YusufOnSecurity.com

Enjoying the content? Let us know your feedback!Today, we'll answer a pressing question in cybersecurity: Is UTM still relevant in 2025? We'll trace the origins of UTM, explain why it was created, break down its core features, compare it to newer technologies, and finish by busting a common cybersecurity myth.Before we dive into our main topic, let's take a quick look at a major tech update making headlines: The emergence of AI powered malware is becoming more real- https://en.wikipedia.org: UTM- https://perception-point.io: AI Malware: Types, Real Life Examples, and Defensive MeasuresBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode, we get into some detailed exploration of an up and coming  malware. Looking at it closer, it is one of the most advanced post-exploitation code families shaping the cybersecurity landscape in 2025. Over the time we have together, we'll unravel what this malware is, how it works, why it's so dangerous, and most importantly what businesses can do to defend themselves. Along the way, we'll break down technical terms and processes, to make the topic less complex as I need it to be accessible and engaging to everyone.Before we dive into our main topic, let's take a quick look at a major tech update making headlines: Microsoft Authenticator Now Warns To Export Passwords Before July Cut Off-https://www.bleepingcomputer.com: Ransomware gangs increasingly use Skitnet post-exploitation malware- https://otx.alienvault.com: Skitnet IOCsBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week we are exploring what Content Delivery Networks —commonly known as CDNs— are and whether they protect modern businesses. We'll dive deep into the mechanics of how CDNs work, the technologies behind them, and whether they defend organizations from  threats or just deliver content at blazing speeds. Along the way, we'll highlight two of the world's leading CDN providers.- https://en.wikipedia.org: Content Delivery Network- https://www.cloudflare.com: What Is CDN?- https://www.akamai.com: What Is CDN?Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode, we are looking at the latest Cisco Talos' 2024 report.  In this comprehensive report, we will delve into the major cybersecurity trends and threats observed over the past year. Cisco Talos team, has compiled this report to provide valuable insights and guidance for organizations to enhance their security postures.But before we get in to the main topic, I have one security news for you and that is:- The European Union launches a new vulnerability Database - EUVD- https://euvd.enisa.europa.eu: EUVD- https://euvd.enisa.europa.eu/faq: EUVD FAQ- https://blog.talosintelligence.com: 2024 Year In Review Report- https://www.forbes.com: Why Quantum Computers Will Work Alongside Classical SystemsBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This is the part 2 of RSAC 2025 episode. If you have not listened to episode 1 (that episode 222), I would suggest you listen to episode 1 before you listen this episode.Before you we get into part 2, lets review what has been happening last week on the news front.- UK shares security tips after major retail cyberattacks- https://www.bleepingcomputer.com: UK NCSC Cyber Attack A Wake Up call- https://www.ncsc.gov.uk:NCSC statement - Incident impacting retailersBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!It was RSAC week and it would be remiss of me if I did not give you a highlight on what went on this year, 2025. After all, RSAC has a critical role in security.  We will be reviewing the top key announcements from this year's event, including some exciting news from the major security players in the industry. Whether you're a cybersecurity professional, a tech enthusiast, or just curious about the latest in the world of cyber security, this episode is definitely for you. So, let's get started!Before we dive into the main segment, we will also add one more topic that I think is of major importance on top of everything else and that is from Microsoft.Microsoft makes All new Account Passwordless by default- https://techcommunity.microsoft.com: New User Experience- https://www.rsaconference.com: RSA Conference 2025Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week's episode looks at the FBI's 2024 Annual Internet Crime Report -an analysis that not only highlights the scale of cybercrime but also reveals the evolving tactics of cybercriminals and the staggering financial impact on individuals and businesses alike. This of course relates to US but it is an indicative what might be happening elsewhere.- https://www.ic3.gov: Federal Bureau Of Investigation - Internet Crime Report 2024Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Imagine visiting your favorite website-one you trust, one you've browsed a hundred times before-only to discover it's become a silent gateway for cybercriminals. What if the real danger wasn't in suspicious emails or obvious scams, but lurking in the very places you feel safest online? In today's episode, we'll unravel a cunning technique that preys on trust and routine, catching even the most vigilant users off guard. Stay tuned as we explore the origins, methods, and real-world impact of one of the most deceptive cyber threats in existence.But before we get to the main topic, lets cover the top security news firstLazarus hackers breach multiple organisation in a not so new attack method. We will find out what the technique is.