Tyler Roberts

Tyler Roberts, an offensive security practitioner, sheds light on critical pentest findings still plaguing organizations in 2025. Discussion covers the alarming persistence of weak passwords, risks from corporate emails used for third-party signups, and the dangers of plaintext credentials on file shares. Tyler emphasizes the importance of updating outdated TLS protocols and tackling local admin password reuse. The conversation also highlights vulnerabilities in on-prem Exchange systems and the need for better control over public-facing protocols. This is a must-listen for anyone in IT security!

In this discussion, Tyler Roberts, a Microsoft 365 security expert and penetration tester, delves into the latest enumeration techniques used in attacks against M365. He explains how attackers identify tenants and validate accounts, spotlighting the risks associated with user enumeration and password spraying. Roberts emphasizes the importance of strong security measures, including multi-factor authentication, and sheds light on vulnerabilities in services like SharePoint. IT admins gain actionable insights to better protect their organizations from these evolving threats.

Tyler Roberts, a cybersecurity expert, dives into the world of Open Source Intelligence (OSINT) and its dual nature. He highlights the risks of oversharing personal data online, as seemingly harmless posts can be exploited by attackers. The discussion uncovers vulnerabilities in law firm websites and the dangers posed by social engineering. Roberts also emphasizes the importance of securing sensitive data and mitigating risks through effective online monitoring, showcasing how even default web configurations can lead to security breaches.