MDE's official monthly podcast (Formerly My Digital Enemy's Zulu Radio). Tune in for exclusives from MDE & Friends. For more info check out www.facebook.com/therealmde
…
continue reading
This is a monthly podcast brought to you by Messed Up Music, with the latest goings on in the Progressive House and Melodic Techno genre. Mixed by Chris Hover, Dj and Producer from Brighton UK, Chris Hover was born in Brighton, UK in 1977. He first got in to house music in his early teens when his fascination for dj-ing began! He then went on to dj-ing trance in most clubs in and around Brighton, becoming a resident at a night called PlayTime which was hosted at many venues including the inf ...
…
continue reading
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
…
continue reading
1
Detecting AD Compromise, Safe MDE Deployment, macOS SSO
30:50
30:50
Spill senere
Spill senere
Lister
Lik
Likt
30:50
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity insights, focusing on Active Directory security techniques, the implications of recent incidents involving Microsoft Defender for Endpoint, and the introduction of passwordless solutions for Apple devices. They emphasize the importanc…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the critical steps involved in offboarding employees, particularly focusing on Microsoft 365 environments. They cover essential practices such as blocking user sign-ins, managing mailbox contents, device management, and ensuring data protection. The convers…
…
continue reading
1
Episode 10: MU Music House Sessions Oct 2024
1:19:16
1:19:16
Spill senere
Spill senere
Lister
Lik
Likt
1:19:16
Chris Hover is bringing you all things Moody Tech House on the MU Music Podcast
…
continue reading
1
2024 Microsoft's Digital Defense Report
42:16
42:16
Spill senere
Spill senere
Lister
Lik
Likt
42:16
Summary In this episode, Andy and Adam discuss Microsoft's 2024 Digital Defense Report, which highlights the evolving cyber threat landscape, the rise of ransomware, identity attacks, and DDoS attacks. They emphasize the importance of centering organizations around security, the shift towards passwordless authentication, and the impact of AI on cyb…
…
continue reading
Summary In this episode, Andy Jaw and Adam Brewer discuss Microsoft's Secure Future Initiative (SFI), which emphasizes security by design, default, and operations. They explore the initiative's six key security pillars, the impact of recent cyber incidents, and the ongoing progress in enhancing security measures across Microsoft. The conversation h…
…
continue reading
Summary In this episode of the BlueScarity Podcast, hosts Andy Jaw and Adam Brewer discuss the evolution of password guidelines, focusing on the recent updates from NIST and Microsoft. They explore the implications of these changes, emphasizing the importance of understanding human behavior in password security and the need for organizations to ado…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the critical topic of token theft in identity management. They discuss the importance of multi-factor authentication (MFA) as a primary defense against identity attacks, the nature of tokens, and how attackers exploit vulnerabilities to steal these token…
…
continue reading
1
BSP Turns 4, WSUS Deprecated, macOS Firewall Woes
40:57
40:57
Spill senere
Spill senere
Lister
Lik
Likt
40:57
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer celebrate four years of podcasting, reflecting on their journey and the importance of providing actionable insights to their audience. They discuss the significance of education in technology, particularly in relation to Microsoft products and the recent deprecatio…
…
continue reading
1
Cloud Security - Containers 101 & Defender for Containers
26:59
26:59
Spill senere
Spill senere
Lister
Lik
Likt
26:59
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the world of containers, exploring their functionality, differences from virtual machines, and the importance of securing them. They discuss key tools like Docker and Kubernetes, and introduce Microsoft's Defender for Containers as a solution for managin…
…
continue reading
Summary In this episode, Andy and Adam discuss the key findings from IBM's report on the costs of a data breach in 2024. They cover topics such as the increase in the cost of data breaches, the use of security AI and automation, the cyber skills shortage, the challenges of shadow data, and the importance of insider risk management. They also highli…
…
continue reading
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss Entra Suite, a new package from Microsoft that includes various Entra products and solutions. They provide an overview of each component, including Entra Private Access, Entra Internet Access, Entra ID Governance, Entra ID Protection, and Entra Verified ID. They highlight t…
…
continue reading
Summary In this episode, Andy and Adam discuss various resources and methods for getting training and learning about Microsoft and other technology solutions. They cover topics such as official documentation, certification tracks, Ninja training, Microsoft Mechanics, the Tech Community, customer connection programs, building a personal lab, and the…
