PODCAST · technology
Blue Security
by Andy Jaw & Adam Brewer
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
-
315
Lockdown Mode Success, Howler Cell, and Entra Conditional Access
SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional access policies.----------------------------------------------------YouTube Video Link: https://youtu.be/g68OMWYIc0k----------------------------------------------------Documentation: https://techcrunch.com/2026/03/27/apple-says-no-one-using-lockdown-mode-has-been-hacked-with-spyware/https://cyberpress.org/azure-ad-security-bypass-exploits-phantom-device-registration-and-prt-abuse/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
314
Lockdown Mode Success, Howler Cell, and Entra Conditional Access
SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional access policies.----------------------------------------------------YouTube Video Link: https://youtu.be/g68OMWYIc0k----------------------------------------------------Documentation: https://techcrunch.com/2026/03/27/apple-says-no-one-using-lockdown-mode-has-been-hacked-with-spyware/https://cyberpress.org/azure-ad-security-bypass-exploits-phantom-device-registration-and-prt-abuse/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
313
Copy Fail, Claude Security, and Microsoft's AI Defense Playboo
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy Fail, the introduction of Cloud Security in public beta, and Microsoft's comprehensive AI security strategy. They explore how AI is revolutionizing vulnerability scanning, the implications of the Copy Fail bug, and the proactive measures organizations can take to enhance their security posture. The conversation emphasizes the importance of timely patching and the evolving landscape of cybersecurity driven by AI advancements.----------------------------------------------------YouTube Video Link: https://youtu.be/5Hrt9QdI7bY----------------------------------------------------Documentation: https://www.theverge.com/tech/922243/linux-cve-2026-3141-copy-fail-exploithttps://copy.failhttps://claude.com/blog/claude-security-public-betahttps://www.microsoft.com/en-us/security/blog/2026/04/22/ai-powered-defense-for-an-ai-accelerated-threat-landscape/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
312
Copy Fail, Claude Security, and Microsoft's AI Defense Playbook
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy Fail, the introduction of Cloud Security in public beta, and Microsoft's comprehensive AI security strategy. They explore how AI is revolutionizing vulnerability scanning, the implications of the Copy Fail bug, and the proactive measures organizations can take to enhance their security posture. The conversation emphasizes the importance of timely patching and the evolving landscape of cybersecurity driven by AI advancements.----------------------------------------------------YouTube Video Link: https://youtu.be/5Hrt9QdI7bY----------------------------------------------------Documentation: https://www.theverge.com/tech/922243/linux-cve-2026-3141-copy-fail-exploithttps://copy.failhttps://claude.com/blog/claude-security-public-betahttps://www.microsoft.com/en-us/security/blog/2026/04/22/ai-powered-defense-for-an-ai-accelerated-threat-landscape/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
311
Apple-Signal Bug, NCSC recommends passkeys, Open Source debate
SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification system. They emphasize the importance of user settings and the need for regular updates. The conversation then shifts to the UK National Cyber Security Centre's endorsement of passkeys as a preferred login method for consumers, highlighting the shift away from traditional passwords. Finally, they address the challenges of open source software security, referencing Marcus Hutchins' insights on the lack of bug bounty programs and the potential risks associated with unmonitored code.----------------------------------------------------YouTube Video Link: https://youtu.be/yXuUc32MPL4----------------------------------------------------Documentation: https://arstechnica.com/tech-policy/2026/04/apple-stops-weirdly-storing-data-that-let-cops-spy-on-signal-chats/https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
310
Apple-Signal Bug, NCSC recommends passkeys, Open Source debate
SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification system. They emphasize the importance of user settings and the need for regular updates. The conversation then shifts to the UK National Cyber Security Centre's endorsement of passkeys as a preferred login method for consumers, highlighting the shift away from traditional passwords. Finally, they address the challenges of open source software security, referencing Marcus Hutchins' insights on the lack of bug bounty programs and the potential risks associated with unmonitored code.----------------------------------------------------YouTube Video Link: https://youtu.be/yXuUc32MPL4----------------------------------------------------Documentation: https://arstechnica.com/tech-policy/2026/04/apple-stops-weirdly-storing-data-that-let-cops-spy-on-signal-chats/https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
309
