Blue Security

Blue Security

A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.

Episodes

December 5, 2022 18 min

On this week's episode, Adam and Andy talk about CISA's DDoS protection guidance. This follows the episode on Microsoft's Digital Defense Report where DDoS attacks and protections were also highlighting in the report.

-------------------------------------------

YouTube Video Link: https://youtu.be/_9puZjc05H4

-------------------------------------------

Documentation:

https://www.cisa.gov/sites/default/files/publications...

Mark as Played

On this week's episode, Adam and Andy talk about Microsoft's Digital Defense Report. This report has a wealth of information on the state of cybersecurity, current trends, attack vectors, and defense suggestions for organizations. They break down some key points so listen in if you do not have time to read the entire report.

-------------------------------------------

YouTube Video Link: https://youtu.be/CS5F8puZQXo

-------...

Mark as Played
November 21, 2022 34 min

On this week's episode, Adam is back and joined by Andy to talk about Mastodon. This decentralized social media platform has been around since 2016 and recently has been growing exponentially due to the Twitter migration. Critical mass has already happened for many communities including the infosec community so it is in our best interest to learn about it and learn how to use it.

-------------------------------------------

Yout...

Mark as Played

This week, friend of the pod, Shannon Fritz, fills in for Adam and he and Andy talk about the big update for Patch Tuesday, the Medibank double extortion incident, and the meltdown happening at Twitter.

-------------------------------------------

Youtube Video Link:

-------------------------------------------

Documentation:

https://support.microsoft.com/en-us/topic/november-8-2022-kb5019980-os-build-22621-819-b503e08b-b850-469a-8de...

Mark as Played
November 7, 2022 18 min

This week, Adam and Andy talk about the Dropbox and Twilio breach where old phishing tricks worked and attackers were able to get credentials. They also talk about CISA's new guidance on phish resistant MFA and Enhance Phishing Protection in Windows 11 22H2.

-------------------------------------------

Youtube Video Link: https://youtu.be/06lGGC6GSJM

-------------------------------------------

Documentation:

https://dropbox.tech...

Mark as Played
October 31, 2022 44 min

This week, Adam and Andy talk about the SOCRadar disclosure of a misconfigured Microsoft endpoint that led to a data privacy incident. They talk about what happened and what you should know as a Microsoft customer. They also go over some of the highlights from Ignite 2022 with new features and brands for endpoint management, identity, and security.

-------------------------------------------

Youtube Video Link: https://youtu.be/mMl...

Mark as Played
October 24, 2022 34 min

This week, Adam and Andy talk about IBM's Incident Responder Report. This report has some great empirical data on incident responder perceptions and how incidents impact mental health. Listen in as they discuss some of the key findings in this report.

-------------------------------------------

Youtube Video Link: https://youtu.be/hhnxHMbvASw

-------------------------------------------

Documentation:

https://www.ibm.com/downloa...

Mark as Played
October 17, 2022 30 min

This week, Adam and Andy talk about how to look at BYOD policies in a Zero-Trust architecture. They go over a blueprint put out by Microsoft Middle East and Africa that's a little bit older but is a great reference for anyone looking for guidance.

-------------------------------------------

Youtube Video Link: https://youtu.be/pze2b0Ix8QI

-------------------------------------------

Documentation:

https://www.microsoft.com/en-us...

Mark as Played
October 10, 2022 14 min

This week, Adam and Andy talk about Microsoft Defender for Endpoint's Tamper Protection. This type of feature is also available on other endpoint protection solutions. They talk about what it is, what's changing soon, and why you should turn this on.

-------------------------------------------

Youtube Video Link: https://youtu.be/ZhhlianhqgY

-------------------------------------------

Documentation:

https://techcommunity.mi...

Mark as Played
October 3, 2022 28 min

This week, Adam and Andy talk about some tips on securing Active Directory. This was inspired by a session led by Trimarc Security at The Experts Conference.

-------------------------------------------

Youtube Video Link: https://youtu.be/7HQZQh-UzmQ

-------------------------------------------

Documentation:

https://www.trimarcsecurity.com/

https://www.quest.com/the-experts-conference/

https://www.hub.trimarcsecurity.com/post/ten-w...

Mark as Played
September 26, 2022 18 min

This week, Adam and Andy talk about kerberoasting: how it works and how to defend against it. Listen in on this unique attack technique!

-------------------------------------------

Youtube Video Link: https://youtu.be/sr75jgscnkQ

-------------------------------------------

Documentation:

https://www.linkedin.com/posts/heathadams_i-got-domain-admin-on-an-internal-pentest-activity-6976047836693966848-e3AM

https://twitter.com/_wald0/s...

