Defensive Security Podcast Episode 304

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss the latest trends in cybersecurity, focusing on the rise of BEC scams and the significant losses attributed to cybercrime in 2024. They explore emerging threats, including social engineering tactics and hardware vulnerabilities, particularly in management interfaces. The conversation also delves into the complexities of vulnerability management, the risks associated with supply chain attacks in open source software, and the alarming rate at which CVEs are being exploited. The hosts emphasize the need for organizations to be proactive in their security measures and to understand the evolving landscape of cyber threats.

Links:

• https://www.cybersecuritydive.com/news/fbi-internet-crime-bec-scams-investment-fraud-losses/746181/
• https://www.bleepingcomputer.com/news/security/asus-releases-fix-for-ami-bug-that-lets-hackers-brick-servers/
• https://www.theregister.com/2025/04/21/microsoft_apple_patch/
• https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html
• https://thehackernews.com/2025/04/159-cves-exploited-in-q1-2025-283.html

Like what we’re doing and want to help support us? Donate here: https://www.patreon.com/defensivesec