Ep 292 - NIST Taps Out, $21B Lost in cybercrime, and MDI Password Protection
SummaryIn this episode, Andy and Adam discuss significant changes in cybersecurity, focusing on NIST's new policy for handling CVEs, the alarming statistics from the FBI's 2025 Cybercrime Report, and the introduction of a new password protection feature in Defender for Identity. They explore the implications of these developments, including the increasing effectiveness of AI-driven scams and the challenges faced by organizations in managing vulnerabilities and protecting sensitive information.----------------------------------------------------YouTube Video Link: https://youtu.be/ZKQQkOF85z0----------------------------------------------------Documentation: https://www.bleepingcomputer.com/news/security/nist-to-stop-rating-non-priority-flaws-due-to-volume-increase/https://www.pcgamer.com/software/security/us-victims-lost-nearly-usd21-billion-to-cybercrime-last-year-says-fbi-with-crypto-and-ai-complaints-among-the-costliest/https://learn.microsoft.com/en-us/defender-for-identity/password-protection----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
308
NIST Taps Out, $21B Lost in cybercrime, and MDI Password Protection
SummaryIn this episode, Andy and Adam discuss significant changes in cybersecurity, focusing on NIST's new policy for handling CVEs, the alarming statistics from the FBI's 2025 Cybercrime Report, and the introduction of a new password protection feature in Defender for Identity. They explore the implications of these developments, including the increasing effectiveness of AI-driven scams and the challenges faced by organizations in managing vulnerabilities and protecting sensitive information.----------------------------------------------------YouTube Video Link: https://youtu.be/ZKQQkOF85z0----------------------------------------------------Documentation: https://www.bleepingcomputer.com/news/security/nist-to-stop-rating-non-priority-flaws-due-to-volume-increase/https://www.pcgamer.com/software/security/us-victims-lost-nearly-usd21-billion-to-cybercrime-last-year-says-fbi-with-crypto-and-ai-complaints-among-the-costliest/https://learn.microsoft.com/en-us/defender-for-identity/password-protection----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
307
Hack the Planet, Ban the Router: Your Weekly Dose of Cyber Chaos
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the recent FCC ban on foreign-made routers, citing national security concerns and the implications for consumer cybersecurity. They explore the potential negative effects of the ban, including the risk of forcing consumers to use older, less secure devices. The conversation then shifts to the introduction of Claude Mythos, an advanced AI model from Anthropic that has shown remarkable capabilities in identifying and exploiting software vulnerabilities. The hosts discuss the significance of Mythos in the cybersecurity landscape, its potential for both attackers and defenders, and the collaborative initiative, Project Glasswing, aimed at enhancing cybersecurity through partnerships with major tech companies.----------------------------------------------------YouTube Video Link: https://youtu.be/t-gdvMFRC-E----------------------------------------------------Documentation: https://www.theverge.com/news/899172/fcc-foreign-router-banhttps://www.anthropic.com/glasswinghttps://www.microsoft.com/en-us/msrc/blog/2026/04/strengthening-secure-software-global-scale-how-msrc-is-evolving-with-ai----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
306
Hack the Planet, Ban the Router: Your Weekly Dose of Cyber Chaos
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the recent FCC ban on foreign-made routers, citing national security concerns and the implications for consumer cybersecurity. They explore the potential negative effects of the ban, including the risk of forcing consumers to use older, less secure devices. The conversation then shifts to the introduction of Claude Mythos, an advanced AI model from Anthropic that has shown remarkable capabilities in identifying and exploiting software vulnerabilities. The hosts discuss the significance of Mythos in the cybersecurity landscape, its potential for both attackers and defenders, and the collaborative initiative, Project Glasswing, aimed at enhancing cybersecurity through partnerships with major tech companies.----------------------------------------------------YouTube Video Link: https://youtu.be/t-gdvMFRC-E----------------------------------------------------Documentation: https://www.theverge.com/news/899172/fcc-foreign-router-banhttps://www.anthropic.com/glasswinghttps://www.microsoft.com/en-us/msrc/blog/2026/04/strengthening-secure-software-global-scale-how-msrc-is-evolving-with-ai----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
305
Claude code leak and Axios NPM Supply Chain attack