…
continue reading
1
Trump and NPD Hacked, Microsoft Admin MFA
33:19
33:19
Spill senere
Spill senere
Lister
Lik
Likt
33:19
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss several cybersecurity news stories. They cover the hack of the Trump campaign's emails by Iranian hackers, the breach of the National Public Data records, and Microsoft's new requirement for admins to enable multi-factor authentication (MFA). They also touch on the importan…
…
continue reading
1
Cloud Security - Defender for Storage Deep Dive
28:25
28:25
Spill senere
Spill senere
Lister
Lik
Likt
28:25
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solut…
…
continue reading
1
New Autopilot Features, Intune Enrollment Attestation, MAM for W365/AVD
24:40
24:40
Spill senere
Spill senere
Lister
Lik
Likt
24:40
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss new features and updates in Intune, including autopilot for existing devices, Intune enrollment attestation, and mobile application management (MAM). They explain how autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot usin…
…
continue reading
1
Cloud Security - Defender CSPM Deep-Dive
33:09
33:09
Spill senere
Spill senere
Lister
Lik
Likt
33:09
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss Defender CSPM (Cloud Security Posture Management). They explain that CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. They highlight the key capabilities of CSPM, including automation, monitoring and managing IaaS, Sa…
…
continue reading
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss the aftermath of the CrowdStrike failed software update. They express empathy for those impacted by the incident and discuss the importance of collaboration in the cybersecurity industry. They also explore the need for transparency from security vendors and the potential im…
…
continue reading
Summary In this episode, Andy and Adam discuss a blog post titled 'Cybersecurity is Full' that challenges the hype around cybersecurity careers. They explore the saturation of the field, the value of certifications and conferences, the optional nature of cybersecurity in organizations, and the stress and challenges of the industry. They emphasize t…
…
continue reading
1
Cloud Security - Defender for Servers Deep-Dive
34:52
34:52
Spill senere
Spill senere
Lister
Lik
Likt
34:52
In this episode of the Blue Security Podcast, Andy and Adam discuss Defender for Servers, a cloud security solution offered by Microsoft. They explain that Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. They discuss the different plans available, includin…
…
continue reading
In this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by…
…
continue reading
1
Arlington BEC, Kaspersky Ban, Crown Equipment Cyberattack
37:34
37:34
Spill senere
Spill senere
Lister
Lik
Likt
37:34
In this episode, Andy and Adam discuss three cybersecurity news stories. They talk about a small town in Massachusetts that lost over $445,000 in an email scam, the Biden administration's ban on Kaspersky antivirus software, and a cyber attack on Crown Equipment, a forklift manufacturer. The main takeaways from the conversation are the importance o…
…
continue reading
1
Snowflake, Findlay Auto Ransomware, Olympics
32:03
32:03
Spill senere
Spill senere
Lister
Lik
Likt
32:03
In this episode of the Blue Security Podcast, Andy and Adam discuss three main topics: the unauthorized user access at Snowflake, the cybersecurity issue at Finley Automotive Group, and the cyber threats surrounding the upcoming Olympics in Paris. They highlight the importance of implementing strong security controls like multi-factor authenticatio…
…
continue reading
1
Microsoft Recall update, Windows Hello Enhanced Sign-in Security
42:07
42:07
Spill senere
Spill senere
Lister
Lik
Likt
42:07
In this episode, Andy and Adam discuss the updates and clarifications made by Microsoft regarding the security concerns surrounding the Recall feature on Copilot Plus PCs. They highlight the changes, such as the option to proactively enable Recall during the out-of-box experience, the requirement of Windows Hello enrollment and proof of presence fo…
…
continue reading
1
Ticketmaster breach, Slack AI, Microsoft Recall
29:21
29:21
Spill senere
Spill senere
Lister
Lik
Likt
29:21
The conversation covers three primary themes: Ticketmaster data breach, Slack's data scraping, and Windows Recall feature. The Ticketmaster breach is discussed in detail, highlighting the stolen data, phishing risks, and the importance of password management. The conversation then shifts to Slack's data scraping controversy, addressing concerns abo…
…
continue reading
In this episode of the Blue Security Podcast, Andy and Adam discuss the security and privacy announcements from Microsoft Build. They cover topics such as AI content safety, Copilot capabilities, security enhancements in Microsoft Edge, and new Windows security features. They also touch on the deprecation of NTLM and the introduction of Copilot Plu…
…
continue reading
1
Entra Private Access, Endpoint Privilege Management
19:42
19:42
Spill senere
