Podcasts about PowerShell

LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Are some of your team members starting to hate PowerShell? Richard talks to Barbara Forbes about her experiences with teams frustrated by PowerShell. Barbara talks about overcomplicating PowerShell scripts—the kind the most senior folks can create but no one else can maintain. Eventually, nobody will want to touch those scripts. Then there is the question of business value—does everything need to be automated? And by how much? Often, the appropriate solution solves 80% of the cases; the other 20% are best done by hand because the cost and complexity of the last 20% are too high. Focus on the return on investment for the business, and you'll keep the love of PowerShell alive! LinksPowerShellPester TestingGitHub CopilotBicepRecorded February 24, 2025

In this episode of the PowerShell Podcast, we bring you a special edition live from the PowerShell + DevOps Global Summit 2025 — the Summit Sessions! This episode is packed with energy, community stories, and career inspiration as Andrew Pla chats with community leaders, organizers, and first-time contributors about what makes this event and the PowerShell community so special. Guests in this episode include: Missy Januszko – Longtime content director of the Summit reflects on her years of shaping the conference, what makes a great CFP (Call for Papers), and her decision to pass the torch to the next generation of leaders. Leslie Brendible– Steps up in a big way to help lead this year's Summit, sharing her background in event planning, her love for connecting people, and her thoughts on community and representation. Haley Phillips – PowerShell MVP and champion of soft skills, vulnerability, and personal development in tech. Haley dives into mentorship, therapy, imposter syndrome, and how modeling behavior can shape the culture of teams and communities. The PowerShell Podcast on YouTube: https://youtu.be/87axet9zvyQ The PowerShell Podcast: https://pdq.com/the-powershell-podcast  

In this casual bar-session chat recorded at the PowerShell + DevOps Global Summit 2025, host Andrew Pla sits down with David R, a first-time attendee with a passion for learning PowerShell. David shares how the PowerShell Podcast itself inspired him to attend and helped shape his scripting journey. What began as a work assignment turned into a powerful learning path, community connection, and a personal transformation.

In this episode of the PowerShell Summit 2025 Bar Sessions, Frank Lesniak makes a triumphant return to the podcast. Frank has taken the reigns In this two-sided interview, Frank flips the script and interviews Andrew, but only after we talk about how his week is going, fine dining, how to grow in your career and capitalize on opportunity, the value of empowering others, and more!   Links: The PowerShell Podcast: https://pdq.com/the-powershell-podcast  The PowerShell Podcast on YouTube: https://youtu.be/HoYKzgiJxkk  

In this episode of the PowerShell Summit Bar Sessions we talk with Steven Judd. We talk about Summit, Sean Kearney Spirit award, community, career, and more! Steven Judd is a 25+ year IT Pro Links: Get more updates from Summit from LinkedIn: https://www.linkedin.com/in/andrewplatech/ https://blog.stevenjudd.com/My-Content-List/ https://www.linkedin.com/in/stevenjudd/ https://www.powershellsummit.org/ https://mvp.stevenjudd.com https://mydemoswork.com https://store.stevenjudd.com  all proceeds go towards buying more swag to give away (he has a lot, trust me) PowerShell Podcast on YouTube: https://youtu.be/6WTIsOnT5PU The PowerShell Podcast: https://pdq.com/the-powershell-podcast   

In this episode of the PowerShell Podcast, we're joined by the legendary Jeff Hicks, PowerShell educator, author, speaker, and community pillar. With decades of experience shaping the PowerShell landscape, Jeff returns to the podcast to share insights from his latest projects, discuss the evolution of the community, and offer wisdom for both new and experienced PowerShell users. From PowerShell Summit to writing foundational books and building up new contributors, Jeff continues to play a critical role in shaping the PowerShell ecosystem.   Key topics in this episode include: The human side of scripting – Writing PowerShell that is usable, flexible, and considerate of others' needs. Behind the PowerShell Pipeline – Jeff's new LeanPub book exploring deeper PowerShell principles. Fundamental PowerShell commands – Get-Help, Get-Command, Get-Member, and why every PowerShell user should master them. How to troubleshoot PowerShell like a pro – Why starting simple, verbose logging, and clear design make all the difference. Reflections on PowerShell Summit – The importance of community, hallway conversations, and building the next wave of contributors. Teaching as a path to mastery – Why giving back through mentorship, writing, and speaking strengthens both your skills and the community. Jeff also shares his advice for nervous first-time speakers and attendees, and why being kind is one of the most impactful things you can do - both in and outside of tech.   Bio and Links:  Jeffery Hicks is an IT Pro veteran with 35 years of experience, much of it spent as an IT infrastructure professional specializing in Microsoft server technologies with an emphasis on automation and efficiency. He has been a Microsoft MVP since 2007 for his work in PowerShell.   Jeff is a respected and well-known author, teacher, and consultant. He has taught or presented PowerShell content and the benefits of automation to IT Pros worldwide since its inception. He has authored, co-authored, and edited several books, contributed to numerous online sites, and, back when it was still a thing, several print publications. Jeff is a Pluralsight author and a frequent speaker at technology conferences and user groups.  Check out all of Jeff's links and follow him here: https://jdhitsolutions.github.io/  Check out his book Behind the PowerShell Pipeline on LeanPub: https://leanpub.com/behind-the-pspipeline  Join PowerShell Wednesdays at 2 PM EST on discord.gg/pdq  Connect with Andrew on LinkedIn and share your PowerShell story: https://www.linkedin.com/in/andrewplatech/  The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/cdtxSI8Tq3E

What can GitHub Copilot do for SysAdmins in 2025? Richard talks to Jessica Deen from GitHub about her experiences using Copilot for her work. Jessica talks about Copilot being the first stop for most tasks - describing the task to Copilot helps you think through the problem, and often the tool can generate code or information to get that task done fast. Today's GitHub Copilot can handle everything from explaining existing code to writing something new, debugging a problem, or even writing documentation!LinksGitHub CopilotChanging the AI Model for Copilot ChatVisual Studio Code InsidersAzure ExtensionsGitHub SparkLaunch DarklyRecorded March 13, 2025

