In this week's episode we're exploring an exciting and transformative innovation: Digital Twins technology and its groundbreaking application in cybersecurity. Imagine having a virtual replica of your entire digital infrastructure—a detailed, dynamic model that mirrors every aspect of your environment. In particular, we will look at how this cuttin…

In this episode we continue with part 2 on comparing SSL VPN and IPsec VPN, two popular technologies used for secure remote access. As I said last week, understanding the nuances of these technologies is therefore crucial. We'll explore how each VPN works, their security features, performance differences, and the scenarios where each excels. Please…

In this week's episode we're diving into the world of VPNs, Specifically we will compare SSL VPN and IPsec VPN, two popular technologies used for secure remote access. In the post pandemic area, remote work become part of the new normal post. Understanding the nuances of these technologies is therefore crucial. We'll explore how each VPN works, the…

In this week's episode, we will be exploring the fascinating world of remote browser isolation technology or RBI as it appreciated. We will delve into what remote browser isolation is, how it works, and the limitations it faces. Join us as we uncover the complexities of this innovative cybersecurity approach, shedding light on its benefits and chal…

In part 2 on eBPF we continue demystifying this promising new technology that is strengthening the cyber space. Please listen to the previous episode i.e. Episode 169 before you to listen to this one. Having said that, lets recap a top trending security news, shall we? New UK Law: No Default Passwords on Smart Devices from April 2024 - https://www.…

In this episode, we're diving deep to demystif a groundbreaking technology that's gathering pace on the security front. It is not something most people are aware of. This technology is bringing enhanced visibility, increased performance to enabling powerful security measures. Hang around as we unravel the potential of eBPF in bolstering cybersecuri…

In this week's episode, we will continue with part 2 on "Preparing for and responding to ransomeware attack" As I said last week, ransomware is a threat that will be around us for the foreseeable future. Do listen to part 1 before you listen to this episode. With that out of the way, lets have a look a top trending piece of update for you. There is…

Ransomware is a threat that will be around us for the foreseeable future. In this week's episode we will look at the history of ransomware, the common TTPs in use by threat actors such as Turla, how to align our incident response to that threat and others, and finally how to contain, eradicate, and recover from it. In addition we will answer the fo…

This week we will dive into a collection of powerful system utilities and tools designed to help users diagnose, troubleshoot, and monitor Windows operating system. These utilities provide advanced functionality beyond what is typically available in Windows, as they offer insights into system internals, processes, file systems, networking, and more…

AI is getting into all sorts of places but no less than in cybersecurity in both a good way and bad ways. In a good way with bolstering Incident response live cycle but unfortunately in a bad way with generating convincing phishing email or assisting with script and coding etc. In this week's episode we will focus on how AI is helping IR in getting…

In our second episode, we continue exploring the concept of adopting a platform security. In this second part we will continue where we left off from last week and will encourage you to listed to the first episode if you have not done so. Before we get into the main topic, lets touch one important top trending piece of news this week. And that is: …

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. In this episode, we explore the recently much talked about concept of adopting a platform security. As technology advances, cyber criminals continually adapt their tactics. Engaged in a constant ca…

It was the LEAP event this past week. LEAP is a technology event in Saudi Arabia, Riyadh and it attracts every technology company imaginable especially in the cyber security domain. This is year was no different. At LEAP, I met with Port53, a firm that helps from SMB to enterprise businesses with their cyber security mission by delivering enterpris…

This week I attended Qatar Web Summit. This is a technology and start-up summit held yearly in Doha, Qatar. There were a lot going on and I am lucky to have spent time with the Ken Fee, the CEO of Business Technology Architect shorten as BTA where we talked about security, network optimisation and automation. The return of LockBit Ransomware-as-a-S…

In this episode, we are continuing with part 2 of the risks paused by default configuration. As I said last week, while default config is convenient for initial setup, these settings are may introduce significant security risks that can leave systems vulnerable to exploitation by malicious actors. Please listen to the first episode before you liste…

In today's interconnected world, default configurations are ubiquitous across various systems and devices, from routers to software applications. While convenient for initial setup, these default settings often harbor significant security risks that can leave systems vulnerable to exploitation by malicious actors. In this episode, we delve into the…

