Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Discussion of QR-code phishing campaigns and the rise of 'quishing' targeting mobile devices. Practical hiring security: live technical interviews, proctoring tricks, and spotting fraud signals like VPNs and odd timezones. Deep dive into a long-exploited ESXi VM escape, hypervisor trust risks, and how commoditized exploit toolkits amplify ransomware threats. CISO turnover, succession problems, and the impact on security programs.

Explore the rising trends in cybersecurity, including insurers' recommendations for 2026 that focus on phishing and vendor outages. Discover the importance of role-based access control to limit risk and the dangers of legacy systems. Delve into the implications of a recent $8.5 million theft linked to a compromised developer key and the data leak involving Conde Nast. The hosts also discuss the complexities of software liability in reseller chains, highlighting vulnerabilities that need urgent attention.

Discover how fake proof-of-concept repos on GitHub spread WebRat malware, and why blindly trusting random POCs is risky for security teams. Explore the alarming MongoDB 'MongoBleed' vulnerability and its implications. Tune in for insights on the FortiGate LDAP bypass issue, which highlights critical authentication bugs. The hosts also discuss the intricate Oracle E-Business Suite hack, detailing its exploit chain and the challenges of timely patching. Dive into the complexities of zero-day detection and why many vulnerabilities remain overlooked.

Most parked domains are now delivering malicious content, sparking discussions on effective mitigation strategies. Device code phishing re-emerges, allowing attackers to exploit Microsoft 365 accounts through low-bar tools. Amazon uncovers a suspicious keystroke delay that signals potential remote access interference. The risks of remote hiring, particularly with North Korean contractors, are examined alongside the challenges posed by AI-generated proofs of concept in cybersecurity. Lastly, a serious zero-day vulnerability in Cisco email appliances highlights pressing defensive priorities.

Dive into the alarming 700% rise in hypervisor ransomware and discover why these systems are prime targets. Learn about critical vulnerabilities, such as the React deserialization issue and Log4Shell's lingering presence. Hear tips on improving security through authentication and segmentation, plus the discussion on the dangers of AI coding tools. The need for cautious AI adoption is emphasized, along with how to secure LLMs against manipulation. Overall, a mix of pressing threats and practical security advice awaits!

Want to be the first to hear our episodes each week?  Become a Patreon donor here. Links to this week’s stories: https://www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics https://www.theregister.com/2025/11/28/posthog_shaihulud/?td=keepreading / https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem https://www.theregister.com/2025/11/27/scattered_lapsus_hunters_zendesk/ https://www.theregister.com/2025/11/25/akira_ransomware_acquisitions Browser extensions pushed malware to 4.3M Chrome, Edge users • The Register

Reposting Episode 331 due to the wrong mp3 attached to the original. Want to be the first to hear our episodes each week?  Become a Patreon donor here. Links to this week’s stories: https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/ https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/ https://cyberscoop.com/fortinet-delayed-disclosure-exploited-vulnerability/ https://www.bleepingcomputer.com/news/security/piecing-together-the-puzzle-a-qilin-ransomware-investigation/ Repo Want to be the first to hear our episodes each week?  Become a Patreon donor here. Links to this week’s stories: https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/ https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/ https://cyberscoop.com/fortinet-delayed-disclosure-exploited-vulnerability/ https://www.bleepingcomputer.com/news/security/piecing-together-the-puzzle-a-qilin-ransomware-investigation/

A recent ransomware incident in Nevada highlights concerning detection and forensic challenges. The discussion reveals how AI is being tested by threat actors, raising alarms about automated lateral movement and internal vulnerabilities. The hosts emphasize the critical need for foundational security practices, reframing priorities amid AI hype. They also delve into the urgency of monitoring supply chain risks and remind listeners not to overlook basic threats like credential theft and phishing. The realities of CISO burnout spark a candid conversation on leadership accountability and budget constraints.

https://www.youtube.com/watch?v=3BaNujBx62Y Want to be the first to hear our episodes each week?  Become a Patreon donor here. Links to this week’s stories: https://www.theregister.com/2025/11/03/mit_sloan_updates_ai_ransomware_paper/ https://www.theregister.com/2025/10/29/ey_exposes_4tb_sql_database/ https://www.darkreading.com/cyber-risk/zombie-projects-rise-again-undermine-security https://www.darkreading.com/cloud-security/cloud-outages-highlight-need-resilient-secure-infrastructure-recovery  

Want to be the first to hear our episodes each week?  Become a Patreon donor here. Links we discuss this week: https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html?m=1 https://www.cybersecuritydive.com/news/artificial-intelligence-security-risks-ey-report/803490/ https://www.cybersecuritydive.com/news/ai-augment-security-identity-soc/803608/ https://www.darkreading.com/cyber-risk/best-end-user-security-awareness-programs-arent-about-awareness-anymore https://www.bleepingcomputer.com/news/security/hackers-now-exploiting-critical-windows-server-wsus-flaw-in-attacks/