In this episode of the PowerShell Podcast, we reconnect with Jess Pomfret, a PowerShell and SQL Server powerhouse, LinkedIn Learning instructor, and community advocate. From her early days in England to becoming a respected speaker and consultant, Jess shares her journey into tech, her passion for automation, and the importance of mentorship, curiosity, and community. Key topics in this episode include: Jess's transition from footballer to DBA – How a soccer scholarship led her to a tech career in the U.S. The power of PowerShell and DBA Tools – How Jess leverages PowerShell to automate SQL Server tasks and save time. Finding a community in SQL and PowerShell – Jess reflects on how welcoming both communities are and the impact they've had on her career. Career growth through speaking and mentoring – Encouraging others to speak, contribute, and grow through conferences and collaboration. Working with Data Masterminds – The benefits of working in a high-level consulting team and tips for managing multiple clients and context switching. LinkedIn Learning and teaching at scale – Behind the scenes of her professional training content and what it's like filming for LinkedIn Learning. Jess also shares her favorite DBA Tools command, productivity tips for conferences, and the story behind her podcast Finding Data Friends, which highlights voices in the data world.   Bio and links: Jess Pomfret is a Data Platform Engineer and a Dual Microsoft MVP. She started working with SQL Server in 2011, and enjoys the problem-solving aspects of automating processes with PowerShell. She also enjoys contributing to dbatools and dbachecks, two open source PowerShell modules that aid DBAs with automating the management of SQL Server instances. She has also contributed to the SqlServerDsc module, adding several new resources to use when configuring your SQL Servers. She grew up in the South West of England and outside of her DBA life enjoys Crossfit, cycling and watching proper football.  Connect with Jess on LinkedIn: https://www.linkedin.com/in/jpomfret and Bluesky: https://bsky.app/profile/jpomfret.co.uk Watch Finding Data Friends on YouTube: https://www.youtube.com/@findingdatafriends/videos Check out her LinkedIn Learning courses: https://www.linkedin.com/learning/instructors/jess-pomfret Explore DBA Tools at dbatools.io Join PowerShell Wednesdays at 2 PM EST on https://discord.gg/pdq The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/L4zABO526bM

Welcome to Episode 398 of the Microsoft Cloud IT Pro Podcast. In this episode Ben meets up with Harm Veenstra at the annual Microsoft MVP Summit. They chat a bit about Harm experience as an MVP and his path to becoming an MVP. Then the move into a few technologies near and dear to Harm, PowerShell and Microsoft Intune. They start off talking about some of the ways Harm uses PowerShell and some of his favorite scripts. They talk about how he uses PowerShell with Intune, in particular using it with remediation scripts. Harm Veenstra Harm started working at 18, from a ServiceDesk employee to a workspace and system engineer at a large insurance firm in the Netherlands. 1996, those were the days! After working there for almost 11 years, Harm had different system engineer jobs and learned much about Citrix, Cisco, VMWare, storage, and Microsoft. Currently, He's employed at NEXXT (https://www.nexxt.one) as a Consultant, mainly in Endpoint Management, but He does anything Microsoft

How do you write better PowerShell? Richard talks to Jeff Hicks about his latest book, Behind the PowerShell Pipeline, and his efforts to promote writing PowerShell scripts that are easy to understand, use, and maintain! Jeff talks about how making a script work is not enough anymore - you can use GitHub Copilot. The goal is to make the output as usable as possible, whether that is consistent output that is pipe-able or using color coding and column controls to make the results as actionable as possible. This is especially true as your team grows and more than one person works on scripts. Now, you'll want testing and source control, too!LinksPowerShell 7.5Behind the PowerShell PipelineGitHub CopilotPesterPowerShell SummitRecorded February 20, 2025

In this episode of the PowerShell Podcast, we welcome Kevin of KevTech IT Support, a well-known mentor and educator in the IT community. With a background in fast food and law enforcement, Kevin shares his inspiring journey into IT and how he leveraged mentorship, home labs, and community engagement to build a thriving career. We dive into help desk fundamentals, breaking into IT, career development, and Kevin helps give you a map to career success.Key topics in this episode include: Kevin's journey from fast food and law enforcement to IT – How he transitioned careers and found success. The power of mentorship and community support – Why helping others accelerates your own growth. How to break into IT without a traditional background – The role of home labs, self-study, and networking. Building an IT career with practical skills – Why Active Directory, Office 365, and PowerShell are crucial. The importance of communication and customer service in IT – Why soft skills can be just as valuable as technical knowledge. How to stand out in job interviews and secure promotions – The value of documenting progress and advocating for yourself. Kevin also shares insights into KevTech Academy, his mentorship program, and why building a personal brand through blogging and LinkedIn can help IT professionals land jobs faster.   Bio and Links: Kevin Apolinario is an IT career coach and trainer dedicated to helping others break into tech. With experience in MSPs, Apple, education, hedge funds, and 12 years in the restaurant industry, he provides hands-on IT training through Jobskillshare and has trained students globally with Techskills Institute. He speaks at conferences and also runs a YouTube channel with nearly 100,000 subscribers, offering practical guidance on IT careers and technical skills. Follow Kevin on YouTube, Twitter, and Instagram (@KevTechITSupport) Check out KevTech Academy at https://kevtechitsupport.com Join PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord http://discord.gg/pdq The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/RrNyh6EuD_Q

In this episode of the PowerShell Podcast, we welcome Cody Paternostro, a rising star in PowerShell automation, to discuss his unique journey into IT, the power of persistence in learning, and his work on RemotePro, a sophisticated PowerShell-based security camera management tool. Cody shares how he transitioned from food delivery to IT, leveraged PowerShell to streamline operations in physical security, and how asking the right questions helped accelerate his growth. Key topics in this episode include: Cody's unconventional entry into IT – How he discovered PowerShell in a networking and cybersecurity program. The impact of mentorship and community engagement – Learning from the PowerShell community and working with Joshua Hendricks. Building PowerShell tools for security – Using PowerShell to manage security cameras and automate surveillance tasks. From mega scripts to modules – Cody's journey in transitioning from large scripts to structured, reusable PowerShell modules. The importance of troubleshooting and continuous learning – How to push through roadblocks, improve problem-solving skills, and refine PowerShell development practices. Leveraging PowerShell GUI development – The role of runspaces, PSWriteHTML, and WPF in building efficient and user-friendly interfaces. Cody also shares insights on overcoming imposter syndrome, the power of community, and why documenting and sharing knowledge can accelerate career growth. Join the conversation:   Bio and Links: Cody Paternostro enjoys learning about Cybersecurity and PowerShell automation. · Experience: Digital Surveillance Solutions, Inc. · Education: Finger Lakes Community College · Location: Buffalo · 323 connections on LinkedIn. View Cody Paternostro's profile on LinkedIn, a professional community of 1 billion members. Connect with Cody on LinkedIn: https://www.linkedin.com/in/codypaternostro Explore RemotePro on GitHub https://remotepro.dev Join PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord (discord.gg/pdq) The PowerShell Podcast Hub: https://pdq.com/the-powershell-podcast The Powershell Podcast on YouTube: https://youtu.be/bDjG6hSUIms

Streamline daily admin tasks with AI-powered insights, natural language queries, and automation using Microsoft 365 Admin Copilot. Quickly recap key updates, monitor service health, and track important changes—all in one place. No more digging through multiple pages—just ask Copilot for the answers you need, grounded in real-time data from your tenant. From finding users and managing licenses to generating visual insights and automating tasks with PowerShell, use Copilot to simplify complex admin workflows and save valuable time. For Copilot in the admin center to light up, all you need is one active Microsoft 365 Copilot license for any user in your tenant and from the Microsoft 365 admin center, you can get started right away. Jeremy Chapman, Director of Microsoft 365, demonstrates how to leverage Copilot for proactive guidance, whether in the Microsoft 365 admin center or directly within Copilot Chat. ► QUICK LINKS: 00:00 - Copilot in Microsoft 365 00:42 - Use Copilot for change management 02:13 - Stay ahead of upcoming changes 03:31 - User and licensing queries 04:21 - Generate Visual Insights for Licensing and Usage 04:50 - Author PowerShell scripts for bulk operations 06:07 - Copilot Chat using Microsoft 365 Admin agent 07:37 - Copilot admin coming soon 07:51- Wrap up ► Link References For more information, check out https://aka.ms/CopilotinMAC Start using Microsoft 365 Copilot in the Microsoft 365 admin center at https://admin.microsoft.com ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