- https://attack.mitre.org: Lazarus- https://attack.mitre.org: Drive by compromiseBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode we are touching an intriguing topic. We're going to explore Agentic AI, a fascinating area within artificial intelligence that focuses on autonomous systems capable of making decisions and performing tasks without human intervention. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clearBut we before we dive into the topic, lets recap the top security news this week: Microsoft defender will isolate undiscovered endpoing to block attacks - https://learn.microsoft.com: Whatsbnew in Microsoft Defender Endpoint - Apri 2025- https://en.wikipedia.org: Alan Turing- https://www.nvidia.com: Agentic AIBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week, we re going to explore what Fast Flux is, a sophisticated technique used by cybercriminals to evade detection and maintain their malicious activities. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear. So without further ado, grab your coffee, or keep your eyes on the road if you are driving, sit back, and let's get started!"HellCat Ransomware- https://therecord.media: Schneider Electric Hackers Accessed Internal Project Tracking Platform- https://www.infosecurity-magazine.com: Hellcat Ransomware Humiliation- https://attack.mitre.org: Dynamic Resolution: Fast Flux DNS- https://www.cisa.gov: Fasst Flux, A National Security ThreatBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week's episode is continuation of Troy Hunt's cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll continue to break down what happened, how it happened, and what we can all learn from this incident. Stay tuned till the end where we bust our myth of the week!We will also look at this week's cyber security news which isUbuntu Linux security bypasses- https://blog.qualys.com: Qualys TRU Discovers Three Bypasses of Ubuntu Unprivileged User Namespace Restrictions- https://www.troyhunt.com: A sneaky phish just grabbed my Mailchimp mailing listBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll break down what happened, how it happened, and what we can all learn from this incident. Stay tuned till the end for tips on how to stay vigilant against phishing attacks and our myth of the week!we will also look at the cyber security news. Here is what caught my attention this week.- PSTools dll injection vulnerability- https://www.foto-video-it.de: Disclosure Sysinternals (You will need to translate to English if you are not a German speaker)- https://learn.microsoft.com: PSTool- https://www.troyhunt.com: A sneaky phish just grabbed my Mailchimp mailing listBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this episode, we'll look into a cybersecurity assessment method that mimics real-world attacks to test an organization's security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the game.  Threat emulation aims to identify and mitigate security gaps before attackers exploit them, providing a more comprehensive evaluation than traditional assessments.Before we dive into the main topic, lets glance what is happening on the security front:March Microsoft Patch Tuesday has landed!- https://msrc.microsoft.com: March 2025 Security Updates- https://detect-respond.blogspot.com: Pyramid Of Pain- https://www.atomicredteam.io: Atomic Read Team- https://www.ecb.europa.eu/paym/cyber-resilience/tiber-eu/html/index.en.htmlBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this episode, we'll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and delivering malicious payloads in ways that are both creative and devastating.Over the next  20 to 30 minutes or so, we'll break down what polyglot files are, how they work, and why they're so dangerous. We'll also examine some real-world examples where polyglot files were used in cyberattacks. We will reference the MITRE ATT&CK framework to understand how these techniques fit into the broader landscape of adversarial tactics. Finally, we'll discuss mitigation strategies and close with a cybersecurity myth that needs bustingBefore we dive into the main topic, lets glance what is happening on the security front:UEFI Secure Boot bypass vulnerability- https://en.wikipedia.org: Polyglot- https://attack.mitre.org: Masquerading- https://arxiv.org: Where the Polyglots Are: How Polyglot Files Enable Cyber Attack Chains and Methods for Detection & Disarmament- https://medium.com: Polyglot Files A Hackers Best Friend- https://www.bleepingcomputer.com: New polyglot malware hits aviation, satellite communication firmsBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In today's episode, we're diving deep into Data Exfiltration; one of the most serious threats facing organizations today.We'll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools and techniques attackers use, and, most importantly, how organizations can defend themselves. We'll also cover real-world examples, including publicly known cases