Mark as Played
September 19, 2022 29 min

This week, Adam and Andy talk about Microsoft Teams and the post-exploit technique that was discovered by Vetra's Project Team and the decision of Patreon to lay off their entire internal information security team. The also talk about Uber's on-going cybersecurity incident including some initial reports of how it happened as well as mitigations to prevent this type of attack in the future.

----------------------------------...

Mark as Played
September 12, 2022 33 min

This week, Adam and Andy breakdown what led to Cloudflare dropping Kiwi Farms as a customer, why the media and Twitter were up-in-arms about the whole incident, and their thoughts about the decision.

-------------------------------------------

Youtube Video Link: https://youtu.be/NrNe_n95Tfk

-------------------------------------------

Documentation:

https://blog.cloudflare.com/cloudflares-abuse-policies-and-approach/ 

https://blog....

Mark as Played
September 5, 2022 43 min

This week, Adam and Andy talk about cloud security. If you're looking to learn about cloud security concepts, this is the show for you. They talk about basic and advanced security as well as risk assessment and other things you should consider when designing and architecting your security in the cloud.

-------------------------------------------

Youtube Video Link: https://youtu.be/1sc1R8iL3wc

----------------------------------...

Mark as Played

This week, Adam and Andy pull together all the new product launches and rebranding for Microsoft Security over the last couple of months. Listen in to learn about Microsoft Entra, Defender Threat Intel, App Governance, and Threat Experts.

-------------------------------------------

Youtube Video Link: https://youtu.be/PSm97tY4q1E

-------------------------------------------

Documentation:

https://www.microsoft.com/security/blog/2022...

Mark as Played

This week, Adam and Andy follow up on a few things from the post quantum cryptography episode talking about how one of the quantum resistant algorithms was broken and a lawsuit against the US government related to quantum encryption. They also chat about how TikTok may be storing information of US citizens on Chinese servers. Finally, they talk about how sound can be used as a cyber attack vector.

----------------------------------...

Mark as Played

This week, Adam and Andy talk about post quantum cryptography this week. They go over why quantum computers are a threat to classical cryptography like public key encryption, quantum key distribution, and finally NIST's selection of quantum resistant cryptography.

-------------------------------------------

Youtube Video Link: https://youtu.be/v8CVq09tnB4

-------------------------------------------

Documentation:

https://www.wh...

Mark as Played

This week, Adam and Andy start a two part series on post-quantum computer information security. This first part goes into understanding how quantum computers work and how they differ from classical computers. While it's not necessary to understand how quantum computers work to know the threat to information security they have, as technologist, it's always fun to expand our knowledge on these topics. We hope you learn as muc...

Mark as Played
August 1, 2022 25 min

This week, Adam and Andy do a technical deep dive on Exchange Online Protection (EOP). They talk about the pre-delivery and post-delivery protections. They also talk about some of the zero-day protections that Defender for Office 365 provides similar to other competitors in the space and MX record vs API protection.

-------------------------------------------

Youtube Video Link: https://youtu.be/-_pnAIR2Y48

------------------------...

Mark as Played
July 25, 2022 39 min

This week, Adam and Andy talk about privacy both in organizations and your personal life. They talk about some of the new Microsoft Purview Compliance Classifiers and how it might be an invasive for some orgs when implemented in the wrong way. They also talk about mobile device privacy in light of SCOTUS overturning Roe v Wade and how our data might be weaponized against us. Finally, they talk about some privacy tools that can help...

Mark as Played

Popular Podcasts

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

    Math & Magic: Stories from the Frontiers of Marketing with Bob Pittman

    How do the smartest marketers cut through the noise? And how do they manage to do it again and again? Join iHeartMedia Chairman and CEO Bob Pittman as he analyzes the Math and Magic of marketing—sitting down with today's most gifted disruptors.

    Crime Junkie

    If you can never get enough true crime... Congratulations, you’ve found your people.

    The Piketon Massacre

    The most notorious mass murder in Ohio’s history happened on the night of April 21, 2016 in rural Pike County. Four crime scenes, thirty-two gunshot wounds, eight members of the Rhoden family left dead in their homes. Two years later a local family of four, the Wagners, are arrested and charged with the crimes. As the Wagners await four back-to-back capital murder trials, the KT Studios team revisits Pike County to examine: crime-scene forensics, upcoming legal proceedings, and the ties that bind the victims and the accused. As events unfold and new crimes are uncovered, what will it mean for all involved? What will it mean for Pike County?

    Morbid

    It’s a lighthearted nightmare in here, weirdos! Morbid is a true crime, creepy history and all things spooky podcast hosted by an autopsy technician and a hairstylist. Join us for a heavy dose of research with a dash of comedy thrown in for flavor.

Advertise With Us

For You

    Music, radio and podcasts, all free. Listen online or download the iHeart App.

    Connect

    © 2022 iHeartMedia, Inc.