In this episode of the PowerShell Podcast, we sit down with Steven Wight, known online as PowerShell Young Team, to discuss his journey in PowerShell, automation, and the impact of the PowerShell community. Steven shares how PowerShell transformed his workflow, his approach to solving IT problems, and how he went from lurking in the background to actively contributing and engaging with the community. Key topics in this episode include: How PowerShell changed Steven's IT career – From his early days avoiding manual tasks to building automation solutions. The importance of documentation, blogging, and sharing scripts – How keeping track of work helped in job interviews and personal growth. Creating PowerShell tools with flexibility – Designing functions, using pipelines, and building user-friendly GUIs. Community engagement and learning from others – How PowerShell Discord, blogs, and social media have helped shape his expertise. PowerShell profiles, productivity, and efficiency – Leveraging PSReadLine, profiles, and workflow enhancements to get more done. Steven also shares advice for those just starting with PowerShell, emphasizing the value of small wins, continuous learning, and participating in the community to accelerate skill growth.   Bio and Links:   Steven Wight is an active PowerShell community member, blogger, and the mind behind PowerShell Young Team. With a diverse IT background spanning desktop & application support, system administration, development, OS migrations, and equipment refreshes, Steven thrives on problem-solving and automation. His passion for PowerShell, monitoring, and scripting fuels his mission to "automate himself to a quiet life." Follow Stephen on BlueSky at @poshyoungteam.bsky.social Read his blog at https://powershellyoungteam.github.io/ Connect with Steven on LinkedIn: https://www.linkedin.com/in/steven-wight-79aa0525/ Join PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord (discord.gg/pdq) for live discussions and demos. The PowerShell Podcast on YouTube: https://youtu.be/klsOxHtG3KE The PowerShell Podcast: https://pdq.com/the-powershell-podcast

Welcome to Exploit Brokers with your host Cipherceval! In this deep dive, we uncover a sophisticated cyber assault where hackers exploited Microsoft SharePoint to launch the Havoc C2 via a stealthy click fix attack. Learn how a single click can trigger malicious PowerShell commands, turning everyday corporate tools into gateways for cybercrime. In this episode, we explore: • How click fix attacks trick users into executing harmful commands • The role of social engineering in modern cyber warfare • The rising threat of ransomware targeting Middle Eastern banks and financial institutions • The importance of patching, penetration testing, and proactive cybersecurity measures Whether you're a cybersecurity expert or just curious about digital threats, this breakdown provides essential insights into how cybercriminals are reshaping the rules of digital warfare. Stay informed and protect yourself from these evolving dangers. Don't forget to like, subscribe, and hit the bell icon for more updates on cybersecurity trends! #CyberSecurity #HavocC2 #ClickFix #SharePointHack #Ransomware #DigitalWarfare #CyberAttack #Malware #SocialEngineering #ExploitBrokers

In this episode of the PowerShell Podcast, we sit down with Michael Haag, Principal Threat Researcher at Splunk, to dive into PowerShell security, threat detection, and automation. Michael shares his journey from IT support to becoming a security expert, the role of PowerShell in modern cybersecurity, and his work on PowerShell Hunter and Atomic Red Team. Key topics in this episode include: Michael's journey into security – From IT support to system administration and eventually security research. Incident response and PowerShell – How PowerShell is used to detect and mitigate threats. PowerShell Hunter – A powerful tool for hunting threats and automating security tasks. Atomic Red Team and Atomic Test Harnesses – How these tools help defenders simulate and detect attacks. The importance of automation in security – How PowerShell can help security teams manage large-scale environments efficiently. Advice for getting into security and automation – Why contributing to open-source and getting involved in the community is key. Michael also shares his thoughts on the evolving security landscape, how defenders can stay ahead of attackers, and practical steps for IT professionals looking to pivot into cybersecurity. Bio and Links: Michael Haag is Principal Threat Research Enginer at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling. Follow Michael on Twitter (@M_Haggis) and GitHub (@MHaggis) Check out PowerShell Hunter on GitHub https://github.com/MHaggis/PowerShell-Hunter/ Learn more about Atomic Red Team https://www.atomicredteam.io/ Watch Atomics on a Friday, Michael's security research show on YouTube https://www.youtube.com/@atomicsonafriday Join PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord (discord.gg/pdq) The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/F2TbwUS-eRI

At ThreatLocker's Zero Trust World 2025 in Orlando, Kieran Human, Special Projects Engineer at ThreatLocker, showcased the practical dangers of everyday cybersecurity threats through engaging, hands-on labs. Attendees, ranging from CISOs to IT technicians, were offered the chance to experience real-world hacking scenarios using devices like the infamous “rubber ducky.”The Rubber Ducky ExperienceThe rubber ducky, which resembles a standard USB drive, acts as a keyboard when plugged into a computer, executing automated scripts. Human demonstrated how this device could disable Windows Defender, exfiltrate data, and execute scripts—highlighting how accessible hacking tools have become. Attendees left with both new knowledge and their own rubber ducky, reinforcing the event's educational impact.From Learning to DefenseThe lab sessions underscored the importance of understanding threats to effectively defend against them. Human emphasized that cybersecurity isn't just for seasoned professionals; even attendees with minimal experience learned how to execute data exfiltration and bypass security protocols within an hour. This revelation stressed the necessity of robust security measures, even for general IT professionals who may not specialize in cybersecurity.Mitigating Threats with ThreatLockerThreatLocker's solutions, including features like ring-fencing PowerShell and applying layered protections, were showcased as effective countermeasures. Human explained how ThreatLocker's tools could prevent malicious scripts from accessing the internet or sensitive folders, offering a tangible defense against the types of attacks demonstrated in the labs.Looking AheadLooking toward next year, Human hinted at more advanced demonstrations, potentially including ransomware scenarios. This forward-thinking approach aligns with ThreatLocker's commitment to preparing IT and security professionals for the evolving challenges they face.Why This MattersThe episode captures how ThreatLocker is not just educating but empowering IT and security professionals. By providing a controlled environment to experience cyberattacks firsthand, the event bridged the gap between theory and practice. Listen to the full episode for insights into how these experiences translate into actionable strategies for building stronger, more resilient cybersecurity defenses.Guest: Kieran Human, Special Projects Engineer at ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this episode of the PowerShell Podcast, we sit down with Morten Kristensen, an automation specialist and PowerShell enthusiast, to discuss his journey with PowerShell, his experience working with the Microsoft Graph API, and his recent leap into public speaking. Morten shares insights from his first-ever technical talk, the challenges of working with Graph API, and how he's navigating his professional growth. Key topics in this episode include: Getting started with MS Graph API – Overcoming common challenges, including authentication, filtering, and throttling. Batching API requests – How to optimize Graph API calls for efficiency and performance. Taking the leap into public speaking – Morten shares his experience preparing for and delivering his first-ever talk at PowerShell Wednesdays. The power of community engagement – How being part of the PowerShell community has accelerated learning and career growth. Starting a PowerShell blog – Why Morten launched his blog and how he plans to share more insights and technical knowledge. Morten also shares his career perspective, how he got into automation, and why he believes that solving problems and sharing knowledge is key to professional growth.   Bio: An automation specialist with a passion for scripting and homelabbing, Morten Mynster specializes in PowerShell, Python, and Terraform to streamline processes, manage systems, and optimize cloud infrastructure. With a strong focus on automation tools and best practices, Morten shares insights and experiences through blogging, helping others navigate the world of scripting and infrastructure as code.   Links:  Read Morten's blog at mynster9361.github.io Connect with Morten on LinkedIn and Discord Check out PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord (discord.gg/pdq) for live discussions and demos. The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/74fjqGtYW0Q  