that had major consequences.So, whether you're a seasoned security professional or just starting out in the field, stick around as we unravel the methods attackers use and how to stop them.First lets look at one of the trending security news this week, and that is:News: Caldera Vulnerability- https://github.com/mitre/caldera: Security Notice- https://nvd.nist.gov: CVE-2025-27364- https://medium.com: MITRE Caldera Security Advisory — Remote Code Execution (CVE-2025–27364)- https://www.mitre.org: CalderaBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!We are continuing with part 2 of "Behind the Login Screen - Understanding OS Authentication." If you missed our first episode, I highly recommend giving it a listen before diving into today's content. In part one, we started to explore the fascinating world of operating system authentications, focusing on Windows, Linux/Unix, and Mac OS. We discussed how hashes are used in authentication, the concept of salt in passwords, rainbow table attacks. In today's episode, we'll build on that foundation and delve even deeper into the topic of OS authentication mechanisms. So again, if you haven't already, make sure to catch up on part one to get the full picture.Now, let's get started with part two of our journey into the world of OS authentication! lets look at one of the trending security news this week, and that is:- Newly discovered OpenSSH vulnerabilities.- https://blog.qualys.com: Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466- https://learn.microsoft.com: Kerberos Authentication OverviewBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In today's episode, we're going to explore the fascinating topic of operating systems authentications. We all use it but how many of us wondered how the behind the curtains machinery work. We'll be focusing on Windows, Linux/Unix, and Mac OS. We'll discuss how hashes are used in authentication, the concept of salt in passwords, rainbow table attacks and their countermeasures, the benefits of password-less authentication using hardware keys, password cracking, the shadow file in Unix/Linux, and the mechanics of how each OS protects passwords and how attackers try to circumvent these protections. Scareware blocker, now available in Microsoft Edge- https://blogs.windows.com: Stand Up To Scareware With Scareware Blocker- https://learn.microsoft.com: Kerberos Authentication Overview- https://www.microsoft.com: Scareware BlockerBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!As AI-generated content becomes more advanced, the risk of adversarial misuse—where bad actors manipulate AI for malicious purposes—has skyrocketed. But what does this mean in practical terms? What risks do we face, and how one of the big players is addressing them? Stick around as we break Google's Adversarial Misuse of Generative AI report, explain the key jargon, and bust a cybersecurity myth at the end of the show.Before we get into the main topic, lets have a look at one important news update, and that is:Microsoft has expanded its Windows 11 administrator protection tests- https://cloud.google.com: Adversarial Misuse of Generative AI- https://deepmind.google: Mapping the misuse of generative AI- https://learn.microsoft.com: User Account Control overview- https://learn.microsoft.com: How User Account Control worksBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today, we've got something really exciting for you. If you've been following the world of artificial intelligence lately, you've probably heard a lot about a new player in town: DeepSeek.Now, let me tell you, DeepSeek is shaking things up. They're doing something completely different that's not only disrupting the AI space but could also be a game-changer in how we approach cost, performance, and security in the future of AI technology. So, grab a seat on a solid ground and buckle up—this week, we're diving into how **DeepSeek** is leveling the playing field for AI vendors everywhere, cutting costs, and leveraging some really smart techniques that are turning heads in the industry.And, of course, at the end of today's episode, we'll be busting a big cybersecurity myth that might surprise you. But first, let's talk all things DeepSeek.Before we dive into the main, we will also bring you update todate on the news front:- Deepseek date breach. Yes they were hit already!- https://www.technologyreview.com: How DeepSeekripped up the AI playbook—and why everyone's going to follow its lead- https://www.digitaltrends.com: Microsoft is letting anyone use ChatGPT's $200 reasoning model for free- https://www.wiz.io: Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat HistoryBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this episode we will detail the significant announcement from Let's Encrypt – the trusted nonprofit Certificate Authority that has been at the forefront of making the web more secure.Let's Encrypt has revealed its plans to drastically reduce the lifetime of its TLS certificates from 90 days to just 6 days. This decision, outlined in their 2024 annual report, is aimed at strengthening the security of online communications by minimizing the risks associated with compromised keys. But what does this mean for website owners, IT administrators, and the broader cybersecurity landscape? That's what we'll explore in detail today.