Spill senere
Lister
Lik
Likt
19:42
In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft Entra Private Access and Endpoint Privilege Management. Entra Private Access is a modern secure edge solution that allows remote users to access on-premise applications in a micro-segmented manner. It enables granular app segmentation, MFA, and privileged access to domain…
…
continue reading
In this episode of the Blue Security Podcast, Andy and Adam discuss two important topics: Microsoft's pledge for greater transparency in identifying and determining root causes for security vulnerabilities, and the increasing sophistication of USB malware attacks in industrial organizations. They provide insights into Microsoft's Secure Future Init…
…
continue reading
The 17th annual Verizon Data Breach Investigation Report reveals key findings and trends in cybersecurity. The report highlights the increase in vulnerability exploitation for initial access, the continued prevalence of human error in breaches, the rise of pure extortion attacks, and the limited impact of generative AI in the cybersecurity landscap…
…
continue reading
In this episode, Andy and Adam discuss the growing threat of mobile device threats. They highlight the recent mass password reset and account lockout of Apple IDs and the potential for a mobile wormable event. They explore the conditions necessary for a mobile wormable attack, including the development of zero-click exploits, the abuse of contact l…
…
continue reading
In this episode, Andy and Adam discuss the importance of VDI (Virtual Desktop Infrastructure) in security and enterprise architecture. They highlight the security benefits of VDI, such as separating end user environments from the underlying physical hardware, centralized management of baseline images and patches, and the ability to keep sensitive d…
…
continue reading
1
Entra Follow-up, Helpdesk Security, Certifications
33:31
33:31
Spill senere
Spill senere
Lister
Lik
Likt
33:31
In this episode, Andy and Adam clarify some points from the previous episode and discuss two main topics: mitigating social engineering attacks on IT help desks and the value of certifications in cybersecurity. They provide practical tips for securing IT help desks, such as requiring callbacks, video verifications, and supervisor verification. They…
…
continue reading
In this episode of the Blue Security Podcast, Andy Jaw and Adam Brewer discuss two main topics: the importance of managed devices for improving security posture and the bundling of security solutions in Microsoft licensing. They highlight the shift towards requiring Intune and Azure AD joined devices for improved device management and security. The…
…
continue reading
This episode of the Blue Security Podcast discusses the issue of finding logs for chats between external and internal users in Microsoft Teams. The hosts explore various methods for detecting and alerting on suspicious chats, including using KQL queries, creating workbooks, and leveraging communication compliance features. They also highlight the c…
…
continue reading
1
Midnight Blizzard Update, CISO Technical Skills, BEC + Automatic Attack Disruption
30:53
30:53
Spill senere
Spill senere
Lister
Lik
Likt
30:53
This episode covers updates on the Midnight Blizzard attack, the role of CISOs and their technical expertise, the need for international standards in cyber warfare, and defending against business email compromise. Takeaways -Microsoft provides an update on the Midnight Blizzard attack, revealing attempts to gain unauthorized access to internal syst…
…
continue reading
This episode of the Blue Security Podcast covers the announcements made at Microsoft Secure, focusing on Microsoft Copilot for Security, Microsoft Security Exposure Management, and updates to Microsoft Purview and Intune. The episode also highlights the integration of Copilot with Intune and the economic study that demonstrates the increased effici…
…
continue reading
1
FBI Internet Crimes Report and BEC Protection
25:29
25:29
Spill senere
Spill senere
Lister
Lik
Likt
25:29
In this episode, the hosts discuss the FBI's 2023 internet crime report, focusing on the increase in money lost to internet crimes and the age group most vulnerable to cybercrime. They then delve into the topic of business email compromise (BEC), explaining how scammers use email to trick individuals and businesses into giving money or divulging co…
…
continue reading
1
Application Allow Listing, iMessage Post Quantum
32:28
32:28
Spill senere
Spill senere
Lister
Lik
Likt
32:28
Summary In this episode, Andy and Adam discuss the concept of application allow listing and the controversy surrounding the removal of Wireshark from company computers. They also delve into the announcement by Apple that iMessage is moving to post-quantum level 3 encryption, making it one of the most secure messaging apps available. The hosts highl…
…
continue reading
1
Edge Password Vault, SSO, Domain Admin Creds
34:43
34:43
Spill senere
Spill senere
Lister
Lik
Likt
34:43
