In this episode, Spencer and Brad dive into the complex maze of 3rd party email providers, filtering and spoofing. Email spoofing is a technique used by cybercriminals to disguise the sender's address in an email message, making it appear as though the email originated from a different source. This can be used for a variety of malicious purposes, such as phishing attacks, fraudulent activities, or spreading malware. DMARC Rundown - Offensive Security Blog - SecurIT360 “EchoSpoofing” — A Mas...
Aug 07, 2024•27 min•Ep 103•Transcript available on Metacast In this episode, Spencer is joined by Joey Vandergrift (SecurIT360's VP of Security Operations) and Mark Brophy (SecurIT360's DFIR practice lead). Together they discuss how CrowdStrike, a leading EDR product, caused one of the largest global IT outages in history. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi...
Jul 31, 2024•49 min•Ep 102•Transcript available on Metacast In this episode, Spencer and Brad dive into the deep underworld of infostealer malware. They discuss what infostealers are, how they are used and what they are used for. They will dig into how the information obtained from infostealers can help cyber threat actors compromise large and small organizations, cloud providers and more but also how the infostealer data and logs can be used by authorities for good. Resources 10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit https://x.com/vx...
Jul 24, 2024•38 min•Ep 101•Transcript available on Metacast Discover the vulnerabilities lurking within medical devices and how ethical hacking can safeguard patient care. Join Brad, VP of Offensive Security at SecurIT360, as he unpacks the risks and protections against cyber threats in healthcare tech. - Unveiling the risks of wireless communication vulnerabilities in insulin pumps and glucose monitors that could be exploited through advanced hacking techniques. - Demonstrating the use of tools like ESP32, Hashcat, and attack scenarios to reveal how med...
Jul 17, 2024•36 min•Transcript available on Metacast In this episode, Spencer and Brad discuss the OpenSSH "regreSSHion" vulnerability. This is being tracked as CVE-2024-6409 & CVE-2024-6387. A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Links: https://nvd.nist.gov/vuln/detail/CVE-2024-6409...
Jul 10, 2024•27 min•Ep 100•Transcript available on Metacast In this episode, Spencer and Tyler discuss two of their current favorite tools: OneDriveEnum for enumerating user accounts in Microsoft 365 and AD Miner for visualizing attack paths in Active Directory. We hope you enjoy and get value from this episode! Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https:...
Jul 03, 2024•37 min•Ep 99•Transcript available on Metacast In this episode, we discuss the latest trends and techniques for enumerating Microsoft 365. We break down how attackers may identify M365 tenants, how they discover and validate accounts and what you as an IT admin can do to protect your organization in-light of this. Topics covered: Credential Stuffing , Brute Force Attacks , Password Spraying , Prompt Bombing , Session Hijacking , Adversary-in-the-Middle (AiTM) Attacks , OAuth Phishing, Legacy Authentication Protocols , App Passwords, Conditio...
Jun 26, 2024•27 min•Ep 98•Transcript available on Metacast In this episode, we discuss the latest trends and techniques for enumerating Microsoft 365. We break down how attackers may identify M365 tenants, how they discover and validate accounts and what you as an IT admin can do to protect your organization in-light of this. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work ...
Jun 19, 2024•26 min•Ep 97•Transcript available on Metacast This is a recording of a webinar aimed at IT professionals, system administrators, and cybersecurity professionals eager to bolster their defenses against cyber threats. In this session, "How to Harden Active Directory to Prevent Cyber Attacks," our expert speakers will discuss comprehensive strategies and best practices for securing your Active Directory environment. Key Takeaways: - Understanding AD Vulnerabilities: Learn about the most common security weaknesses in Active Directory ...
Jun 12, 2024•1 hr 22 min•Ep 96•Transcript available on Metacast In this episode, Alex Boyd joins Spencer and Brad. Alex is a shareholder in Polsinelli's national Technology Transactions and Data Privacy practice, shares crucial insights for CTOs, IT Directors, CISOs, Security Managers when responding to security incidents. Discover common misconceptions about breaches and the mistakes organizations make in regulatory compliance. Gain valuable advice on selecting cyber insurance policies and navigating the legal landscape of regulatory investigations, li...