- https://community.letsencrypt.org: 2024 ISRG Annual Report- https://www.malwarebytes.com: 7-zip bug could allow a bypass of a windows security feature update now- https://digital.nhs.uk: Proof-of-Concept Exploit Released for CVE-2025-0411 in 7-ZipBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This episode is one for you system admins out there! Today we're discussing three actively exploited vulnerabilities you absolutely need to know about—CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These vulnerabilities have been making headlines, and understanding them could mean the difference between staying secure and falling victim to a breach.We'll explore what these vulnerabilities are, how they're being exploited, the adversaries leveraging them, and what organizations and individuals can do to protect themselves. And, as always, we'll break down the jargon and bust a popular cybersecurity myth towards the end of the show. Before we get into the main topic, lets recap the top security news this weekMicrosoft dropped the January Patch Tuesday and boy was it a whopper! We will dig into the details in more ways than one!- https://isc.sans.edu: Microsoft January 2025 Patch Tuesday- https://www.theregister.com: Microsoft fixes under-attack privilege-escalation holes in Hyper-VBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I'm your host, Yusuf, and today's episode is all about starting the new year with a solid plan.We're diving into _Cybersecurity Resolutions for 2025: Best Practices for Individuals and Organizations._ As we step into a new year, it's the perfect time to reflect on how we protect our digital lives—whether at home or in the workplace.From bolstering personal security habits to implementing stronger organizational policies, this episode will cover actionable resolutions you can adopt today. Along the way, we'll explain key jargon, explore real-life examples, and, as always, bust a common cybersecurity myth at the end.- https://nypost.com: Apple users warned of hi-tech Mac malware that steals personal data, goes undetected for months— here's how to stay safe- https://www.youtube.com: When Do We Get to Play On Easy Mode?Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today, we're tackling a fundamental yet often misunderstood tool in every cybersecurity professional's arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short?As always, we'll cut through the jargon and break things down for everyone—from seasoned professionals to those just beginning their journey in cybersecurity. And stick around until the end for this week's myth-busting segment, where we debunk a misconception about cyber security in general that many people still believe.So grab your favorite beverage, get set, and let's dive right in!Tenable Scanner Agent went offline globallyAll that coming up next, in this week episode.- https://docs.tenable.com: Tenable Nessus Agent 2025 Release Notes- https://www.splunk.com: Vulnerability Scanners PrimerBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all. Lets start with the first eisode 191 - Is The Browser The New Operating System? released on the 28th of September. Next is episode 172 - SSL VPN versus IPsec VPN - Part 1 and part 2 released 18th of May and 25 of May respectively.And finally Episode 191 - APIs and Webhooks released on the the 5th October.Enjoy and see you in the new year!Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!It is a topical episode we're diving into a high-stakes challenge every organization faces: It is holiday season, how do you manage threats when most of the security team is off duty.Imagine a holiday season, a long weekend, or even an unexpected emergency. With key team members unavailable, how do we keep our defenses strong? This episode will provide actionable strategies, backed by real-world examples, to help you stay prepared.Stick around until the end, where we'll also bust a common cybersecurity myth.- https://www.bleepingcomputer.com: CISA Urges Switch To Signal Like-Encrypted Messaging Apps After Telecom HacksBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode, we're diving into a concerning and highly consequential topic: the Volt Typhoon espionage campaign—an advanced persistent threat that has sent shockwaves through the cybersecurity and telecommunications industries.Volt Typhoon, a state-backed APT group, has been making headlines for its stealthy and highly sophisticated attacks on telecom networks. In this episode, we'll dissect the technical details of this malware campaign, the vulnerabilities it exploited, and the regulatory loopholes that attackers took advantage of. We'll also explore lessons the industry can learn to bolster defenses and, as always, bust a common cybersecurity myth along the way.As always, we will break down all the jargon so that anyone can understand. Whatever you are doing, settle in or keep your eyes on the road, and let's get started.Before we get into the main topic, we will start with a recap of top trending security news this week...and that is:The Last Patch Tuesday- https://msrc.microsoft.com: Microsoft - December 2024 Security Updates- https://www.cisa.gov: CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity- https://www.cisco.com: China APT's, Volt Typhoon, and what to do!