024


    In Episode 279 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss the latest cybersecurity news and issues. Stories include Transportation for London requiring in-person password resets after a security incident, Google's new ‘air-gapped' backup service, the impact of a rogue ‘Whois' server, and the ongoing ramifications of the Moveit breach. The episode … Continue reading Defensive Security Podcast Episode 279 →

    Defensive Security Podcast Episode 278

    Play Episode Listen Later Sep 9, 2024 51:54


    In episode 278 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss various recent cybersecurity topics. The episode starts with light-hearted banter about vacations before diving into the main topics. Key discussions include a new vulnerability in YubiKey that requires sophisticated physical attacks, resulting in a low overall risk but sparking debate about … Continue reading Defensive Security Podcast Episode 278 →

    yubikey jerry bell defensive security podcast
    Defensive Security Podcast Episode 277

    Play Episode Listen Later Aug 26, 2024 61:54


    In this episode, Jerry Bell and Andrew Kalat discuss various topics in the cybersecurity landscape, including the influence of cyber insurance on risk reduction for companies and how insurers offer guidance to lower risks. They touch upon the potential challenges with cybersecurity maturity in organizations and the consultant effect. The episode also goes into detail … Continue reading Defensive Security Podcast Episode 277 →

    jerry bell defensive security podcast
    Defensive Security Podcast Episode 276

    Play Episode Listen Later Aug 16, 2024 46:11


    Check out the latest Defensive Security Podcast Ep. 276! From cow milking robots held ransom to why IT folks dread patching, Jerry Bell and Andrew Kalat cover it all. Tune in and stay informed on the latest in cybersecurity! Summary: In episode 276 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat delve … Continue reading Defensive Security Podcast Episode 276 →

    jerry bell defensive security podcast
    Defensive Security Podcast Episode 275

    Play Episode Listen Later Aug 8, 2024 51:00


    Links: https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf https://www.theregister.com/2024/08/05/crowdstrike_is_not_at_all/ https://www.theverge.com/2024/8/6/24214371/microsoft-delta-letter-crowdstrike-response-comments https://www.linkedin.com/posts/alexstamos_why-crowdstrikes-baffling-bsod-disaster-activity-7224046054076243969-1An8?utm_source=combined_share_message&utm_medium=ios_app https://www.linkedin.com/posts/choff_why-crowdstrikes-baffling-bsod-disaster-activity-7224078879445958658-ymuc?utm_source=combined_share_message&utm_medium=member_ios https://www.securityweek.com/thousands-of-devices-wiped-remotely-following-mobile-guardian-hack/ https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/ https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-gang-targets-it-workers-with-new-sharprhino-malware/ Transcript: Jerry: Today is Wednesday, August 7th, 2024. And this is episode 275 of the Defensive Security Podcast. My name is Jerry Bell and joining me tonight as always is Mr. Andrew Kalat. Andrew: Good evening, Jerry. How are you? Good, sir. Jerry: I am amazing. … Continue reading Defensive Security Podcast Episode 275 →

    jerry bell defensive security podcast
    Defensive Security Podcast Episode 274

    Play Episode Listen Later Aug 2, 2024 59:42


    https://www.bleepingcomputer.com/news/security/over-3-000-github-accounts-used-by-malware-distribution-service/ https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/ https://www.darkreading.com/cybersecurity-operations/crowdstrike-outage-losses-estimated-staggering-54b  https://cdn.prod.website-files.com/64b69422439318309c9f1e44/66a24d5478783782964c1f6f_CrowdStrikes%20Impact%20on%20the%20Fortune%20500_%202024%20_Parametrix%20Analysis.pdf https://www.darkreading.com/vulnerabilities-threats/unexpected-lessons-learned-from-the-crowdstrike-event Summary: Episode 274: Malware on GitHub, North Korean Developer Scam & Secure Boot Failures In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss several notable security stories and issues. They start with a malware distribution service that leverages compromised GitHub accounts and WordPress … Continue reading Defensive Security Podcast Episode 274 →

    wordpress github malware jerry bell defensive security podcast
    Defensive Security Podcast Episode 273