In this episode of the PowerShell Podcast, we welcome Greg Martin, a longtime developer and PowerShell enthusiast, who has taken PowerShell beyond system administration and into the realm of game development. Greg shares his journey of building Eldoria, a terminal adventure game written entirely in PowerShell, and how his experience across multiple programming languages influenced his approach. Key topics in this episode include: Building a game in PowerShell – How Greg used PowerShell to create a rich text-based adventure. The power of terminal-based gaming – A brief look into ANSI escape sequences, JSON asset management, and the REPL loop. Greg's programming journey – From C and C++ to PowerShell, game development, and enterprise automation. Lessons in curiosity and career growth – How following your interests can lead to unexpected and rewarding opportunities. Greg also discusses the challenges of structuring a large-scale PowerShell project, how PowerShell's object-oriented features made development easier, and how anyone can start exploring creative projects with PowerShell.Join the conversation:   Bio and links: Gregory Martin is a Senior Linux Engineer, formerly an industrial network designer, IT manager, sysadmin, and may have given a lecture or two at tech conferences. He's an avid programmer with over 20 years of experience, ranging from Windows/Linux Desktop, Web, Android/iOS, Industrial IoT, Linux CLI, and Automation Orchestration. In his spare time, he writes computer games and dabbles with AI technologies. He writes at his blog (themartinmethod.com). Check out Eldoria on Greg's GitHub and explore the game in your own terminal. Read Greg's blog at TheMartinMethod.com for updates on Eldoria and other projects. Join PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord community (discord.gg/pdq) for live discussions. https://github.com/gregoryfmartin/Eldoria https://github.com/gregoryfmartin/Burnt-Latte https://www.linkedin.com/in/andrewplatech/ The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/0kBrtPsD2EE  

Nati Tal, Head of Guardio Labs, discusses their work on "“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising." Guardio has uncovered a large-scale malvertising campaign dubbed “DeceptionAds,” which tricks users into running a malicious PowerShell command under the guise of proving they're human. This fake CAPTCHA scheme delivers Lumma info-stealer malware while bypassing security measures like Google's Safe Browsing. Even after disclosure and takedown efforts, the campaign resurfaced—raising concerns about the effectiveness of existing defenses against ad-driven cyber threats. The research can be found here: “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices

Nati Tal, Head of Guardio Labs, discussing their work on "“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising." Guardio has uncovered a large-scale malvertising campaign dubbed “DeceptionAds,” which tricks users into running a malicious PowerShell command under the guise of proving they're human. This fake CAPTCHA scheme delivers Lumma info-stealer malware while bypassing security measures like Google's Safe Browsing. Even after disclosure and takedown efforts, the campaign resurfaced—raising concerns about the effectiveness of existing defenses against ad-driven cyber threats. The research can be found here: “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices

An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow. https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676 North Korean state actor tricking admins into executing PowerShell North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts. https://x.com/MsftSecIntel/status/1889407814604296490 Wazuh Vulnerability A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh PAM PKCS11 Vulnerablity Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13 Ivanti Patches Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

In this episode of the PowerShell Podcast, we welcome back security-focused PowerShell expert Jake Hildreth for an insightful conversation about PowerShell, security tools, and his continued journey in the PowerShell community. Jake shares updates on Locksmith v2, his work with PowerPUG, and his experience learning new PowerShell techniques to refine and improve his tools. Bio: I'm a husband, a dad, and a recovering sysadmin. I've worked in technology since the year 2000, when I got my first tech job as Tier 1 support for cable modem companies. After that, I transitioned into systems & network administration, always with a security focus. In the last three years, I pivoted into security, focusing on Active Directory. When I'm not working, I enjoy cooking, drinking whiskey, lifting weights, traveling, reading... and writing code. Coding is like creating and solving little puzzles for yourself! So soothing. Key topics in this episode include: The evolution of Locksmith and the road to v2, including improvements in automation, PowerShell best practices, and making security more accessible. PowerPug and the protected users group, a tool that helps sysadmins secure their environments by eliminating outdated authentication vulnerabilities. Learning Crescendo, explore how Jake wrapped certutil.exe. Improving PowerShell workflows, including scripting automation, optimizing profiles, and using community resources for best practices. The importance of documentation, automation, and making security easier for sysadmins. Jake also shares insights from his time working with the PowerShell community, including PowerShell Wednesdays, learning from peers, and the power of building in public. Join the conversation: Follow Jake at JakeHildreth.com for links to all his projects and socials. Catch PowerShell Wednesdays every Wednesday at 2 PM EST in the PDQ Discord community (discord.gg/pdq) for live discussions and demos. Links: The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/A6ycrxQRIns  

Mark Manglicmot, SVP of Security Services from Arctic Wolf, is sharing their research on "Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software." Arctic Wolf Labs discovered an ongoing exploitation campaign targeting Cleo Managed File Transfer (MFT) products, beginning on December 7, 2024. Threat actors used a malicious PowerShell stager to deploy a Java-based backdoor, dubbed Cleopatra, which features in-memory file storage and cross-platform compatibility across Windows and Linux. Despite Cleo's previous patch for CVE-2024-50623, attackers appear to have leveraged an alternative access method, exploiting the software's autorun feature to execute payloads and establish persistent access. The research can be found here: Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software Learn more about your ad choices. Visit megaphone.fm/adchoices