- https://www.fcc.gov:  Communications Assistance for Law Enforcement ActBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week episode, we dive into one of the most fascinating aspects of digital investigations: Windows forensic artifacts.It does not matter who you are: a security professional, an aspiring investigator, or simply curious about how experts uncover the digital breadcrumbs left on your computer, this episode will walk you through the essential pieces of evidence, known as _forensic artifacts_.We'll dip our hand into that Shellbags...wait what bags? I heard you say, Don't worry we will break down those complex terms, discuss real-world cases, and provide you with an in-depth understanding of artifacts like Shellbags, Prefetch files, and more. Before we go any futher, we will review one top trending security news, this week... and that is: Microsoft NTLM Zero Won't get fixed until April 2025!- https://blog.0patch.com: NTLM Hash Disclosure Vulnerability (0day) - https://www.splunk.com: Cyber Forensics- https://www.coursera.org: Digital Forensics ConceptsBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today, we're tackling a topic that every organization, big or small, absolutely must take seriously: Incident Response PlaybookImagine this: It's 3 a.m., and your phone buzzes with an alert. A possible ransomware attack has been detected in your network. Do you panic, or do you execute a clear, structured plan? That's the difference an Incident Response (IR) playbook can make—it turns chaos into control.Today, we'll break down what an IR playbook is, why it's crucial, and how to implement one effectively. We'll demystify technical jargon and provide actionable insights that you can apply right away. Stick around for the final section, where we'll bust a common cybersecurity myth that everyone should know about.Before we go ahead with the show, lets review the top trending security news this week: https://www.bleepingcomputer.com: Microsoft TPM is non-negotiablehttps://learn.microsoft.com: Windows 11 Hardware and Software RequirementsBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week, we're diving into a hot-off-the-presses report from the FBI, CISA, and NSA —a breakdown of the most exploited vulnerabilities of 2023. Think of this as the hackers' “most wanted” list: the weaknesses in software and systems that bad actors love to exploit because they're effective and widely available.Before we get into that, lets review the top security news this week.Pygmy Goat: The Sophisticated Linux Backdoor Targeting Network Devices- https://www.ncsc.gov.uk: Pygmy Goat Analysis- https://www.cisa.gov: 2023 Top Routinely Exploited VulnerabilitiesBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today, we'll dive into what browser engines are, how they power your online experiences, and the security efforts shaping the modern web. We'll also unpack extension security, with a spotlight on Google's Manifest v3, and see how Safari and Firefox approach these challenges.Whether you're a casual browser user or a budding tech enthusiast, this episode is designed to give you insight into a part of your digital life that you might not even realize exists—the browser engine.So If phrases like “browser engines” and “Manifest v3” sound daunting, don't worry! I'll break it all down so it's as simple as possible. By the end, you'll not only understand these terms but also appreciate why they're crucial for a safer internet.Before we  get started, lets review a top trending piece of news this week....and that is:iOS 18.1 Forcing Reboots- https://www.macrumors.com: iOS 18.1 Forcing Reboots- https://en.wikipedia.org: Browser_engine, what they are- https://en.wikipedia.org: Comparison OF Browser EnginesBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!It is another week and another podcast shaw on YusufOnSecurity where we deep dive into the complex world of cybersecurity that concerns both  professionals and anyone interested in how attackers continue to evolve their methods. This week we will be covering advanced malware evasion techniques—strategies used by malicious software to avoid detection—and, crucially, the countermeasures that can help protect against these threats.Before we  get started, lets review a top trending piece news this week....and that is: SANS' Holiday Hack Challenge 2024 is Up- https://www.sans.org: SANS' Holiday Hack Challenge 2024- https://redcanary.com: Defense- Evasion Why Is It So Prominent How Can You Detect It?