    Play Episode Listen Later Jul 24, 2024 65:19


    The Joe Sullivan Verdict – Unfair? – Which Part? (cybertheory.io) Fujitsu Details Non-Ransomware Cyberattack (webpronews.com) 5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy (thehackernews.com) Sizable Chunk of SEC Charges Vs. SolarWinds Dismissed (darkreading.com) CrowdStrike CEO apologizes for crashing IT systems around the world, details fix | CSO Online Summary: Cybersecurity Updates: Uber's … Continue reading Defensive Security Podcast Episode 273 →

    defensive security podcast
    Defensive Security Podcast Episode 272

    Play Episode Listen Later Jul 11, 2024 51:40 Transcription Available


    On episode 272 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a variety of pressing cybersecurity topics. These include the responsibilities of CISOs in avoiding legal repercussions following data breaches, highlighted by the case of Uber's former CISO, Joe Sullivan. The hosts also delve into the impact of the recent U.S. Supreme Court decision overturning the Chevron deference doctrine on cybersecurity regulations, the risk of dynamic loading of JavaScript libraries, and the wide-reaching implications of the OpenSSH regression vulnerability. Throughout, practical advice and insightful commentary are provided on maintaining security in an ever-evolving threat landscape. 00:00 Introduction and Episode Overview 01:08 CISO's Guide to Avoiding Jail After a Breach 03:29 Challenges and Complexities of the CISO Role 13:35 US Supreme Court Ruling and Its Impact on Cyber Regulation 20:51 Polyfill.io Issue: A Modern Supply Chain Attack? 28:54 Understanding Polyfill Confusion and Risks 29:23 Maintaining Open Source Software Health 30:04 The Need for Open Source Health Ratings 30:41 Challenges with Third-Party Code and Security 34:08 Vendor Questionnaires and False Urgency 39:50 The Regression Vulnerability in OpenSSH 41:18 Cloud Security Best Practices 48:29 Final Thoughts and Recommendations 49:52 Conclusion and Farewell

    Defensive Security Podcast Episode 271

    Play Episode Listen Later Jul 3, 2024 56:58 Transcription Available


    defensive security podcast
    Defensive Security Podcast Episode 270

    Play Episode Listen Later Feb 6, 2023 46:42


    defensive security podcast
    Defensive Security Podcast Episode 269

    Play Episode Listen Later Jul 31, 2022 21:56


    https://www.bleepingcomputer.com/news/security/cosmicstrand-uefi-malware-found-in-gigabyte-asus-motherboards/ https://www.bleepingcomputer.com/news/security/hackers-scan-for-vulnerabilities-within-15-minutes-of-disclosure/ https://www.techcircle.in/2022/07/31/paytm-mall-refutes-cyber-breach-report-says-users-data-safe

    defensive security podcast
    Defensive Security Podcast Episode 268

    Play Episode Listen Later Jul 17, 2022 32:46


      Stories: https://www.scmagazine.com/feature/incident-response/why-solarwinds-just-may-be-one-of-the-most-secure-software-companies-in-the-tech-universe https://www.computerweekly.com/news/252522789/Log4Shell-on-its-way-to-becoming-endemic https://www.bleepingcomputer.com/news/security/hackers-impersonate-cybersecurity-firms-in-callback-phishing-attacks/ https://www.cybersecuritydive.com/news/microsoft-rollback-macro-blocking-office/627004/ jerry: [00:00:00] All right, here we go today. Sunday, July 17th. 2022. And this is episode 268. Of the defensive security podcast. My name is Jerry Bell and joining me tonight as always is Mr. Andrew Kellett. Andy: Hello, Jerry. How are you, sir? jerry: great. How are you … Continue reading Defensive Security Podcast Episode 268 →

    stories log4shell jerry bell defensive security podcast
    Defensive Security Podcast Episode 267