Mark Manglicmot, SVP of Security Services from Arctic Wolf, is sharing their research on "Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software." Arctic Wolf Labs discovered an ongoing exploitation campaign targeting Cleo Managed File Transfer (MFT) products, beginning on December 7, 2024. Threat actors used a malicious PowerShell stager to deploy a Java-based backdoor, dubbed Cleopatra, which features in-memory file storage and cross-platform compatibility across Windows and Linux. Despite Cleo's previous patch for CVE-2024-50623, attackers appear to have leveraged an alternative access method, exploiting the software's autorun feature to execute payloads and establish persistent access. The research can be found here: Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of the PowerShell Podcast, we sit down with Mark Go, a PowerShell enthusiast and innovator, to discuss his exciting journey from the Navy to becoming a tech-savvy system administrator. Mark shares his experiences using PowerShell to make his work life better. Key topics in this episode include: Mark's journey from a Navy corpsman to a PowerShell expert, including his first breakthrough script for managing IoT medical devices. Using PowerShell to explore and tinker with IoT devices, Raspberry Pi projects, and microcontrollers. The power of community connections, networking, and starting a PowerShell user group. Lessons learned from Lean Six Sigma and how continuous process improvement ties into PowerShell. Favorite PowerShell modules, including PSReadLine, PSDiscoveryProtocol, and KBUpdate, and how they make daily tasks more efficient. Bio and Links: Mark Go is a PowerShell enthusiast, IT professional, and former Navy corpsman with a passion for automation and innovation.  Discover more tools and resources at PowerShell Wednesdays, hosted weekly at 2 PM EST in the PDQ Discord community: discord.gg/pdq https://www.linkedin.com/in/mark-go-0439791b7/ https://www.linkedin.com/in/andrewplatech/ https://github.com/lahell/PSDiscoveryProtocol  The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/85L3OApF3a8

Senthuran Sivananthan comes on the show to talk about the Well-Architected Framework (WAF) and Well Architected Resiliency Review (WARA).   Media file: https://azpodcast.blob.core.windows.net/episodes/Episode512.mp3 YouTube: https://youtu.be/xTxG7X9RoWQ   Resources: Azure Pricing Calculator Azure Architecture Review Web Application Firewall Other Updates: Retirement of Azure Automation's Powershell runbooks using AzureRM modules TLS1.0/1.1 retirement for Azure Automation Customer Managed Unplanned Failover for ADLS and Storage+SFTP

From PowerShell to a Python Obfuscation Race! This information stealer not only emulates a PDF document convincingly, but also includes its own Python environment for Windows https://isc.sans.edu/diary/From%20PowerShell%20to%20a%20Python%20Obfuscation%20Race!/31634 Alleged Active Exploit Sale of CVE-2024-55591 on Fortinet Devices An exploit for this week's Fortinet vulnerability is for sale on russian forums. Fortinet also requires patching of devices without cloud license within seven days of patch release https://x.com/MonThreat/status/1884577840185643345 https://community.fortinet.com/t5/Support-Forum/Firmware-upgrade-policy/td-p/373376 The Tainted Voyage: Uncovering Voyager's Vulnerabilities Sonarcube identified vulnerabilities in the popular PHP package Voyager. One of them allows arbitrary file uploads. https://www.sonarsource.com/blog/the-tainted-voyage-uncovering-voyagers-vulnerabilities/ Hackers exploit critical unpatched flaw in Zyxel CPE devices A currently unpatches vulnerablity in Zyxel devices is actively exploited. https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/ VMSA-2025-0002: VMware Avi Load Balancer addresses an unauthenticated blind SQL Injection vulnerability (CVE-2025-22217) VMWare released a patch for the AVI Load Balancer addressing an unauthenticated blink SQL injection vulnerability. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346

In this episode of the #PowerShell Podcast, we continue our deep dive with Fred Weinmann, a Microsoftie and PowerShell legend, as he shares more insights and tools that redefine productivity for PowerShell enthusiasts. Picking up where we left off in the last episode, Fred takes us through his journey of mastering PowerShell, collaborating with the community, and optimizing workflows with powerful custom modules. Key topics in this episode include: Fred's Learning Journey: The value of collaboration in projects like dbatools and the evolution of his development practices. PowerShell Package Management Simplified: Exploring Fred's toolkit for unifying and streamlining PowerShellGet and PSResourceGet, including tools for offline environments and multi-machine deployments. The Importance of Workflow Optimization: Fred shares his philosophy on making the console your home and configuring it to eliminate unnecessary pain points. Fred's Advanced Tools: Fred takes us step-by-step through his projects Fred also emphasizes the importance of adopting best practices, learning from community contributions, and continuously optimizing your tools to make PowerShell work for you. Join PowerShell Wednesdays at 2 PM EST for community discussions and learning. Bio: Fred Weinmann is a seasoned Cloud Solution Architect at Microsoft and a renowned PowerShell expert with years of experience designing and implementing scalable solutions. A prolific creator, Fred has developed key tools like PSFramework, PSModuleDevelopment, PSUtil, and PSFramework.Nuget, which empowers developers and IT professionals to optimize their workflows. Passionate about technology and problem-solving, Fred's innovative approach to PowerShell module development and his commitment to community-driven open-source projects have made him a respected figure in the PowerShell community. Resource links: https://github.com/FriedrichWeinmann https://discord.gg/pdq https://aka.ms/psdiscord PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ The PowerShell Podcast: https://pdq.com/the-powershell-podcast  The PowerShell Podcast on YouTube: https://youtu.be/IcRVwrNNY2g    

Are the dense jungles of Windows Server leaving you lost? Are Active Directory tangles, Entra ID integrations, or legacy issues keeping your IT nights sleepless? Well, grab your machete (or PowerShell) and join us on an expedition into the depths of Microsoft ecosystems in this week's episode of Data Center Therapy!In this thrilling adventure, your trusted guides, Matt “Server Sherpa” Yette and Matt “Patch Paladin” Cozzolino, are joined once again by IVOXY's own Microsoft guru, Dade “Forest Ranger” Wilson. Together, they brave the wilds of Windows Server and Active Directory to uncover the secrets, pitfalls, and solutions waiting within.What treasures (and traps) await you in this episode?Windows Server Assessment: Dade spills the beans on what his assessment covers, from identifying lurking performance issues to spotting security vulnerabilities in forgotten corners of your environment.Active Directory & Entra ID: How do these two pillars of Microsoft infrastructure intersect, and why do they often make us break a sweat?Best Practices & Pro Tips: Schema upgrades, time-sync nightmares, and why DNS is always the culprit—Dade and the Matts share their survival tips.Upcoming Workshop Alert: Don't miss out on IVOXY's upcoming Active Directory/Entra ID workshop and hands-on training class, led by Dade, designed to demystify these crucial Microsoft tools and set your team up for success.As always, if you enjoy the show, please be sure to like, share with three colleagues and subscribe wherever you get your quality podcasts.From the DCT crew – Stay cool, stay protected, be informed and see you at the next event and episode, compadres