- https://attack.mitre.org/tactics/TA0005/Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode I will unpack the complexities of the cybersecurity world and help you stay informed and secure. Today, we're going to dig into some intriguing concepts shaping the cybersecurity landscape: the Shared Fate Model and Trust Anchors. Some say these concepts are becoming so vital in modern IT security, their pros and cons, and how they compare with traditional security models that, quite frankly, aren't cutting it anymore.https://edition.cnn.com: Australia Minimum Age Limit on Social Media- https://cloud.google.com: Shared Fate Model- https://csrc.nist.gov: Trust AnchorBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Lets face it, the cyber crooks are always lurking aroud waiting for an opportunity to come in. They choose the path of least resistant and password is often their way in. Unfortunately password is still with us and for sometime to come too.In today episode, we're digging deep into top common types of password attacks—and, most importantly, I'll walk you through effective ways to stop them. Passwords are often the first line of defense, but they're also a favorite target for hackers. Understanding these attack methods can empower you to protect your data better, avoid common pitfalls, and even educate those around you. So, let's get into it!A newly discovered ransomware serves a wake up all for Mac Users.- https://xkcd.com: How To Create A Strong Password- https://haveibeenpwned.com: Have I Been Pawned- https://pages.nist.gov: Password- https://www.infosecurity-magazine.com: NIST Scraps Passwords Complexity and Mandatory Changes in New GuidelinesBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week's episode is an interview with Nadim Lahoud from Red Sift at GITEX the Global IT Expo that is held yearly in Dubai. It is the largest tech startup gathering in the world. Redsift is a company that provides a cloud-based DMARC, DKIM and SPF configuration and management platform called OnDMARC. They also provide:-Continuous certificate discovery and monitoring as well as -Brand Trust through AI-driven brand impersonation discovery and monitoring.Before we get into that we will recap the top trending security this week. That is:FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms- https://fidoalliance.org: Specifications Credential Exchange Specifications- https://redsift.com: About Red SiftBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today we're going to peel back the layers of Microsoft Windows architecture. For many of us, Windows has been a part of our computing lives for decades, whether at work or at home. But how much do we really know about how it works under the hood? In this episode, we'll take a closer look at what makes Windows tick, compare it with Unix/Linux systems, and explore how it has evolved over the years.Before we get into the topic, lets review this week's top trending security news:Criminals Are Testing Their Ransomware Campaigns in Africa- https://www.performanta.com: Africa A testing Ground- https://en.wikipedia.org: Architecture Of Windows NT- https://techcommunity.microsoft.com: Windows Architecture The Basics- https://learn.microsoft.com: Explore Windows Architecture/Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In today's episode, we're diving into the world of APIs and Webhooks—two key technologies that power much of the automation and interaction between services online. Whether you're a developer, security expert, or someone just curious about how data flows through the internet, this episode will give you valuable insights into how these tools work, their history, and, most importantly, how to keep them secure.We'll also look at real-world examples of API-based attacks on major brands and break down what went wrong. By the end of this episode, you'll have a full understanding of both APIs and Webhooks, and you'll be armed with the must-know security measures for each. So, stick around and by keep listening!Having said that, lets have a look at the top trending news this week.Mitre launches AI Incident Sharing Initiative. Awsome move!- https://owasp.org: OWASP API Security Top 10- https://ai-incidents.mitre.org: Mitre ATLASBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today we're discussing an exciting trend in the world of technology—the browser is no longer just a window to the web. So we asked is it becoming the operating system itself?From the early days of Mosaic and Netscape Navigator to today's cloud-powered Chromebooks, the browser has evolved dramatically. In this episode, we'll explore the security implication, the history of browsers, the famous browser wars, and how today's browsers are blurring the lines between web interfaces and operating systems.Having said that, lets recap a top trending security news shall we?Exploiting CUPS: How Recent Vulnerabilities Could Compromise Linux Security- https://www.evilsocket.net: Attacking On UNIX Systems Via CUPS Part I-https://en.wikipedia.org: History of The Web Browsers- https://en.wikipedia.org: Browser WarsBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this episode lets look at the world of DevSecOps—a vital practice in modern software development that has implication on security. We'll trace the history of software development, discuss the evolution of methodologies, and examine the challenges that have led to the emergence of DevSecOps. So, whether you're a seasoned developer who is curious about the cyber security world, or a veteran security practitioner, this is an episode you would not want to miss..As always, lets review what is trending in the news front first.Microsoft officially deprecates Windows Server Update Service aka WSUS.