Jun 05, 2024•50 min•Ep 95•Transcript available on Metacast In this episode, Brad and Spencer discuss the preparation stage of defending against ransomware. As we know, the time to have a plan is before you enter the woods and cybersecurity is no different. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com...
May 29, 2024•54 min•Ep 94•Transcript available on Metacast In this episode, Brad and Spencer discuss the preparation stage of defending against ransomware. As we know, the time to have a plan is before you enter the woods and cybersecurity is no different. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com...
May 22, 2024•29 min•Ep 93•Transcript available on Metacast In this episode, Spencer and Darrius share their expertise on navigating the world of cybersecurity training and certification. With decades of experience and numerous certifications, they provide valuable insights, tips, and personal stories to help listeners stay ahead of emerging threats and advance their careers in cybersecurity. Whether you're a beginner or a veteran in the field, this episode offers practical advice to enhance your skills and succeed in this ever-changing industry. Tu...
May 15, 2024•35 min•Ep 92•Transcript available on Metacast In this episode, Spencer and Brad discuss the highly respected 2024 Verizon Data Breach Investigations Report (DBIR), a data-driven analysis of cyberattacks and data breaches from around the world. Tune in to discover the latest global trends and patterns in cybersecurity, as well as key insights for security professionals and executives. Don't miss out on this essential resource that has been shaping the industry for the past 15 years. Blog: https://offsec.blog/ Youtube: https://www.youtub...
May 08, 2024•42 min•Ep 91•Transcript available on Metacast In this episode Spencer chats with Mark Brophy (of SecurIT360) to discuss his background and experience with coaching a collegiate cyber defense team and how many of those lessons learned from defending against expert red team operators translate to securing organizations in today's modern thread landscape. Another must-listen to episode for all defenders, it admins, cisos, it directors, or anyone else in charge of managing, maintaining and/or securing computers and networks. Blog: https://...
May 01, 2024•45 min•Ep 90•Transcript available on Metacast In this episode, Spencer and Darrius break down the complexities of credential protection, discussing everything from user education and tools to threat modeling and guardrails. Plus, we delve into the world of protecting credentials within scripts and code. This is a must-listen for all IT admins, CISOs and any other IT/Security professional. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/te...
Apr 24, 2024•44 min•Ep 89•Transcript available on Metacast Get into the dynamic world of penetration testing with Episode 88 of The Cyber Threat Perspective. Hosts Brad and Tyler discuss how to plan for penetration testing from both a budgeting and success perspective. • How to budget for penetration testing - by evaluating risk and compliance needs. • Discussion on the ways to ensure you're getting value and quality in your penetration testing. • How to avoid pit-falls before, during and after penetration testing. • The role of communication in de...
Apr 17, 2024•25 min•Ep 88•Transcript available on Metacast In this episode, Spencer and Tyler dive into the common challenges, struggles and obstacles a pentester may face in their career and they offer advice for dealing with and overcoming those hurdles. Thank you for listening! We hope this episode brings you value! 🙏 Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with...
Apr 10, 2024•58 min•Ep 87•Transcript available on Metacast In this episode Spencer and Darrius discuss the XZ backdoor fiasco and share their perspective on what to be thinking about as a defender and what the long-term impact of this event may be. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com...
Apr 03, 2024•36 min•Ep 86•Transcript available on Metacast In this episode, Spencer and Darrius discuss DarkGPT, which is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's LinkedIn: https://linkedin.com/in/SpencerAles...
Mar 27, 2024•28 min•Ep 85•Transcript available on Metacast Discover the vulnerabilities lurking within medical devices and how ethical hacking can safeguard patient care. Join Brad, VP of Offensive Security at SecurIT360, as he unpacks the risks and protections against cyber threats in healthcare tech. - Unveiling the risks of wireless communication vulnerabilities in insulin pumps and glucose monitors that could be exploited through advanced hacking techniques. - Demonstrating the use of tools like ESP32, Hashcat, and attack scenarios to reveal how med...