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents, including a cloud code leak from Anthropic and a supply chain attack on the Axios NPM package. They explore the implications of these events for developers and organizations, emphasizing the need for caution when handling leaked code and the risks associated with supply chain vulnerabilities. The conversation also touches on the integration of AI tools in Microsoft 365, highlighting both the opportunities and security concerns that arise from granting AI access to organizational data.----------------------------------------------------YouTube Video Link: https://youtu.be/cAGMbypoylQ----------------------------------------------------Documentation: https://thehackernews.com/2026/04/claude-code-tleaked-via-npm-packaging.htmlhttps://www.microsoft.com/en-us/security/blog/2026/04/01/mitigating-the-axios-npm-supply-chain-compromise/https://x.com/claudeai/status/2040086268562842097----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
304
Claude code leak and Axios NPM Supply Chain attack
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents, including a cloud code leak from Anthropic and a supply chain attack on the Axios NPM package. They explore the implications of these events for developers and organizations, emphasizing the need for caution when handling leaked code and the risks associated with supply chain vulnerabilities. The conversation also touches on the integration of AI tools in Microsoft 365, highlighting both the opportunities and security concerns that arise from granting AI access to organizational data.----------------------------------------------------YouTube Video Link: https://youtu.be/cAGMbypoylQ----------------------------------------------------Documentation: https://thehackernews.com/2026/04/claude-code-tleaked-via-npm-packaging.htmlhttps://www.microsoft.com/en-us/security/blog/2026/04/01/mitigating-the-axios-npm-supply-chain-compromise/https://x.com/claudeai/status/2040086268562842097----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
303
Small Business Security from a MSP Perspective
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss various aspects of cybersecurity, particularly focusing on small business security challenges and the features available in Microsoft 365. They address a listener's email regarding the limitations of basic licensing for small businesses and explore the available alerts, security features, and compliance tools. The conversation also covers the importance of Defender Antivirus, managing multiple tenants with GDAP and Lighthouse, and the need for centralized alerting solutions. The episode concludes with a recognition of the challenges faced by those supporting small and medium businesses in cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/Yclj1kFxxdU----------------------------------------------------Documentation:----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
302
Small Business Security from a MSP Perspective
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss various aspects of cybersecurity, particularly focusing on small business security challenges and the features available in Microsoft 365. They address a listener's email regarding the limitations of basic licensing for small businesses and explore the available alerts, security features, and compliance tools. The conversation also covers the importance of Defender Antivirus, managing multiple tenants with GDAP and Lighthouse, and the need for centralized alerting solutions. The episode concludes with a recognition of the challenges faced by those supporting small and medium businesses in cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/Yclj1kFxxdU----------------------------------------------------Documentation:----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
301
Microsoft Frontier Suite (E7)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the newly announced E7 Frontier Suite from Microsoft, which consolidates various licensing options into a comprehensive package. They explore the features of Microsoft 365 Copilot, the importance of AI agents, and the components of the Entra Suite. The conversation also evaluates the pricing structure and target audience for the E7 bundle, emphasizing its value for organizations looking to adopt AI and enhance their security and productivity tools.----------------------------------------------------YouTube Video Link: https://youtu.be/BmAAd6jrwDs----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/partnernews/partner-blog--introducing-microsoft-365-e7-the-frontier-suite/4500520Entra Suite: https://open.spotify.com/episode/7gE5hvX8ksTxURbCq7fMPX?si=JCwbOuWPShqezylUsXFGUA----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
300
Microsoft Frontier Suite (E7)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the newly announced E7 Frontier Suite from Microsoft, which consolidates various licensing options into a comprehensive package. They explore the features of Microsoft 365 Copilot, the importance of AI agents, and the components of the Entra Suite. The conversation also evaluates the pricing structure and target audience for the E7 bundle, emphasizing its value for organizations looking to adopt AI and enhance their security and productivity tools.----------------------------------------------------YouTube Video Link: https://youtu.be/BmAAd6jrwDs----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/partnernews/partner-blog--introducing-microsoft-365-e7-the-frontier-suite/4500520Entra Suite: https://open.spotify.com/episode/7gE5hvX8ksTxURbCq7fMPX?si=JCwbOuWPShqezylUsXFGUA----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