In this episode of the PowerShell Podcast, we sit down with Fred Weinmann, a prolific PowerShell module creator, to explore his remarkable contributions, including PSFramework, PSModuleDevelopment, PSUtil, and PSFramework.Nuget. Fred shares insights on developing impactful solutions, such as the KRBTGT module and the evolution of module development in large-scale environments.  We dive into Fred's journey at Microsoft as a Cloud Solution Architect, discussing how he leverages his passion for technology and PowerShell to create scalable and innovative tools. Key topics include:  Building internal PowerShell repositories and best practices for managing trust and dependencies. Overcoming challenges with module distribution in offline environments.  Fred's unique hierarchical approach to structuring modules for business and technical processes.  Exciting projects like automating help documentation for commands and enhancing AI's role in PowerShell development.  Fred also reflects on his decision to pursue a hands-on technical career over management, emphasizing the satisfaction and impact he derives from solving complex technical challenges.  Join us for PowerShell Wednesdays at 2 PM EST, on the PDQ Discord https://discord.gg/pdq  Join us next week for part two with Fred Weinmann.  Bio and Links: Fred Weinmann is a seasoned Cloud Solution Architect at Microsoft and a renowned PowerShell expert with years of experience designing and implementing scalable solutions. A prolific creator, Fred has developed key tools like PSFramework, PSModuleDevelopment, PSUtil, and PSFramework.Nuget, which empower developers and IT professionals to optimize their workflows. Passionate about technology and problem-solving, Fred's innovative approach to PowerShell module development and his commitment to community-driven open-source projects have made him a respected figure in the PowerShell community. https://github.com/PowershellFrameworkCollective/PSFramework.NuGet https://github.com/ActiveDirectoryManagementFramework/ADMF   PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/  

As promised, we're back with part 2 of the Powershell Teaser. We pick up where we left off, starting with learning about parameter definitions and the advantages such a structured language affords us, including automatically generated help files and error checking. Bart updated the shownotes to include valuable resource links to take your PowerShell to a higher level. We walk through our plan for 2025, where Bart is going to teach us about GitHub Pages (which power the Programming By Stealth shownotes) and then how to change the style you see with Bootstrap to make it your own. After that we expect to get back to PowerShell but that's a ways down the road so things could change.

In this episode, I cover this month's Patch Tuesday news, a warning from Microsoft about the upcoming retirement of some PowerShell modules, a price cut for some Azure customers and much more! Reference Links: https://www.rorymon.com/blog/layoffs-at-microsoft-patch-tuesday-news-azure-price-adjustment/

In this episode of the PowerShell Podcast, Andrew catches up with returning guest Adam Bacon. Adam shares an update on his career and shares how PowerShell has played a huge role in helping him accomplish his dream.  Guest Bio and links:  Adam Bacon has over 24 years of IT experience, 13 of which with PowerShell. He can be found writing on one of his blogs, adding code to one of his 80+ projects on GitHub, speaking about PowerShell, and more.   https://adam-bacon.netlify.app/ PowerShell Wednesdays: https://discord.gg/pdq The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/HgDCzoNcir4  

In this episode of the PowerShell Podcast, we're joined by Gautam Sheth, Microsoft MVP and M365 developer extraordinaire, to explore the latest improvements to the PnP PowerShell module and how to get started with it. Gautam shares his unique perspective on automating SharePoint, working with Microsoft 365, and leveraging Microsoft Graph through PowerShell. We discuss practical use cases, best practices, and the significance of PnP PowerShell for modern IT and development workflows. From SharePoint tips to automation strategies, this episode is packed with insights for PowerShell enthusiasts and M365 developers alike. Whether you're just starting or looking for advanced techniques, Gautam provides actionable advice and plenty of inspiration! Guest Bio and links:  Developer at Staffbase and Microsoft 365 Dev MVP. Maintainer of PnP .NET libraries and PnP PowerShell, with a focus on M365 development and emerging Copilot technologies. Passionate about all things development, from frontend and backend to infrastructure and DevOps. https://github.com/pnp/powershell https://www.youtube.com/watch?v=Grr0FlC8SQA&ab_channel=ZeeMusicCompany https://bsky.app/profile/gautamdsheth.bsky.social https://www.linkedin.com/in/gautamdsheth/ PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ The PowerShell Podcast on YouTube: https://youtu.be/cuq1UL5h-aw  

Send me a Text Message hereFULL SHOW NOTES https://podcast.nz365guy.com/641  PowerShell and SharePoint Premium are powerful tools that often go underappreciated in the Microsoft ecosystem. In the episode, we explore their potential to streamline operations, automate tasks, and enhance document management through community-driven practices and AI integrations.• Overview of Kasper Larsen's background and expertise • Importance of PowerShell for automation and efficiency • Description of Patterns and Practices (PMP) as a community initiative • Insights into SharePoint Premium's enhanced features and AI capabilities • The role of AI in document management and automatic translation • Discussion on the future of PowerShell within the Microsoft 365 ecosystemIn 2024, we celebrated seven years of the Microsoft Business Applications podcast. Now, we step into 2025 with a fresh new name. Welcome to the Microsoft Innovation podcast! Our new name reflects a broader vision, exploring the intersection of people, business, technology, and AI. 90 Day Mentoring ChallengeMicrosoft Business Applications Career Mentor for the Power Platform and Dynamics 365 Justin WelshJustin Welsh's LinkedIn Operating System—the guide to finding your voice on LinkedIn.Support the showIf you want to get in touch with me, you can message me here on Linkedin.Thanks for listening

Bart Busschots is enamored with the open source shell from Microsoft called PowerShell. His goal was to give us a teaser on this modern shell but there was enough material in his shownotes that we're recording the audio in two halves. Feel free to read ahead in the shownotes if you like, or you can wait till the second installment to read the rest. In this first half, we learn about how Bart begrudgingly started using PowerShell and what made him become such a fan. He walks us through the philosophy and then the structure of commands first. We get to play with a few tiny scripts to illustrate how the "plumbing" works in PowerShell and we learn about how message streams work with data streams. You can find Bart's fabulous tutorial shownotes at pbs.bartificer.net. Join our Slack at podfeet.com/slack and check out the Programming By Stealth channel under #pbs. Support Bart by going to lets-talk.ie and pushing one of the big blue support buttons. Referral Links: Parallels Toolbox - 3 months free for you and me Learn through MacSparky Field Guides - 15% off for you and me Backblaze - One free month for me and you Eufy - $40 for me if you spend $200. Sadly nothing in it for you. PIA VPN - One month added to Paid Accounts for both of us CleanShot X - Earns me $25%, sorry nothing in it for you but my gratitude

In this episode of the PowerShell Podcast, we sit down with Microsoft MVP Evgenij Smirnov to explore his incredible journey from working as a forklift driver to becoming a PowerShell and security expert. We dive into his insights on certificates, security best practices, and the importance of identity in modern IT. Evgenij also shares his experiences with cross-platform PowerShell, highlights from his recent talks, and the value of community events like PowerShell Saturday. Along the way, we discuss his unique career path, his passion for the PowerShell community, and tips for those looking to grow in IT. Guest Bio and links:  Evgenij has been working with computers since the age of 5 and delivering IT solutions for over 25 years. His Active Directory and Exchange background naturally led to PowerShell, of which he's been an avid user and proponent since its first release. Evgenij is an active community leader at home in Berlin, a leading contributor to the German self-help forums, and an experienced user group and conference speaker. He is a Cloud and Datacenter Management MVP since 2020. He is the author of "Building Modern Active Directory", released by Apress in 2024. https://discord.gg/pdq https://sqlsaturday.com/2025-03-08-sqlsaturday1102/ Call for Speakers Link - https://sessionize.com/sql-saturday-atlanta-2025-ai-and-bi https://docs.tamemycerts.com/ https://github.com/Sleepw4lker/TameMyCerts https://it-pro-berlin.de/ https://www.linkedin.com/in/evgenijsmirnov/ https://x.com/cj_berlin https://bsky.app/profile/cj-berlin.bsky.social https://link.springer.com/book/10.1007/979-8-8688-0941-5 https://sessionize.com/evgenij-smirnov/ PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ The PowerShell Podcast on YouTube: https://youtu.be/G2U1-AxTldA    