- https://techcommunity.microsoft.com: Windows Server Update Services WSUS Deprecation- https://www.cisco.com: Addressing Security Challenges in a Fast Evolving Landscape White PaperBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today's topic is one that mixes the marvel of modern technology with some very real concerns. We're talking about the rise of Large Language Models, or LLMs, how they're rapidly being adopted across industries, and the potential for sensitive data leakage on the open web. It's a thrilling time for AI technologies, but as with all new frontiers, there are risks if we're not careful.News: MSHTML platform spoofing vulnerability. And yes, It is a big one.- https://blogs.cisco.com: Securing The LLM Stack- https://msrc.microsoft.com: CVE-2024-43461- https://msrc.microsoft.com: CVE-2024-38112- https://www.trendmicro.com: CVE-2024-38112 Void-Banshee Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this episode we're diving into an important topic that concerns one of the most trusted hardware security tokens on the market—the YubiKey 5 series.We'll discuss a recently discovered vulnerability affecting YubiKeys and go over what it means for the broader world of authentication and cryptographic security. To help you fully understand the issue, I'll also provide a quick primer on key concepts like digital signatures, elliptic curves, and the cryptographic algorithm known as ECDSA. With that said, this episode is an update as well as a main topic  and all in all it will give you the tools you need to stay informed and protected.- https://www.yubico.com: Yubico Advisories- https://ninjalab.io: The research Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!Today, we will look into two essential cybersecurity solutions: File Integrity Monitoring or FIM and Endpoint Detection and Response, commonly known as EDR.Both of these technologies are crucial for protecting systems, but they work in very different ways. We'll be comparing and contrasting their capabilities, benefits, and use cases.Before we get into the main topic, lets review a top trending piece of security news:SANS Institute released a Critical Infrastructure Strategy Guide- https://www.sans.org: SANS Institute released a Critical Infrastructure Strategy Guide- https://en.wikipedia.org: File Integrity Monitoring- https://www.cisco.com: What is an EDR?Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In today episode we're diving into something that's been making waves in the cybersecurity community—NIST Cybersecurity Framework 2.0.The NIST Cybersecurity Framework has long been a cornerstone for building robust security practices, and with the release of version 2.0, there are some exciting new developments that are relevant given todays threat landscape. As always, lets review what is trending in the news front.CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet- https://www.akamai.com: Mirai Botnet Infects CCTV Used in Critical Infrastructures- https://www.nist.gov: IST Cybersecurity Framework 2.0.- https://nvlpubs.nist.gov: NIST Cybersecurity Framework 2.0.Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode we will dig in exploring a critical framework that's reshaping how organizations approach cybersecurity—especially in the energy sector—known as the Cybersecurity Capability Maturity Model. This is also refer to C2M2.We'll unpack what C2M2 is, why it's so important, and how it helps organizations assess and improve their cybersecurity practices. So, grab a coffee, sit back, and let's dive in.But wait, lets first review this week's trending news.A ransomware group launched an EDR process killer utility-https://www.theregister.com: RnsomHub EDRKilling Malware/- https://c2m2.doe.gov: Cybersecurity Capability Maturity ModelBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode, we're unpacking a topic that's crucial for anyone connected to the digital world: _Why Hackers Target Stolen Credentials_. From understanding the value behind those stolen usernames and passwords to exploring the dark web marketplaces where they're traded, we'll break it all down and look at what this means for your security. Before we get into the topic, lets review this week's top trending security news:A UK IT provide faces hefty fines for ransomware breach- https://ico.org.uk: Provisional decision to impose £6m fine on software provider following 2022 ransomware attack that disrupted NHS and social care services- https://en.wikipedia.org: Credential StuffingBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode, we're diving into the Malware Information Sharing Platform, or MISP. We'll explore how MISP helps organizations share and leverage threat intelligence, enhancing their defense against cyber threats. Stay tuned as we unpack its features, benefits, challenges, and practical tips for implementation. Before we get into the main topic, lets touch a top trending piece of news this week. And that is:Ransomware is on the rise, while technology becomes most targeted section- https://blog.talosintelligence.com: IR Trends: Ransomware on the rise, while technology becomes most targeted sector- https://www.misp-project.org: MISP Project- https://www.misp-project.org: Documentation- https://github.com: MISP GitHubBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!In this week's episode, we will dig into the risk benefit analysis of allowing kernel level access to third party application. We will look into the inherent risks this brings into the operating system and the benefit thereof.We will also compare the approach the two major operatic system makers took i.e. Microsoft and Apple. We will include snippet of what Microsoft says post CrowStrike outage.