    Play Episode Listen Later Jul 10, 2022 35:41


    Defensive Security Podcast Episode 267 jerry: [00:00:00] Alright, here we go. Today is Sunday, July 10th, 2022. And this is episode 267 of the defensive security podcast. My name is Jerry Bell and joining me tonight as always. Is Mr. Andrew Kellett. Andy: Good evening, Jerry, how are you? Good, sir. jerry: I'm doing great. … Continue reading Defensive Security Podcast Episode 267 →

    is mr jerry bell defensive security podcast
    Defensive Security Podcast Episode 266

    Play Episode Listen Later Jun 12, 2022 31:17


    https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html https://thehackernews.com/2022/06/conti-leaks-reveal-ransomware-gangs.html?m=1 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ https://doublepulsar.com/bpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896

    defensive security podcast
    Defensive Security Podcast Episode 265

    Play Episode Listen Later Mar 27, 2022 56:27


    Google Exposes Initial Access Broker Ties With Ransomware Actors (bankinfosecurity.com) Okta says hundreds of companies impacted by security breach | TechCrunch Okta: “We made a mistake” delaying the Lapsus$ hack disclosure (bleepingcomputer.com) Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code | TechCrunch DEV-0537 criminal actor targeting organizations for data exfiltration and destruction … Continue reading Defensive Security Podcast Episode 265 →

    microsoft bing cortana okta lapsus defensive security podcast
    Defensive Security Podcast Episode 264

    Play Episode Listen Later Mar 13, 2022 30:37


    Adafruit discloses data leak from ex-employee's GitHub repo (bleepingcomputer.com) Malware now using NVIDIA's stolen code signing certificates (bleepingcomputer.com) NSA report: This is how you should be securing your network | ZDNet  

    Defensive Security Podcast Episode 263

    Play Episode Listen Later Feb 20, 2022 39:30


    https://www.govinfosecurity.com/data-breach-exposes-booking-details-19-million-customers-a-18505 https://www.helpnetsecurity.com/2022/02/11/cloud-security-training/ https://www.bankinfosecurity.com/massive-breach-hits-500-e-commerce-sites-a-18492 https://www.darkreading.com/cloud/linux-malware-on-the-rise-including-illicit-use-of-cobalt-strike https://www.darkreading.com/attacks-breaches/google-cuts-account-compromises-in-half-with-simple-change

    defensive security podcast
    Defensive Security Podcast Episode 262

    Play Episode Listen Later Feb 7, 2022 39:18


    https://www.darkreading.com/edge-threat-monitor/most-common-cause-of-data-breach-in-2021-phishing-smishing-bec https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/ https://www.csoonline.com/article/3648991/dhs-announces-the-creation-of-the-cyber-safety-review-board.html https://www.darkreading.com/application-security/disclosure-panic-patch-can-we-do-better-

    defensive security podcast
    Defensive Security Podcast Episode 261

    Play Episode Listen Later Jan 31, 2022 51:21


    https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/ https://blog.f-secure.com/insight-from-a-large-scale-phishing-study/ https://www.darkreading.com/attacks-breaches/log4j-proved-public-disclosure-still-helps-attackers https://www.csoonline.com/article/3647756/how-to-prioritize-and-remediate-vulnerabilities-in-the-wake-of-log4j-and-microsofts-patch-tuesday-b.html

    defensive security podcast
    Defensive Security Podcast Episode 260

    Play Episode Listen Later Jan 17, 2022 31:23


    https://www.csoonline.com/article/3647209/why-you-should-secure-your-embedded-server-management-interfaces.html https://www.csoonline.com/article/3646613/cybercrime-group-elephant-beetle-lurks-inside-networks-for-months.html https://www.zdnet.com/article/when-open-source-developers-go-bad/ https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-rollout-of-january-windows-server-updates/

    defensive security podcast

    Claim Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel