Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Want to be the first to hear our episodes each week?  Become a Patreon donor here. Here are links to the stories we discuss this week: https://www.theregister.com/2025/09/29/postmark_mcp_server_code_hijacked/ https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/ https://www.bleepingcomputer.com/news/security/westjet-data-breach-exposes-travel-details-of-12-million-customers/ https://www.cybersecuritydive.com/news/material-cybersecurity-breaches-unreported/760892/ https://www.securityweek.com/red-hat-confirms-gitlab-instance-hack-data-theft/ https://www.securityweek.com/hackers-extorting-salesforce-after-stealing-data-from-dozens-of-customers/ https://databreaches.net/2025/10/04/just-days-before-its-data-might-be-leaked-qantas-airways-obtained-a-permanent-injunction/

  Here are links to the stories we discuss this week: https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign https://thehackernews.com/2025/09/github-mandates-2fa-and-short-lived.html https://www.theregister.com/2025/09/23/gartner_ai_attack/ https://www.bleepingcomputer.com/news/security/sonicwall-releases-sma100-firmware-update-to-wipe-rootkit-malware/ https://www.zdnet.com/article/battered-by-cyberattacks-salesforce-faces-a-trust-problem-and-a-potential-class-action-lawsuit/

  Please follow us on YouTube!  Want episodes a week early?  Consider becoming a Patreon sponsor of the DefSec podcast here. Here are links to the stories we talked about this week: https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/ https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/ https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages https://cybersecuritynews.com/finwise-insider-breach/ https://arstechnica.com/security/2025/09/how-weak-passwords-and-other-failings-led-to-catastrophic-breach-of-ascension/

In a riveting discussion, hosts explore Qantas handing down executive pay cuts post-cyber incident. They delve into the alarming rise of ransomware losses exacerbated by AI-driven phishing tactics. The conversation shifts to a significant NPM supply-chain compromise, raising concerns about dependency risks. LunaLock ransomware’s unique extortion method using stolen data for AI training models is a game changer. Finally, the FBI warns about impending Salesforce attacks, prompting vital talks on security measures like MFA.

Listen and Watch Defensive Security Episodes a week early by becoming a Patreon donor: https://www.patreon.com/defensivesec Please subscribe to our YouTube channel: Defensive Podcasts – Cyber Security & Infosec. – YouTube Links: https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen/ https://www.bleepingcomputer.com/news/security/ai-powered-malware-hit-2-180-github-accounts-in-s1ngularity-attack/ https://www.cbc.ca/news/canada/hamilton/cybersecurity-breach-1.7597713 https://www.bleepingcomputer.com/news/security/6-browser-based-attacks-all-security-teams-should-be-ready-for-in-2025/ https://www.bleepingcomputer.com/news/security/hackers-use-new-hexstrike-ai-tool-to-rapidly-exploit-n-day-flaws/

  Links to stories: https://securityaffairs.com/181430/security/after-sharepoint-attacks-microsoft-stops-sharing-poc-exploit-code-with-china.html https://www.cybersecuritydive.com/news/software-vulnerabilities-breaches-checkmarx-report/757793/ https://www.securityinfowatch.com/cybersecurity/article/55309774/even-security-leaders-are-breaking-ai-rules-calypsoai-report https://www.darkreading.com/cyber-risk/cyber-insurers-may-limit-payments-breaches-unpatched-cve https://www.darkreading.com/cyberattacks-data-breaches/fake-employees-pose-real-security-risks

This installment dives into the latest cybersecurity threats, including a downgrade attack that circumvents FIDO authentication in Microsoft Entra ID. There's a deep exploration of vulnerabilities in Docker Hub and the rising danger of ransomware such as Charon. The concept of vibe coding is introduced, discussing how AI can assist novice coders while also raising security concerns. Additionally, the podcast highlights the market for initial access brokers, revealing how compromised access is sold on the dark web. Tune in for practical security tips and a fun teaser about an upcoming live event!

The hosts dive into the intriguing world of AI and its impact on cybersecurity. They discuss the rise of malicious activities leading to new vulnerabilities and emphasize proactive defense strategies. A shocking case involving ATM networks reveals risks from poor security practices. Special attention is given to a critical flaw in the T app, threatening user privacy. The conversation wraps up with insights on the future of AI in security roles, raising questions about job security for professionals in an evolving landscape.

Want to support our show? Want to get access to episodes a week before everyone else? Become a patreon sponsor here: https://www.patreon.com/defensivesec If you’re in Atlanta on August 20, you can join us for a LIVE episode at Mission 25. Register here: MCS Mission: Security’25 Our new merch store is live: DefSec Store We’ve added a lot of new items and will continue to do so over time. On to the show. Here are the links for this week’s episode: https://www.theregister.com/2025/07/26/microsoft_sharepoint_attacks_leak/ https://mashable.com/article/google-gemini-deletes-users-code https://arstechnica.com/security/2025/07/open-source-repositories-are-seeing-a-rash-of-supply-chain-attacks/ https://www.theregister.com/2025/07/23/lawsuit_clorox_vs_cognizant/ https://www.bleepingcomputer.com/news/security/allianz-life-confirms-data-breach-impacts-majority-of-14-million-customers/

  If you’re in Atlanta on August 20, you can join us for a LIVE episode at Mission 25. Register here: MCS Mission: Security’25 Our new merch store is live(ish): DefSec Store – We’ll be adding more items as time goes on. This is managed through Printify, which has a quite expansive range of products to logo up. Also, some of you may know that Jerry is into photography and contemplating creating a calendar with images he’s taken. Let us know if that sounds interesting. Possible themes are: beach sunsets, flowers, or jet fighters, because that’s about all he’s good at taking pictures of.     On to the show. Here are the links for this week’s episode: https://www.bleepingcomputer.com/news/security/lamehug-malware-uses-ai-llm-to-craft-windows-data-theft-commands-in-real-time/ https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/ https://www.darkreading.com/remote-workforce/fully-patched-sonicwall-gear-zero-day-attack https://www.bleepingcomputer.com/news/security/new-crushftp-zero-day-exploited-in-attacks-to-hijack-servers/ (for patreon listeners only) https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html?m=1(for patreon listeners only)