ThreatLocker: default-deny and misconfigurations

Romance scammers have apparently discovered astrology... and Taurus is their secret weapon.

In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto.

Then Lesley "hacks4pancakes" Carhart delivers a reality check on the dire cybersecurity jobs market for juniors: why entry-level roles are evaporating, how automated CV screening is chewing candidates up, and what hopeful newcomers (and weary veterans) can do about it.

Plus, Graham talks to ThreatLocker CEO Danny Jenkins about why misconfigurations are behind an uncomfortable number of breaches, how default-deny security actually works in practice, and why detecting attacks after they’ve started is already too late.

All this, and much more, in this episode of the "Smashing Security" podcast with Graham Cluley, and special guest Lesley Carhart.

EPISODE LINKS:

• Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet - Hackread.
• Ilya Lichtenstein, Bitcoin hacker behind massive crypto theft, credits Trump for early prison release - CNBC.
• How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection - Securonix.
• A scammer's guide: How cybercriminals plot to rob a target in a week - Reuters.
• Game of Wool: Britian’s Best Knitter - Channel 4.
• Game of Wool trailer - YouTube.
• Earthrise One: Melbourne's Premier Sci-Fi Escape Room Adventure.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
• Meter - Network infrastructure for the enterprise. Get a free personalised demo.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".