This is the second episode of our two part episode on whether quantum computing is a threat to cryptography really. Make sure you listen to episode 1 first as we laid the foundation on what is coming up in this episode. As always lets review this week's top trending security news first. CISA and the FBI release Living of the land technique guidance…

Cryptography are the backbone of privacy since time immemorial. Toda is THE foundational block of the connected world without which the Internet will crumble as we know it. There is a feverish discussions happening and fast improving of a new era in computing - Quantum computing, and it is improving year after year taking us ever closer to question…

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. Accessing and managing various applications and services remotely is a daily occurrence for a typical administrator. It is often the fastest way to accomplish a quick task while you are on the move…

When things go wrong, they go wrong fast. This week will dive into the widespread exploitation on iVanti VPN solution that attracted a lot of attention from both the security community as well as from the bad guys. What went wrong? Stay tuned. Just before we get into iVanti, lets review the other top security news this week. Millions of passwords o…

We are continuing demystifying a couple of terms that folks new to the realm of cyber security often mix up. Those are the terms Exfil or DLP. So by the end of the session you will surely understand where you stand the next time you will hear an Exfil has happened to so and so org or a DLP is require here. Make sure you listen to part 1 beforehand.…

We will kick off the year with demystifying a couple of terms that folks new to the realm of cyber security often mix up. Those are the terms Exfil or DLP. So by the end of the session you will surely understand where you stand the next time you will hear an Exfil has happened to so and so org or a DLP is require here. Before we get into the weeds,…

Welcome back and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain English. Well 2023 came and is is now gone, in this final episode we are unwinding the tape to go back to our most popular episodes. If you ever wondered hey what are the most listened to episode. This…

Welcome back and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain English. In our penultimate episode, we will review the twist and turn of 2023. We will go over the trend that stood out the most and both the trends and players behind them throughout he course of yea…

Digital inter-connectivity define our era. One of the primary challenges facing supply chain cyber security is the expanding attack surface. In this week's episode we will turn to Supply Chain Security, how attackers carry out such attacks. We will also look at previous examples and what mitigations can be mounted to prevent these do not happen aga…

The holiday season is when most of us let our guard down. For the cyber criminal though, it is their hunting season. In this episode we will give you practical advise on how to stay one step ahead of the miscreants and avoid getting their hands on your sensitive data or cash or both. To get started, lets review top trending security news this: Priv…

In episode 148 we look inside the mysterious world of the Dark Web. The Dark Web is a hidden area of the internet that is often obscured by mystery and intrigue to many, and it is unlike standard search engines and browsing destination. I will try to deconstruct this covert network and make you aware of what makes it different from the surface web …

One of the go tools for attackers are Web shells. In this episode we will explore what these are, their background, how they are used and how you can avoid be turned against you. These deceptive tools bring immense power to the hands of hackers, acting as covert entry door to infiltrate and control the machines that power the Internet, web servers.…

During Gitex Global in Dubai I sat down with the leaders and founders of Source Technology an organisation based in Swizerland that developed a tool called Source Security. This is ...quote... "technology to integrate behavioral analytics with Symbolic Language that can significantly enhance cybersecurity by providing a deeper understanding of user…

Welcome back and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. I'm your your host Ibrahim Yusuf In today's episode, we're shedding light on a critical yet often overlooked aspect of cybersecurity - Indications of Compromise, also known as IOCs. These vita…

Today, we're diving into the world of cybersecurity with an eye to vulnerability scoring system. C We've got a topic that's on the mind of anyone with interest in risk management, one that's of paramount importance to anyone concerned with the safety and integrity of their assets. That's right, today we're talking about the brand-new version of the…

And in today's episode we ponder over how technology continues to reach every aspect of our lives and now the places we call our castles...our homes. The other week at GITEX I also sat down with Floris Grandvarlet, EMEA Innovation, Sustainability, CTO at CISCO. More that later, but first..... we look at at recent breach and mishaps that left multip…

