The Cyber Threat Perspective

In this episode of The Cyber Threat Perspective, we’re exploring the broader security implications of artificial intelligence. AI is transforming everything—from how we defend our networks to how attackers exploit them. We’ll break down the risks, the opportunities, and what security teams need to be thinking about right now as AI becomes embedded in both our tools and becomes a part of our daily life.Spencer's next webinar 8/28 12pm EasternTopic: Securing Windows, Common Misconfigurations That Give Attackers The Advantagehttps://go.spenceralessi.com/windowsBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

In this episode, we're diving into what to do the minute incident response arrives. That first moment matters—a lot. Whether it's a ransomware attack, unauthorized access, or data exfiltration, how you act in minute one can either help or hinder the investigation. We’ll cover the do’s, don’ts, and common mistakes we see, so you’re ready when the heat is on.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

In this episode of The Cyber Threat Perspective, we're diving into one of the most pressing trends in cybersecurity: how threat actors are using AI. From deepfake scams and AI-generated phishing emails to automated malware and voice cloning, attackers are leveraging artificial intelligence to scale their operations and sharpen their tactics. We’ll break down real-world examples, tools like WormGPT, and what this means for defenders going forward.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

Explore when organizations should rethink the need for penetration testing. Learn about the differences between pentests, vulnerability scans, and risk assessments. Discover the critical steps necessary to prepare effectively for penetration testing, including vulnerability management and security auditing. Understand the evolving landscape of cloud security assessments and emphasize the importance of tailoring cybersecurity services to meet client needs. It's all about maximizing impact and avoiding wasted resources!

In this episode, we're diving into one of the most overlooked yet dangerous components of Active Directory: Certificate Services. What was designed to build trust and secure authentication is now being exploited by attackers to silently escalate privileges and persist in your environment. We’ll break down how AD CS works, how it gets abused, and what defenders need to do to lock it down.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

It’s easy to overlook small misconfigurations on Windows endpoints, but those little mistakes can create big opportunities for attackers. In this episode, we break down the most common Windows security missteps we see in real-world environments, from missing the basics to reused local admin passwords. If you’re a sysadmin, IT admin, or just responsible for keeping Windows machines secure, this one's for you.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

In this episode, we dive into the unique cybersecurity challenges faced by the financial services sector, from high-value targets and strict compliance requirements to the constant threat of phishing and ransomware. We’ll break down common attack paths, what makes financial orgs so attractive to threat actors, and most importantly, what IT and security teams can do to stay ahead. Whether you're on the red team, blue team, or in leadership, this episode will help you strengthen your security posture in one of the most targeted industries on the planet.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

In this episode, we dive into the unique cybersecurity challenges faced by the financial services sector, from high-value targets and strict compliance requirements to the constant threat of phishing and ransomware. Whether you're on the red team, blue team, or in leadership, this episode will help you strengthen your security posture in one of the most targeted industries on the planet.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

(Replay) In this episode, Spencer and Brad discuss the ever popular and highly debated topic of evasion. In this podcast we talk about evasion from the context of evading defense controls, not necessarily EDR specific evasion techniques. Our hope with this episode is to shed light on this topic and help defenders understand various methods of evasion and this topic more in general.Resources(Jun 1, 2021) Evadere Classifications - detection & response focusDefense Evasion, Tactic TA0005 - Enterprise | MITRE ATT&CK® - controls focus(Mar 22, 2024) Atomics on a Friday - Evade or Bypass - edr focusBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com

In this episode of The Cyber Threat Perspective, we break down the 7 critical questions every security leader should ask after a penetration test. A pentest isn’t just about checking a box, it’s an opportunity to assess your defenses, measure progress, and refine your strategy. We discuss how to go beyond the report, extract real value from the assessment, and ensure findings lead to meaningful action across your organization. Whether you’re a CISO, IT director, or team lead, this episode will help you make every pentest count.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com