Defensive Security Podcast Episode 311

Want to support us?  Want even MORE DefSec?  Starting this week, we are providing more DefSec for our Patreon donors.  Sign up to be a Patreon donor today: https://www.patreon.com/defensivesec   Links: https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/ https://www.bleepingcomputer.com/news/security/man-pleads-guilty-to-hacking-networks-to-pitch-security-services/ https://www.helpnetsecurity.com/2025/06/23/new-hire-phishing-risk/ Patreon exclusive discussions: https://www.helpnetsecurity.com/2025/06/27/cybersecurity-risk-reduction-breach-transparency/ https://www.theregister.com/2025/06/24/vulnerability_management_gap_noone_talks/

Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links: https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/ https://www.bleepingcomputer.com/news/security/russian-hackers-bypass-gmail-mfa-using-stolen-app-passwords/ https://www.bleepingcomputer.com/news/security/north-korean-hackers-deepfake-execs-in-zoom-call-to-spread-mac-malware/ https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports

Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links:  https://www.bleepingcomputer.com/news/security/sentinelone-shares-new-details-on-china-linked-breach-attempt/https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html?m=1https://www.csoonline.com/article/4002103/cisos-beware-genai-use-is-outpacing-security-controls.htmlhttps://thehackernews.com/2025/06/fin6-uses-aws-hosted-fake-resumes-on.html?m=1

Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec Links:  https://www.theregister.com/2025/06/06/chatgpt_for_evil/https://www.theregister.com/2025/06/06/ransomware_negotiation/https://www.darkreading.com/cyber-risk/how-to-approach-security-era-ai-agentshttps://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/https://www.theregister.com/2025/06/04/kiranapro_cyberattack_deletes_cloud_resources/ / https://x.com/deepakravindran/status/1930776943101894869

Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of topics including the introduction of a new cryptocurrency, Guard Llama Coin, and the implications of recent cybersecurity incidents involving ConnectWise … Continue reading Defensive Security Podcast Episode 308 →

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a significant data breach at Coinbase, the challenges of cryptocurrency security, the importance of patch management, and the evolving landscape of cyber threats. They also discuss insider threats, the failures of rigid security programs, and the … Continue reading Defensive Security Podcast Episode 307 →

In this episode, Jerry and Andrew discuss  the importance of data security, phishing attacks targeting hiring managers, the implications of paying ransoms, and the recent Disney data breach incident. They emphasize the need for better training for employees and the challenges of managing software supply chains. The conversation highlights the evolving landscape of cyber threats … Continue reading Defensive Security Podcast Episode 306 →

In this episode, we discuss the Google Mandiant 2025 M-Trends report.  The report is available here: https://services.google.com/fh/files/misc/m-trends-2025-en.pdf Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss the latest trends in cybersecurity, focusing on the rise of BEC scams and the significant losses attributed to cybercrime in 2024. They explore emerging threats, including social engineering tactics and hardware vulnerabilities, particularly in management interfaces. The conversation also delves … Continue reading Defensive Security Podcast Episode 304 →

Summary In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the rise of ransomware, the importance of backup strategies, and the implications of AI in phishing attacks. They discuss into the challenges of managing non-human identities and the need for effective communication of security metrics. … Continue reading Defensive Security Podcast Episode 303 →