299
Spies, Wipes, and AI Gripes
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant developments in AI ethics and cybersecurity. They delve into the legal battles between Anthropic and the US government, Microsoft's support for Anthropic, and the backlash against OpenAI's military contract. The conversation shifts to the misuse of a US cyber weapon, Karuna, and concludes with a case study on the cyber attack against Stryker, a major medical technology company, highlighting the implications of such attacks on critical infrastructure.----------------------------------------------------YouTube Video Link: https://youtu.be/1b0l8DIczlo----------------------------------------------------Documentation:https://www.npr.org/2026/03/09/nx-s1-5742548/anthropic-pentagon-lawsuit-amodai-hegsethhttps://www.inc.com/leila-sheridan/microsoft-just-backed-anthropics-fight-against-the-pentagon-and-issued-a-stark-warning-to-the-department-of-war/91315453https://techcrunch.com/2026/03/07/openai-robotics-lead-caitlin-kalinowski-quits-in-response-to-pentagon-deal/https://techcrunch.com/2026/03/07/openai-robotics-lead-caitlin-kalinowski-quits-in-response-to-pentagon-deal/https://www.wired.com/story/coruna-iphone-hacking-toolkit-us-government/https://www.bleepingcomputer.com/news/security/medtech-giant-stryker-offline-after-iran-linked-wiper-malware-attack/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
298
Spies, Wipes, and AI Gripes
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant developments in AI ethics and cybersecurity. They delve into the legal battles between Anthropic and the US government, Microsoft's support for Anthropic, and the backlash against OpenAI's military contract. The conversation shifts to the misuse of a US cyber weapon, Karuna, and concludes with a case study on the cyber attack against Stryker, a major medical technology company, highlighting the implications of such attacks on critical infrastructure.----------------------------------------------------YouTube Video Link: https://youtu.be/1b0l8DIczlo----------------------------------------------------Documentation:https://www.npr.org/2026/03/09/nx-s1-5742548/anthropic-pentagon-lawsuit-amodai-hegsethhttps://www.inc.com/leila-sheridan/microsoft-just-backed-anthropics-fight-against-the-pentagon-and-issued-a-stark-warning-to-the-department-of-war/91315453https://techcrunch.com/2026/03/07/openai-robotics-lead-caitlin-kalinowski-quits-in-response-to-pentagon-deal/https://techcrunch.com/2026/03/07/openai-robotics-lead-caitlin-kalinowski-quits-in-response-to-pentagon-deal/https://www.wired.com/story/coruna-iphone-hacking-toolkit-us-government/https://www.bleepingcomputer.com/news/security/medtech-giant-stryker-offline-after-iran-linked-wiper-malware-attack/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
297
Dial 'F' for Fraud: Uncovering IRSF
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into a significant surge in external ID charges experienced by a customer, leading to the discovery of an international revenue share fraud attack. They discuss the mechanics of this fraud, how it exploits telecommunication systems, and the importance of monitoring and mitigating such attacks. The conversation emphasizes the need for organizations to implement security measures, including web application firewalls and billing alerts, to prevent financial losses from similar attacks. The episode concludes with key takeaways and recommendations for enhancing security in external identity management.----------------------------------------------------YouTube Video Link: https://youtu.be/6jXBULGx5aA----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/architecture/deployment-external-operationshttps://learn.microsoft.com/en-us/entra/identity/authentication/concept-mfa-telephony-fraudhttps://learn.microsoft.com/en-us/entra/external-id/customers/how-to-region-code-opt-inhttps://learn.microsoft.com/en-us/entra/external-id/customers/concept-multifactor-authentication-customers#sms-pricing-tiers-by-countryregion----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
296
Dial 'F' for Fraud: Uncovering IRSF
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into a significant surge in external ID charges experienced by a customer, leading to the discovery of an international revenue share fraud attack. They discuss the mechanics of this fraud, how it exploits telecommunication systems, and the importance of monitoring and mitigating such attacks. The conversation emphasizes the need for organizations to implement security measures, including web application firewalls and billing alerts, to prevent financial losses from similar attacks. The episode concludes with key takeaways and recommendations for enhancing security in external identity management.----------------------------------------------------YouTube Video Link: https://youtu.be/6jXBULGx5aA----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/architecture/deployment-external-operationshttps://learn.microsoft.com/en-us/entra/identity/authentication/concept-mfa-telephony-fraudhttps://learn.microsoft.com/en-us/entra/external-id/customers/how-to-region-code-opt-inhttps://learn.microsoft.com/en-us/entra/external-id/customers/concept-multifactor-authentication-customers#sms-pricing-tiers-by-countryregion----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