Mar 20, 2024•36 min•Transcript available on Metacast In this episode, Brand and Spencer dive into Defense in Depth. What is it, what does that mean, what are some actionable and practical steps you can take to implement a defense in depth strategy, how does threat modeling and incident response tabletop exercises fit into it and so much more. Do not miss this episode Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer's Linke...
Mar 13, 2024•30 min•Ep 83•Transcript available on Metacast In this episode, we dive into the world of digital forensics and incident response. Spencer, Mark and Andrew discuss the various roles you might see on a DFIR team, the psychology of IR and the stages of incident response, the challenges of responding to cloud compromises, what comes after after the breach and so much more. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer&apo...
Mar 06, 2024•56 min•Ep 82•Transcript available on Metacast In this episode, Spencer and Tyler discuss common misconceptions about penetration testing and provide clarity on its purpose and importance in cybersecurity. Join us as we explore the realities behind this vital security assessment, debunking myths and offering insights into its role in safeguarding organizations and data. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspence Spencer&apo...
Feb 27, 2024•25 min•Ep 81•Transcript available on Metacast In this episode, Spencer and Brad deep dive into several tools that IT Admins can use to identify critical issues within Active Directory environments, without breaking the bank. There's a misconception that security can only be achieved by spending large sums of money. That simply isn't the case. Listen to this episode to learn how. https://pingcastle.com/ https://github.com/mtth-bfft/adeleg https://github.com/techspence/ScriptSentry https://github.com/TrimarcJake/Locksmith https://gi...
Feb 21, 2024•29 min•Ep 80•Transcript available on Metacast Our expert hosts unpack the intricacies of bug bounty programs, exploring how they've become a pivotal element in the cybersecurity world and also how they fail. Whether you're a cybersecurity professional, an aspiring ethical hacker, or simply curious about the mechanisms that protect our online spaces, this episode comprehensively explores the bug bounty ecosystem. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spence...
Feb 14, 2024•29 min•Ep 79•Transcript available on Metacast Join us for an enthralling journey into the heart of cybersecurity operations with “Tales from the Trenches,” an exclusive podcast presented by Brad Causey, Vice President of Offensive Security at SecurIT360. Dive deep into the high-stakes world of offensive security as Brad shares his firsthand experiences from a career spent on the front lines of digital defense. Engage with real-life stories illustrating offensive cybersecurity's intense challenges and triumphant victories. Brad's n...
Feb 07, 2024•57 min•Ep 78•Transcript available on Metacast In our "DNS Security" podcast, we delve into DNS's critical role in how the internet works, exploring its vulnerabilities and attacks like DNS spoofing, cache poisoning, and DDoS. We discuss DNSSEC and its components, including public and private keys, and examine practical solutions such as DNS and content filtering. The episode also highlights the advantages of cloud-based DNS services, like those offered by Cloudflare. Finally, we share best practices and resources for securing...
Jan 31, 2024•31 min•Ep 77•Transcript available on Metacast In this episode, we dive into the world of Windows and Active Directory and we explore strategies and best practices to secure these systems. This episode will provide you with actionable advice for securing your organization against cyber attacks. We discuss topics such as least privilege, tiered admin model, CIS benchmarks, and much more. Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techs...
Jan 24, 2024•48 min•Ep 76•Transcript available on Metacast In today's rapidly evolving cybersecurity landscape, where organizations of all verticals and industries are more and more being targeted, organizations must adopt a proactive approach to securing their systems and data. Penetration testing is an essential component of identifying vulnerabilities and weaknesses. However, many organizations fail to extract maximum value from their penetration tests, treating them as isolated events rather than continuous learning opportunities. This session ...
Jan 17, 2024•41 min•Ep 75•Transcript available on Metacast 