Summary In this episode, the hosts discuss the Edge password vault and its pros and cons. They highlight the ability to sync passwords to an enterprise ID and the encryption of passwords on the disk. However, they also mention limitations such as the lack of MFA support and the inability to share passwords. The conversation then shifts to best prac…
…
continue reading
In this episode, Andy and Adam discuss a video demonstrating how to bypass BitLocker encryption and the mitigations that can be implemented to protect against such attacks. They emphasize the importance of information protection and how it can enhance data security. Additionally, they highlight the reorganization of the US Air Force Cyber Command, …
…
continue reading
1
Microsoft Sentinel Deep-Dive with Henrik Wojcik
48:28
48:28
Spill senere
Spill senere
Lister
Lik
Likt
48:28
Summary In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, schedul…
…
continue reading
1
Cloudflare Hacked, Intune Suite, Apple Stolen Device Protection
32:08
32:08
Spill senere
Spill senere
Lister
Lik
Likt
32:08
Summary In this episode, the hosts discuss the Cloudflare and Okta breach, the response and remediation efforts, the introduction of the Intune Suite, and the new stolen device protection feature on the iPhone. Takeaways Nation-state attackers have unlimited time to find weaknesses and exploit them, highlighting the asymmetrical nature of cybersecu…
…
continue reading
Summary In this episode, the hosts discuss the midnight blizzard attack on Microsoft and the lessons that can be learned from it. They cover topics such as learning from security incidents at other organizations, the details of the attack, OAuth attacks, and OAuth security recommendations. The hosts emphasize the importance of auditing privileges, …
…
continue reading
1
X accounts hacked, 23andMe revisited, CA for Entitlement Management
30:32
30:32
Spill senere
Spill senere
Lister
Lik
Likt
30:32
Summary This episode of the Blue Security Podcast discusses the recent Twitter account hacks and the importance of multifactor authentication (MFA) in protecting social media accounts. The hosts also explore the lessons learned from 23andMe's credential stuffing attack and emphasize the need for MFA in handling sensitive customer information. They …
…
continue reading
In this episode, Andy and Adam discuss the transition from hybrid join to cloud native Entra Join for device management. They explain the difference between device identity and device management and how they can be managed separately. They address concerns about GPOs and highlight the importance of reevaluating device management strategies. They al…
…
continue reading
1
Entra improvements, QR Code phishing, AppGuard deprecated
33:26
33:26
Spill senere
Spill senere
Lister
Lik
Likt
33:26
In this episode, Andy and Adam discuss updates to the Microsoft Authenticator app, including its phish-resistant capabilities and FIPS compliance. They also highlight the rise of QR code phishing and provide tips on protecting users from this type of attack. Additionally, they discuss the deprecation of Application Guard and the Evaluation Lab in t…
…
continue reading
In this episode, the hosts discuss Privileged Identity Management (PIM) and common misconceptions and mistakes related to its configuration. They cover topics such as configuring MFA in PIM, different MFA experiences, mitigations for MFA in PIM, authentication context in PIM, requiring approval to activate roles in PIM, considerations for role acti…
…
continue reading
Microsoft's Digital Defense Report for 2023 provides insights into the state of cybercrime, critical cybersecurity challenges, and the importance of IoT and OT security. The report highlights Microsoft's investment in security research and innovation, as well as the need for partnerships and collaboration in the cybersecurity community. Key takeawa…
…
continue reading
1
Audits and Data/AI Security with Special Guests Carley Salmon and Megan Maley
58:51
58:51
Spill senere
Spill senere
Lister
Lik
Likt
58:51
On this episode, Adam and Andy talk with Carley and Megan, about compliance, auditing, and data protection in the cybersecurity industry. They emphasize the importance of understanding compliance frameworks and preparing for audits with the help of partners or consultants. They also highlight the need for continuous monitoring and a shift away from…
…
continue reading
This episode of the Blue Security Podcast discusses the Cloud Native Application Protection Platform (CNAPP) and Microsoft's Defender for Cloud. The hosts provide an overview of CNAPP and its various components, including DevSecOps, security posture management, and cloud workload protection platform. They highlight the ease of deployment and the pa…
…
continue reading
1
MeridianLink extortion, Plastic Surgery office breached, AI voice clones
33:36
33:36
Spill senere
Spill senere
Lister
Lik
Likt
33:36
On this week's episode, Adam and Andy talk about a ransomware gang making an SEC complaint against their victim, a medical office breach, and AI voice clones. ------------------------------------------- Youtube Video Link: https://youtu.be/iGgp8SurXM8 ------------------------------------------- Documentation: https://www.bleepingcomputer.c…
…
continue reading