Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 334
11 snips
Dec 25, 2025 Most parked domains are now delivering malicious content, sparking discussions on effective mitigation strategies. Device code phishing re-emerges, allowing attackers to exploit Microsoft 365 accounts through low-bar tools. Amazon uncovers a suspicious keystroke delay that signals potential remote access interference. The risks of remote hiring, particularly with North Korean contractors, are examined alongside the challenges posed by AI-generated proofs of concept in cybersecurity. Lastly, a serious zero-day vulnerability in Cisco email appliances highlights pressing defensive priorities.
AI Snips
Chapters
Transcript
Episode notes
Parked Domains Now Deliver Malware
- Parked domains have shifted from showing ads to overwhelmingly serving malicious content and selectively targeting victims.
- Attackers fingerprint visitors (VPNs, residential IPs) to serve malicious payloads only to likely victims.
Layer Protections Around Users
- Assume employees will reach hostile sites and build layers: secure browsers, EDR, and phishing-resistant logins.
- Restrict browser extensions, patch browsers, and use allow-lists for domain resolution where feasible.
Device Code Flows Lower Attack Barriers
- Device-code flows let attackers entitle devices to act on users without traditional MFA prompts.
- Tooling for device-code phishing is becoming commoditized and lowers attacker skill requirements.