In this special holiday episode of the PowerShell Podcast, we are joined by the incredibly talented Gilbert Sanchez. We dive into the world of PSScriptAnalyzer and use it as a gateway to explore and understand the Abstract Syntax Tree (AST) in PowerShell. Gilbert walks us through a live demo and highlights some powerful ways to leverage the AST to analyze and improve our PowerShell code. As a special holiday treat, Gilbert comes bearing gifts—several awesome PowerShell modules that listeners can start using today. Guest bio and links: Staff Software Development Engineer at Tesla, specifically working on PowerShell. Formerly known as "Señor Systems Engineer" at Meta. A loud advocate for DEI, DevEx, DevOps, and TDD. Podcast Highlights - https://www.youtube.com/watch?v=R4IUH1vI6U8 ScriptAnalyzer blog - https://gilbertsanchez.com/posts/sharing-custom-psscriptanalyzer-rules/ https://links.gilbertsanchez.com PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ PowerShell Podcast on YouTube: https://youtu.be/TX2r6ewSwjg  

This week, we're diving into how to triage for PSEXEC evidence. PSEXEC leaves traces on both the source and target systems, making it essential to identify artifacts on each to determine whether a system was used as an attacker's tool or was the target of an attack. While PSEXEC has somewhat fallen out of favor due to increased use of PowerShell for similar activities, it remains a commonly abused utility among attackers. In this episode, we'll break down the key artifacts and methodologies for effective triage.

In this episode of the PowerShell Podcast, we sit down with Miriam Wiesner, a Senior Security Research Program Manager at Microsoft, to dive into the fascinating world of security and identity hygiene. Miriam shares her expertise on the GraphAPI and the critical importance of maintaining proper identity hygiene in today's digital landscape. We explore the day-to-day life of a security researcher and discuss how tools like script block logging can provide invaluable insights. Miriam also highlights the power of Kusto for analyzing data and solving complex challenges in the security space. In addition to technical insights, Miriam opens up about the challenges of maintaining a healthy work-life balance, offering a candid look at the human side of working in a demanding and impactful field. Guest Bio and links: Miriam C. Wiesner is a Sr. Security Research Program Manager at Microsoft with over 15 years of experience in IT and IT Security. She has held various positions, including Administrator/System Engineer, Software Developer, Premier Field Engineer, Program Manager, and Security Consultant and Pentester. She is also a renowned creator of open-source tools based in PowerShell, including EventList and JEAnalyzer. She was invited multiple times to present her research behind her tools at many international conferences like Black Hat (USA, Europe & Asia), PSConf EU, MITRE ATT&CK workshop, and more. Miriam is the author of the book "PowerShell Automation and Scripting for CyberSecurity: Hacking and Defense for Red and Blue Teamers." Outside of work, Miriam is a dedicated wife and mother, residing with her family near Nuremberg, Germany. Previous episode with Miriam - https://www.youtube.com/watch?v=0Csw8YYGyCg&pp=ygUObWlyaWFtIHdpZXNuZXI%3D Practical PowerShell Empowerment For Protectors - https://www.youtube.com/watch?v=JgqbR-7O7TI&pp=ygUObWlyaWFtIHdpZXNuZXI%3D Echoes of Intrusion: Demystifying commonly used MS Graph API Attacks - https://www.youtube.com/watch?v=YDK5xYx1rKg&t=677s&pp=ygUObWlyaWFtIHdpZXNuZXI%3D PowerShell ❤️ the Blue Team - https://devblogs.microsoft.com/powershell/powershell-the-blue-team/ https://techcommunity.microsoft.com/blog/microsoftsentinelblog/the-power-of-data-collection-rules-detect-disabling-windows-defender-real-time-p/4236540 PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ Listen to the PowerShell Podcast: https://powershellpodcast.podbean.com/    

In this episode of the PowerShell Podcast, we welcome back Sean Wheeler, Lead Documentarian at Microsoft for PowerShell, to catch up on the latest developments in the PowerShell ecosystem. Sean dives into the updates with PSResourceGet, the powerful enhancements in PowerShell 7.5, and the groundbreaking potential of the AI Shell project, designed to transform command-line experiences with artificial intelligence. We also get a recap of Sean's experience at SpiceWorld, highlighting community insights and key takeaways from the event. Packed with expert tips and exciting news, this episode is a must-listen for PowerShell enthusiasts and IT pros alike! Guest Bio and links:  Sean Wheeler is the lead documentarian for PowerShell at Microsoft. For over 25 years at Microsoft, he's delivered many workshops on scripting, debugging, and advanced troubleshooting. Using scripting, he's created tools to help customers collect and analyze data used to troubleshoot and optimize their environments. State of Sysadmin 2025 - https://www.surveymonkey.com/r/33F373L https://learn.microsoft.com/powershell/utility-modules/aishell/aishell-overview https://learn.microsoft.com/en-us/powershell/gallery/powershellget/psresourceget-release-notes?view=powershellget-3.x https://learn.microsoft.com/powershell/gallery/powershellget/supported-repositories?view=powershellget-3.x https://learn.microsoft.com/en-us/powershell/scripting/whats-new/what-s-new-in-powershell-75?view=powershell-7.4 https://mikefrobbins.github.io/psdocs-how-to/ https://github.com/PowerShell/Community-Blog https://www.powershellgallery.com/packages/PSStyle Sean's blog and links to socials - https://sdwheeler.github.io/seanonit/ PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ Listen to the PowerShell Podcast: https://powershellpodcast.podbean.com/  

In this episode, we turn the tables and interview Andrew Pla. We explore Andrew's back story, find out how he got started in IT, and discover where his love of PowerShell comes from. We also discuss his journey from community member to advocate to PowerShell MVP. Get to know Andrew Pla! Guest Bio and links: Andrew Pla is the host of the PowerShell Podcast, Microsoft Powershell MVP, and Community Manager at PDQ. Andrew has an extensive IT background and expertise in PowerShell. He loves interacting with the community, mentoring, and spreading the good word about PowerShell. Website: https://andrewpla.tech Socials: @AndrewPlaTech Blog from Fred about our mentorship: https://allthingspowershell.blogspot.com/2018/12/the-roi-of-teaching-others.html?q=andrew+pla First PowerShell Summit blog post: https://andrewpla.tech/personal/powershell%20summit/2018/04/22/PowerShell-Summit-=-Expectations-Exceeded/ https://allthingspowershell.blogspot.com/2018/12/the-roi-of-teaching-others.html?q=andrew+pla https://andrewpla.tech/personal/powershell%20summit/2018/04/22/PowerShell-Summit-=-Expectations-Exceeded/ PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ Listen to the PowerShell Podcast: https://powershellpodcast.podbean.com/  

