The 443 - Security Simplified

This week on the podcast we discuss the shifting landscape of phishing attacks in the wake of Microsoft's efforts to block malicious Office macros. We then cover a private organization that has been found not just selling exploit tools but also participating in offensive cyber operations. We end the episode with a review of IBM and the Ponemon Institute's Cost of a Breach Report for 2022.

This week on the podcast, we discuss the current cyber skills gab and a federal program designed to help combat it. After that, we dive in to the American Data Privacy protection Act and what it potentially means if passed by US Congress. We end this week with a quick update on Microsoft's attempts to protect users from malicious macro-enabled documents.

This week on the podcast we cover the latest in car hacking research, this time targeting vulnerabilities in remote keyless entry. We then dive in to Microsoft's latest research on Adversary in the Middle (AitM) attacks and end with key findings from the latest WatchGuard Threat Lab quarterly Internet Security Report.

This week on the podcast, we discuss two recent security reports, one on the topic of open source software and the other on "insecure by design" in the Operational Technology (OT) space. We go through the key findings from each report and what our thoughts are on their accuracy within the real world. We end the week by covering Gartner's 8 security prediction from their Security and Risk Management summit last week and what we think their likelihood of hitting are in the years to come.

In celebration of our 200th episode, this week on the podcast we take a look back at the last few years and revisit some of our favorite episodes. Along the way, we'll give updates on a few of our cybersecurity predictions from years past that took just a little bit longer than anticipated to come true. Finally, we end with a round of Q & A and a few quick news updates.

This week on the podcast we cover the latest and most bizarre ransomware extortion demand we've seen in recent memory. Before that though, we cover the latest updates on nation state hacking activity including threats of escalating attacks leading to physical retaliation.

This week on the podcast we cover two fresh 0-day vulnerabilities, one in Windows and another in Atlassian's Confluence, both under active exploitation in the wild. Additionally, we cover Costa Rica's no good, terrible month in Cybersecurity.

This week on the podcast, we discuss the line between ethical security research and malicious activity thanks to a compromised open source software package. After that we cover the latest industry to fall victim to Ransomware and end by highlighting a 0-click vulnerability in Zoom’s message system discovered by Google Project Zero.

This week on the podcast we sit down for a chat with Matt Lee, Sr. Director of Security and Compliance at Pax8 and well-known cyber security educator, to discuss security strategies for MSPs and midsize enterprises in the face of a dynamic threat landscape. We cover everything from picking a framework to getting buy in from stakeholders and take a forward look at what future cyber regulations may look like to all organizations.

This week on the podcast we walk through CISA alert AA222-131A which gives bulleted guidance to MSPs and customers of MSPs on how to navigate their relationship security as threats targeting service providers continue to grow. We'll walk through the list and hit each recommendation and give our own guidance on top of them for both MSPs and their customers. After that, we cover the the latest Microsoft patch Tuesday and end the episode with the latest updates on SAT COM hacking.