All Episodes
Displaying 31 - 60 of 221 in total
Insider Threats, Organized Crime, and Shadow IT (Domain 2)
Some of the most damaging cybersecurity incidents originate not from unknown hackers, but from within—through employees, vendors, or unmanaged systems operating outsid...
Attributes and Capabilities of Threat Actors (Domain 2)
To effectively model risk and defend systems, cybersecurity professionals must understand not just who the attackers are, but what they are capable of. In this episode...
Motivations Behind Cyber Attacks (Part 1) (Domain 2)
Behind every cyberattack is a motive, and understanding why attackers do what they do is essential for predicting and preventing their behavior. This episode explores ...
Motivations Behind Cyber Attacks (Part 2) (Domain 2)
Cyber threats aren’t always driven by stealth or sophistication—sometimes they are fueled by money, ideology, or ethics. In this episode, we continue our exploration o...
Motivations Behind Cyber Attacks (Part 3) (Domain 2)
Not all cyberattacks are launched for money or politics—some are driven by emotion, chaos, or war. In this episode, we examine three additional motivations: revenge, d...
Introduction to Threat Vectors and Attack Surfaces (Domain 2)
Cybersecurity is not just about knowing your enemy—it’s about understanding the paths they take to reach you. This episode introduces threat vectors and attack surface...
Message-Based and Communication Threat Vectors (Domain 2)
Attackers frequently exploit messaging channels—email, SMS, and instant messaging—to deliver payloads, harvest credentials, or manipulate users into making harmful dec...
Image, File, and Voice-Based Threats (Domain 2)
While emails and text messages are well-known vectors, attackers also exploit images, file attachments, and voice communication to bypass traditional security controls...
Vulnerable Systems, Software, and Devices (Domain 2)
Many attacks succeed not because of advanced hacking techniques, but because of outdated, misconfigured, or unsupported systems that haven’t been properly maintained. ...
Network-Based Attack Surfaces (Domain 2)
Your network is the digital highway that connects everything in your organization—and if not properly secured, it becomes the perfect path for attackers. In this episo...
Open Ports, Default Credentials, and Supply Chain Risks (Domain 2)
Even the best-configured systems can fall victim to the most basic security oversights—like open ports and unchanged default passwords. In this episode, we focus on ho...
Human Vectors and Social Engineering (Part 1) (Domain 2)
People are often the weakest link in cybersecurity, and attackers exploit this through carefully crafted manipulation tactics known as social engineering. In this epis...
Human Vectors and Social Engineering (Part 2) (Domain 2)
While basic social engineering relies on message-based deception, more advanced techniques target identity, credibility, and digital presence through impersonation, pr...
Application-Level Vulnerabilities (Domain 2)
Applications serve as the user-facing layer of most digital environments, and they are frequently targeted by attackers exploiting poor coding practices and flawed des...
Operating System and Web-Based Vulnerabilities (Domain 2)
Operating systems and web applications form the backbone of IT infrastructure, and when left unpatched or misconfigured, they present rich targets for exploitation. In...
Hardware and Firmware Vulnerabilities (Domain 2)
Cybersecurity doesn’t stop at software—hardware and firmware vulnerabilities can offer attackers deep, long-term access to systems in ways that are difficult to detect...
Virtualization and Cloud-Specific Vulnerabilities (Domain 2)
Virtualization and cloud computing introduce powerful efficiencies—but they also open up new categories of vulnerabilities that traditional security models often fail ...
Supply Chain and Cryptographic Vulnerabilities (Domain 2)
Modern cybersecurity is deeply interconnected, and vulnerabilities in your vendors, partners, or third-party software can easily become vulnerabilities in your own env...
Misconfiguration and Mobile Device Vulnerabilities (Domain 2)
Misconfiguration is one of the most common and preventable causes of security breaches, and mobile devices amplify this risk due to their ubiquity and inconsistent man...
Understanding Zero-Day Vulnerabilities (Domain 2)
Zero-day vulnerabilities are software flaws that are unknown to the vendor and, critically, to defenders—giving attackers a window of opportunity to exploit systems wi...
Indicators of Malware Attacks (Domain 2)
Malware comes in many forms—ransomware, spyware, trojans, worms—and each leaves behind unique indicators that can help defenders detect infections early and respond ef...
Physical Security Attacks and Indicators (Domain 2)
While cybersecurity often focuses on virtual threats, physical attacks on facilities, hardware, and access points remain a serious and sometimes overlooked risk. In th...
Network-Based Indicators (Part 1) (Domain 2)
The network is often where the first signs of an attack emerge—if you know what to look for. In this episode, we examine key indicators of network-based threats, start...
Network-Based Indicators (Part 2) (Domain 2)
Continuing our focus on network-based threats, this episode explores wireless-specific attacks and credential replay tactics that compromise network integrity and user...
Application-Level Attack Indicators (Domain 2)
Applications are often targeted because they represent the gateway to sensitive data and services, and attackers leave behind subtle but detectable signs when they exp...
Cryptographic Attack Indicators (Domain 2)
Even strong encryption systems can be undermined by poor implementation, weak configurations, or direct cryptographic attacks—and recognizing the signs is vital. In th...
Password Attack Indicators (Domain 2)
Password attacks are among the most common initial access vectors, and recognizing their early indicators is key to stopping intrusions before they escalate. In this e...
General Indicators of Malicious Activity (Domain 2)
Not every security breach begins with a smoking gun—many start with subtle shifts in system behavior that point to something being off. This episode explores general i...
Segmentation and Access Control (Domain 2)
Network segmentation and access control are two of the most powerful tools for limiting the scope and impact of an attack, especially once a threat actor gains initial...
Application Allow Lists and Isolation (Domain 2)
Controlling what software is allowed to run—and isolating it when needed—is a fundamental principle of endpoint security. In this episode, we examine application allow...