This was GITEX 2023 Dubai week. GITEX, short for the "Gulf Information Technology Exhibition," is a prominent annual technology event and trade show held in Dubai, United Arab Emirates. It is one of the largest and most influential technology exhibitions in the Middle East, attracting participants and visitors from around the world. At GITEX I sat …

This is the second part of our Threat Modeling episode. Please listen to last week week's episode, that is episode 140 before you dive into this one. Having said that, lets have a look at the top security news this week: - https://blog.google: New Gmail protections for a safer, less spammy inbox - https://blog.postmaster.yahooinc.com: More Secure, …

In this week's episode I step through what Threat Modeling is. And yes it a crucial aspect of cybersecurity that is often overlooked. Join us as we explain this concept by carefully examining its definition, and, more importantly, highlighting its effectiveness as a powerful tool in the ever-changing threat, defenses and mitigation. But before that…

Today's episode is a continuation of what we've started last week: Initial Access. This is part 2. And as I said, it truly is the point where the rubber hits the road when it comes to the important stages to look out for during an attack. Thoroughly investigation the Initial Access stage allows us finding how an attacker made their way into our env…

In today's episode, we're peeling back the layers of cybersecurity to delve into a critical phase of the attack lifecycle: Initial Access. It's the point where the rubber truly hits the road during a cyberattack. We will uncover the strategies, tactics, and technologies involved in gaining that crucial foothold in target systems for both attackers …

Today we will step back and talk about the fundamentals to understanding this ever-evolving field: cyber security. And what better way than to cover "Introduction to Cyber Security" in this episode. But before that, we will recap other trending security news including: The stolen LastPass vaults may have been cracked - https://securitylab.github.co…

Today we will step back and talk about the fundamentals to understanding this ever-evolving field: cyber security. And what better way than to cover "Introduction to Cyber Security" in this episode. But before that, we will recap other trending security news including: Notepad++ 8.5.7 released with fixes for four security vulnerabilities Years-old …

In the ever-evolving landscape of digital threats and vulnerabilities, the importance of selecting the right tools for the job cannot be overstated. Just like a skilled craftsman relies on the right tools to create a masterpiece, cybersecurity professionals must carefully choose their tools to safeguard digital asset effectively. Join us as we delv…

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. I'm Ibrahim Yusuf, your host, and in today's episode, we're exploring an exciting intersection between generative AI and cybersecurity. In particular we will look into whether cyber security can be…

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. I had the pleasure of sitting down with Cohaesus Group. We touched various areas of cyber security. I split the talk into two parts as it went on a bit. Without further ado, here is the second part…

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. I had the pleasure of sitting down with Cohaesus Group. We touched various areas of cyber security. I split the talk into two parts as it went on a bit. Without further ado, here is the first part.…

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. In today's episode, we'll explore a critical aspect of endpoint security – the ransomware rollback feature. Ransomware is still a prevailing threat, targeting individuals and organizations alike. T…

Listen to this very insightful episode on differentiating two important cybersecurity domains that are both intriguing and essential: Threat Hunting and Incident Response. We all agree that staying one step ahead of cybercrooks is paramount. But what sets these two critical practices apart, and how do they work together to safeguard businesses? Whi…

Thanks for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. This is another exciting episode of our cybersecurity podcast! Today, we've got a topic that's hot off the press—the newly released Payment Card Industry Data Security Standard version 4, or PCI DSS v4. If you're…

Thanks for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. Today, we continue with part 2 the critical aspect of cybersecurity: incident response best practices. Given the unforgiving threat landscape, organizations face an ever-increasing number of cyber threats. Whethe…

Thanks for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. Today, we delve into a critical aspect of cybersecurity: incident response best practices. Given the unforgiving threat landscape, organizations face an ever-increasing number of cyber threats. Whether it's a dat…

In this week's episode, we'll explore the fundamental purpose of cyber threat intelligence and why it has become an essential pillar of modern cybersecurity. Cybercriminals are constantly adapting their tactics, making it crucial for organizations and individuals to stay one step ahead. That's where cyber threat intelligence comes in. Whether you'r…

Thanks for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english. Today we dive deep into the key takeaways of the highly anticipated Version Data Breach Investigation Report. In a world where data breaches have become all too common, understanding the intricacies and lessons f…