Blue Security
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
Episodes
On this week's episode, Adam and Andy talk about CISA's DDoS protection guidance. This follows the episode on Microsoft's Digital Defense Report where DDoS attacks and protections were also highlighting in the report.
-------------------------------------------
YouTube Video Link: https://youtu.be/_9puZjc05H4
-------------------------------------------
Documentation:
On this week's episode, Adam and Andy talk about Microsoft's Digital Defense Report. This report has a wealth of information on the state of cybersecurity, current trends, attack vectors, and defense suggestions for organizations. They break down some key points so listen in if you do not have time to read the entire report.
-------------------------------------------
YouTube Video Link: https://youtu.be/CS5F8puZQXo
-------...
On this week's episode, Adam is back and joined by Andy to talk about Mastodon. This decentralized social media platform has been around since 2016 and recently has been growing exponentially due to the Twitter migration. Critical mass has already happened for many communities including the infosec community so it is in our best interest to learn about it and learn how to use it.
-------------------------------------------
This week, friend of the pod, Shannon Fritz, fills in for Adam and he and Andy talk about the big update for Patch Tuesday, the Medibank double extortion incident, and the meltdown happening at Twitter.
-------------------------------------------
Youtube Video Link:
-------------------------------------------
Documentation:
https://support.microsoft.com/en-us/topic/november-8-2022-kb5019980-os-build-22621-819-b503e08b-b850-469a-8de...
This week, Adam and Andy talk about the Dropbox and Twilio breach where old phishing tricks worked and attackers were able to get credentials. They also talk about CISA's new guidance on phish resistant MFA and Enhance Phishing Protection in Windows 11 22H2.
-------------------------------------------
Youtube Video Link: https://youtu.be/06lGGC6GSJM
-------------------------------------------
Documentation:
This week, Adam and Andy talk about the SOCRadar disclosure of a misconfigured Microsoft endpoint that led to a data privacy incident. They talk about what happened and what you should know as a Microsoft customer. They also go over some of the highlights from Ignite 2022 with new features and brands for endpoint management, identity, and security.
-------------------------------------------
Youtube Video Link: https://youtu.be/mMl...
This week, Adam and Andy talk about IBM's Incident Responder Report. This report has some great empirical data on incident responder perceptions and how incidents impact mental health. Listen in as they discuss some of the key findings in this report.
-------------------------------------------
Youtube Video Link: https://youtu.be/hhnxHMbvASw
-------------------------------------------
Documentation:
This week, Adam and Andy talk about how to look at BYOD policies in a Zero-Trust architecture. They go over a blueprint put out by Microsoft Middle East and Africa that's a little bit older but is a great reference for anyone looking for guidance.
-------------------------------------------
Youtube Video Link: https://youtu.be/pze2b0Ix8QI
-------------------------------------------
Documentation:
This week, Adam and Andy talk about Microsoft Defender for Endpoint's Tamper Protection. This type of feature is also available on other endpoint protection solutions. They talk about what it is, what's changing soon, and why you should turn this on.
-------------------------------------------
Youtube Video Link: https://youtu.be/ZhhlianhqgY
-------------------------------------------
Documentation:
This week, Adam and Andy talk about some tips on securing Active Directory. This was inspired by a session led by Trimarc Security at The Experts Conference.
-------------------------------------------
Youtube Video Link: https://youtu.be/7HQZQh-UzmQ
-------------------------------------------
Documentation:
https://www.trimarcsecurity.com/
This week, Adam and Andy talk about kerberoasting: how it works and how to defend against it. Listen in on this unique attack technique!
-------------------------------------------
Youtube Video Link: https://youtu.be/sr75jgscnkQ
-------------------------------------------
Documentation:
This week, Adam and Andy talk about Microsoft Teams and the post-exploit technique that was discovered by Vetra's Project Team and the decision of Patreon to lay off their entire internal information security team. The also talk about Uber's on-going cybersecurity incident including some initial reports of how it happened as well as mitigations to prevent this type of attack in the future.
