In this episode of The Cyber Threat Perspective, we explore the strategic integration of deception technology like canaries and honeypots into your cybersecurity defenses. Discover how these tools allow you to detect threat actors earlier in their attack sequence, disrupt malicious activities, and mitigate potential damage to your organization. Join us for actionable insights and defensive advice to enhance your organization's security posture.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com

Threat reports can be goldmines for defenders — but only if we know how to extract and apply what matters. A good analysis can mean catching an attack early or missing it entirely. There's no shortage of threat intel out there. The real challenge is making sense of it without getting overwhelmed. In this episode we discuss:What makes up a threat reportGoals of analyzing threat reportsHow to analyze the pieces that matterActionable tips you can use todayBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com

The discussion highlights common security findings from external penetration tests, particularly concerning outdated web libraries and plugins like those in WordPress. The hosts review key tools for testing web applications, stressing the importance of manual validation. They delve into web vulnerabilities, emphasizing the impact of cross-site scripting and the necessity of strong security protocols. The conversation also covers how to secure identities in Microsoft 365 and the risks associated with exposing SSH and RDP servers to the internet.

 This episode focuses on SaaS (Software as a Service) Supply Chain Attacks. We discuss what SaaS applications are most at risk, what the real danger of saas supply chain attacks are and most importantly how to defend and detect these attacks. Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com

Dive into the quirky underworld of digital misdirection in this episode, where we explore the art of typosquatting. Discover how a simple mistyped URL can turn into a gateway for cyber trickery, as we break down the many forms of typosquatting—from subtle misspellings that mimic trusted sites to more elaborate schemes designed to deceive. Learn why these small errors are so effective in luring unsuspecting users and get insider tips on how to protect yourself from falling into these cleverly crafted traps. Whether you're a digital native or just curious about the hidden risks of the internet, this episode equips you with the knowledge and defenses you need to navigate online spaces with confidence. Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com

The discussion dives into the roles of red and blue teams in cybersecurity, comparing their unique challenges. Personal anecdotes shed light on the journey from help desk to specialized roles. There's a focus on the hefty prep work behind penetration testing, demonstrating the extensive time needed for successful outcomes. The importance of collaboration for effective security practices is emphasized, alongside tips for maintaining mental well-being in a high-pressure field. Staying updated with industry trends through various tools is also highlighted.

Unlock the secrets of effective attack surface monitoring in this replay of The Cyber Threat Perspective. Brad and Spencer dive into essential practices, tools, and methodologies to keep your systems secure.Define and understand attack surface and attack vectorsDistinguish between physical and digital attack surfacesExplore DIY vs. commercial tools for attack surface monitoringLearn from bug bounty industry methodologies and resourcesEmphasize the importance of continuous monitoring and asset managementCheck out our show notes for additional resources, and don't forget to like, share, and subscribe!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com

The podcast dives into the complexities surrounding multi-factor authentication (MFA), revealing its limitations and vulnerabilities in real-world applications. It highlights how certain MFA methods, like SMS and social engineering, can be compromised. The discussion also introduces number matching as a more secure alternative and emphasizes the need for continuous monitoring and adaptive authentication for enhanced security. Moreover, the role of AI in facilitating cyber threats is examined, underlining the necessity for a multifaceted approach to user authentication.

Dive into the world of insecure Active Directory protocols and discover how they can be exploited by attackers for privilege escalation and lateral movement. Learn about essential tools like Pincastle and Purple Knight for identifying security issues. Explore the risks of legacy protocols such as LMNR and NBNS, including potential attacks. Understand the evolving challenges in internal penetration testing and the vulnerabilities of the Windows web client service, emphasizing the importance of updating security practices.

Chelsea interviews Brad about web application penetration testing, uncovering the essential stages and methodologies. They discuss the importance of client involvement and proper scoping to ensure safety. The conversation delves into prioritizing vulnerabilities and utilizing the Common Vulnerability Scoring System. A collaborative approach to remediation is highlighted, along with effective reporting strategies. Lastly, they emphasize measuring success through client feedback and integrating security practices early in development.