In this special episode, we catch up with our former cohost, Jordan, and hear about his journey since leaving the PowerShell Podcast. Jordan shares an exciting life update, offers invaluable advice on how PowerShell has shaped his career and participates in our fun "This or That" segment. We reminisce about our favorite podcast moments, discuss a fantastic new PowerShell module for analyzing DKIM records, and explore how Jordan's perspective on PowerShell and automation has evolved. This episode is packed with laughs, insights, and a dose of nostalgia for long-time listeners. Guest Bio and links:  Jordan was a host on the PowerShell Podcast and is a PowerShell lover. You can find him writing code and attending PowerShell Summit 2025 2025 State of System Administration - https://www.surveymonkey.com/r/33F373L PowerShell Script Roast - https://www.youtube.com/watch?v=e58aMWyjf-Y Invoke-SpfDkimDmarc - https://github.com/T13nn3s/Invoke-SpfDkimDmarc https://x.com/DevOpsJordan http://linkedin.com/in/hammondjordan https://bsky.app/profile/andrewpla.tech https://www.linkedin.com/in/andrewplatech/  

In this episode of the PowerShell Podcast, we sit down with Steven Judd and Kevin Laux for insights and inspiration from the PowerShell community. Steven shares his experiences overcoming the hurdles of live demos, recounts the highlights of PowerShell Saturday NC, and reveals the story behind his iconic bling and love for puns. He delves into the importance of "practice makes progress," encouraging listeners to embrace growth through consistent effort. Kevin Laux joins the conversation to discuss his journey with PowerShell, his role with the Research Triangle PowerShell User Group (RTPSUG), and the impact of community involvement. Guest Bio and links:  Steven Judd is a 25+ year IT Pro and most recently an Infrastructure Engineer https://shortcutyour.life https://github.com/stevenjudd/safelydetonate Kevin Laux is an experienced DevOps leader and PowerShell expert with a track record of improving automation and productivity https://www.linkedin.com/in/kevinlaux/ https://www.youtube.com/@RTPSUG PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ PowerShell Pro Tips - https://www.youtube.com/watch?v=K95ovoMh170    

This week, Paul shows us how to setup Windows 11 if you're looking to install it but have unsupported hardware, or just want to bypass some of the annoyances of installing Windows 11 on to a new PC. Host: Paul Thurrott Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Authorities arrest over 200 Chinese nationals in Sri Lanka over financial scams. Officials in Finland take down an online drug market. Cisco investigates an alleged data breach.  A major apparel provider suffers a data breach. Oracle's latest patch update includes 35 critical issues. Microsoft has patched several high-severity vulnerabilities. The NCSC's new boss calls for global collaboration to fight cybercrime. CISA warns of critical vulnerabilities affecting software from Microsoft, Mozilla, and SolarWinds.Hackers steal data from Verizon's push-to-talk (PTT) system. On our CertByte segment, Chris Hare is joined by resident Microsoft SME George Monsalvatge to break down a question from N2K's Microsoft Azure Administrator (AZ-104) Practice Test. Robot vacuums go rogue. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from our suite of industry-leading content and a study tip to help you achieve the professional certifications you need to fast-track your career growth. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by resident Microsoft SME George Monsalvatge to break down a question from N2K's Microsoft Azure Administrator (AZ-104) Practice Test. Candidates for the Microsoft Azure Administrator exam are Azure Administrators who manage cloud services that span storage, security, networking, and compute cloud capabilities. Candidates should be proficient in using PowerShell, the Command Line Interface, Azure Portal, ARM templates, operating systems, virtualization, cloud infrastructure, storage structures, and networking. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers. Reference: Microsoft Azure Blog > Virtual Machines > Gain business insights using Power BI reports for Azure Backup Selected Reading Sri Lankan Police Arrest Over 200 Chinese Scammers (BankInfo Security) Finnish Customs closed down the Sipulitie marketplace on the encrypted Tor network (Finnish Customs) Cisco investigates breach after stolen data for sale on hacking forum (Bleeping Computer) Varsity Brands Data Breach Impacts 65,000 People (SecurityWeek) Oracle October 2024 Critical Patch Update Addresses 198 CVEs (Security Boulevard) Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site (SecurityWeek) 'Nationally significant' cyberattacks are surging, warns the UK's new cyber chief (The Record) CISA Warns of Three Vulnerabilities Actively Exploited in the Wild (Cyber Security News) Hackers Advertise Stolen Verizon Push-to-Talk ‘Call Logs' (404 Media) Hackers took over robovacs to chase pets and yell slurs (The Verge) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Western authorities I.D. a key member of Evil Corp. A major U.S. water utility suffers a cyberattack. ODNI warns of influence campaigns targeting presidential and congressional races. A California deepfakes law gets blocked. Europol leads a global effort against human trafficking. Trinity ransomware targets the healthcare industry. Qualcomm patches a critical zero-day in its DSP service. ADT discloses a breach of encrypted employee data. North Korean hackers use stealthy Powershell exploits. On our Threat Vector segment, David Moulton and his guests tackle the pressing challenges of securing Operational Technology (OT) environments.  Machine Learning pioneers win the Nobel Prize.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, David Moulton, Director of Thought Leadership at Palo Alto Networks, hosts cybersecurity experts Qiang Huang Chung hwang, Palo Alto Networks VP of Product Management for Cloud Delivered Security Services, and Michela Menting, Senior Research Director in Digital Security at ABI Research, discuss the pressing challenges of securing Operational Technology (OT) environments.  Join us each Thursday for a new episode of Threat Vector on the N2K CyberWire network. To hear David, Michela and Qiang's full discussion, check it out here.  Selected Reading Police unmask Aleksandr Ryzhenkov as Evil Corp member and LockBit affiliate (The Record) American Water, the largest water utility in US, is targeted by a cyberattack (Associated Press) US Warns of Foreign Interference in Congressional Races (Infosecurity Magazine) US Judge Blocks California's Law Curbing Election Deepfakes (BankInfo Security) Global Police Track Human Traffickers in Online Crackdown (Infosecurity Magazine) Recently spotted Trinity ransomware spurs federal warning to healthcare industry (The Record) Qualcomm patches high-severity zero-day exploited in attacks (Bleeping Computer) ADT says hacker stole encrypted internal employee data after compromising business partner (The Record) North Korean Hackers Employ PowerShell-Based Malware With Serious Evasion Techniques (Cyber Security News) ‘Godfather of AI' shares Nobel Prize in physics for work on machine learning (CNN) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Joshua Miller from Proofpoint is discussing their work on "Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset." Proofpoint identified Iranian threat actor TA453 targeting a prominent Jewish figure with a fake podcast interview invitation, using a benign email to build trust before sending a malicious link. The attack attempted to deliver new malware called BlackSmith, containing a PowerShell trojan dubbed AnvilEcho, designed for intelligence gathering and exfiltration. This malware consolidates all of TA453's known capabilities into a single script rather than the previously used modular approach. The research can be found here: Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset Learn more about your ad choices. Visit megaphone.fm/adchoices