- https://www.microsoft.com: Windows Security Best Practices For Integrating And Managing Security Tools- https://support.apple.com: System And Kernel Extensions In MacOS- https://www.theverge.com: Microsoft Windows Changes Crowdstrike Kernel Driver - https://learn.microsoft.com: Support Policy Third Party Kernel Level AttestationBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!This week's episode needs very little introduction: The CrowdStrike IT Outage.We will delve into the unprecedented IT outage caused by a corrupt update from CrowdStrike, which led to widespread Blue Screen of Death (BSOD) errors on Windows systems across globe. Join us as we explore how this incident became the largest IT outage in history and what lessons can be learned from it.- https://www.crowdstrike.com: Falcon Update For Windows Hosts Technical Details- https://www.crowdstrike.com: Falcon Content Update Remediation And Guidance HubBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!As I said in part of this two part series episode, It's easy to feel like nothing is secure these days, with constant reports of data breaches and exploits occurring everywhere you look. From major corporations to small businesses, no one seems immune to these pervasive cyber threats. The frequency and scale of these incidents can make it seem like our digital world is under continuous siege. In today's episode, we will be diving into the reasons behind the surge in data breaches and exploits, and how these incidents are becoming more frequent and damaging. Join us as we explore the fundamental factors contributing to this trend and  examine some major breaches from the past few years. Please listen to part 1, beforehand. Lets now turn to our top trending news this week and that is:There is a critical Exim Mail Server Vulnerability- https://informationisbeautiful.net/visualizations: Worlds Biggest Data Breaches Hacks- https://bugs.exim.org: Incorrect parsing of multiline rfc2231 header filename- https://nvd.nist.gov: CVE-2024-39929Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

We love to hear from you!It's easy to feel like nothing is secure these days, with constant reports of data breaches and exploits occurring everywhere you look. From major corporations to small businesses, no one seems immune to these pervasive cyber threats. The frequency and scale of these incidents can make it seem like our digital world is under continuous siege. In today's episode, we will be diving into the reasons behind the surge in data breaches and exploits, and how these incidents are becoming more frequent and damaging. Join us as we explore the fundamental factors contributing to this trend and exaHaving said that, lets turn to a couple of top trending news this week and they areWho are behind the Brain Cipher ransomware?- https://media.inti.asia: Understanding the Brain Cipher Ransomware Attack- https://informationisbeautiful.net/visualizations: Worlds Biggest Data Breaches HacksBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

We love to hear from you!In this episode, we're focusing on the rising trend of IT outsourcing and its implications for cybersecurity. As more businesses delegate non-core tasks to third-party providers, they inadvertently open doors to trust relationship attacks. We'll explore how attackers exploit the trust between companies and their service providers, leading to potentially devastating breaches. Join us as we delve into the mechanisms, real-world examples, and strategies to defend against these insidious threats.And before we get into the meant of the matter, lets catch up on what has been trending this week:A large number of companies are potentially exposed in SnowFlake's related attacks.- https://cyberscoop.com: Snowflake related attacks- https://attack.mitre.org/techniques: Trust RelationshipBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

We love to hear from you!This week's episode will continue with part 2 of  "The Importance of Automation and Orchestration in Cyber Security." As I said in the episode one, the need for efficient and effective security measures has never been more critical.I suggest you listen to E1, before you dive into this one.Without further ado, lets first get what is  trending  this week in term of news and updates.Hundreds of personal computer as well as Server Models could be Affected by a serious UEFI Vulnerability- https://eclypsium.com: UEFICanHazBufferOverflow Widespread Impact From Vulnerability In Popular PC And Server Firmware- https://eclypsium.com: How Eclypsium Automates Binary Analysis At Scale- https://en.wikipedia.org: Orchestration (computing)Be sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.