----------------------------------...
This week, Adam and Andy breakdown what led to Cloudflare dropping Kiwi Farms as a customer, why the media and Twitter were up-in-arms about the whole incident, and their thoughts about the decision.
-------------------------------------------
Youtube Video Link: https://youtu.be/NrNe_n95Tfk
-------------------------------------------
Documentation:
https://blog.cloudflare.com/cloudflares-abuse-policies-and-approach/
This week, Adam and Andy talk about cloud security. If you're looking to learn about cloud security concepts, this is the show for you. They talk about basic and advanced security as well as risk assessment and other things you should consider when designing and architecting your security in the cloud.
-------------------------------------------
Youtube Video Link: https://youtu.be/1sc1R8iL3wc
----------------------------------...
This week, Adam and Andy pull together all the new product launches and rebranding for Microsoft Security over the last couple of months. Listen in to learn about Microsoft Entra, Defender Threat Intel, App Governance, and Threat Experts.
-------------------------------------------
Youtube Video Link: https://youtu.be/PSm97tY4q1E
-------------------------------------------
Documentation:
This week, Adam and Andy follow up on a few things from the post quantum cryptography episode talking about how one of the quantum resistant algorithms was broken and a lawsuit against the US government related to quantum encryption. They also chat about how TikTok may be storing information of US citizens on Chinese servers. Finally, they talk about how sound can be used as a cyber attack vector.
----------------------------------...
This week, Adam and Andy talk about post quantum cryptography this week. They go over why quantum computers are a threat to classical cryptography like public key encryption, quantum key distribution, and finally NIST's selection of quantum resistant cryptography.
-------------------------------------------
Youtube Video Link: https://youtu.be/v8CVq09tnB4
-------------------------------------------
Documentation:
This week, Adam and Andy start a two part series on post-quantum computer information security. This first part goes into understanding how quantum computers work and how they differ from classical computers. While it's not necessary to understand how quantum computers work to know the threat to information security they have, as technologist, it's always fun to expand our knowledge on these topics. We hope you learn as muc...
This week, Adam and Andy do a technical deep dive on Exchange Online Protection (EOP). They talk about the pre-delivery and post-delivery protections. They also talk about some of the zero-day protections that Defender for Office 365 provides similar to other competitors in the space and MX record vs API protection.
-------------------------------------------
Youtube Video Link: https://youtu.be/-_pnAIR2Y48
------------------------...
This week, Adam and Andy talk about privacy both in organizations and your personal life. They talk about some of the new Microsoft Purview Compliance Classifiers and how it might be an invasive for some orgs when implemented in the wrong way. They also talk about mobile device privacy in light of SCOTUS overturning Roe v Wade and how our data might be weaponized against us. Finally, they talk about some privacy tools that can help...
Popular Podcasts
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
How do the smartest marketers cut through the noise? And how do they manage to do it again and again? Join iHeartMedia Chairman and CEO Bob Pittman as he analyzes the Math and Magic of marketing—sitting down with today's most gifted disruptors.
If you can never get enough true crime... Congratulations, you’ve found your people.
The most notorious mass murder in Ohio’s history happened on the night of April 21, 2016 in rural Pike County. Four crime scenes, thirty-two gunshot wounds, eight members of the Rhoden family left dead in their homes. Two years later a local family of four, the Wagners, are arrested and charged with the crimes. As the Wagners await four back-to-back capital murder trials, the KT Studios team revisits Pike County to examine: crime-scene forensics, upcoming legal proceedings, and the ties that bind the victims and the accused. As events unfold and new crimes are uncovered, what will it mean for all involved? What will it mean for Pike County?
It’s a lighthearted nightmare in here, weirdos! Morbid is a true crime, creepy history and all things spooky podcast hosted by an autopsy technician and a hairstylist. Join us for a heavy dose of research with a dash of comedy thrown in for flavor.