295
Guardrails or Going Off the Rails: Anthropic vs US Government
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the recent tensions between the U.S. government and the private tech sector regarding artificial intelligence. They discuss the clash between Anthropic and the Department of Defense over AI safety guardrails, the implications of designating Anthropic as a supply chain risk, and the broader impact on the defense sector. The conversation also touches on the importance of AI guardrails, the dangers of autonomous AI systems, and the ethical considerations surrounding AI in mental health. The hosts conclude by exploring the competitive landscape of AI and the potential for multiple winners in the field.----------------------------------------------------YouTube Video Link: https://youtu.be/rnUsvQbQkQQ----------------------------------------------------Documentation:https://www.npr.org/2026/02/27/nx-s1-5729118/trump-anthropic-pentagon-openai-ai-weapons-banhttps://www.theverge.com/ai-artificial-intelligence/882005/amazon-blames-human-employees-for-an-ai-coding-agents-mistakehttps://www.newsweek.com/ai-chooses-nuclear-option-in-95-of-war-simulations-11589197https://www.fastcompany.com/91497841/meta-superintelligence-lab-ai-safety-alignment-director-lost-control-of-agent-deleted-her-emails----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
294
Guardrails or Going Off the Rails: Anthropic vs US Government
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the recent tensions between the U.S. government and the private tech sector regarding artificial intelligence. They discuss the clash between Anthropic and the Department of Defense over AI safety guardrails, the implications of designating Anthropic as a supply chain risk, and the broader impact on the defense sector. The conversation also touches on the importance of AI guardrails, the dangers of autonomous AI systems, and the ethical considerations surrounding AI in mental health. The hosts conclude by exploring the competitive landscape of AI and the potential for multiple winners in the field.----------------------------------------------------YouTube Video Link: https://youtu.be/rnUsvQbQkQQ----------------------------------------------------Documentation:https://www.npr.org/2026/02/27/nx-s1-5729118/trump-anthropic-pentagon-openai-ai-weapons-banhttps://www.theverge.com/ai-artificial-intelligence/882005/amazon-blames-human-employees-for-an-ai-coding-agents-mistakehttps://www.newsweek.com/ai-chooses-nuclear-option-in-95-of-war-simulations-11589197https://www.fastcompany.com/91497841/meta-superintelligence-lab-ai-safety-alignment-director-lost-control-of-agent-deleted-her-emails----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
293
ClawdBot, MoltBot, and OpenClaw
SummaryIn this episode, Adam and Andy explore the security challenges and risks associated with OpenClaw, an AI assistant with extensive system access, highlighting recent incidents, vulnerabilities, and best practices for security in AI development.----------------------------------------------------YouTube Video Link: https://youtu.be/TGAbhPQa9iw----------------------------------------------------Documentation:https://www.zdnet.com/article/openclaw-moltbot-clawdbot-5-reasons-viral-ai-agent-security-nightmare/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
292
ClawdBot, MoltBot, and OpenClaw
SummaryIn this episode, Adam and Andy explore the security challenges and risks associated with OpenClaw, an AI assistant with extensive system access, highlighting recent incidents, vulnerabilities, and best practices for security in AI development.----------------------------------------------------YouTube Video Link: https://youtu.be/TGAbhPQa9iw----------------------------------------------------Documentation:https://www.zdnet.com/article/openclaw-moltbot-clawdbot-5-reasons-viral-ai-agent-security-nightmare/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
291
Notepad++ supply chain compromise and 7-Zip malware
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents involving Notepad++ and 7-Zip, highlighting the vulnerabilities in open-source software and the importance of enterprise software management. They emphasize the need for ad blockers, the challenges of identifying legitimate software downloads, and the necessity of implementing robust security measures in organizations.----------------------------------------------------YouTube Video Link: https://youtu.be/t6ERCYqFHFU----------------------------------------------------Documentation:https://arstechnica.com/security/2026/02/notepad-updater-was-compromised-for-6-months-in-supply-chain-attack/https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
290
Notepad++ supply chain compromise and 7-Zip malware
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents involving Notepad++ and 7-Zip, highlighting the vulnerabilities in open-source software and the importance of enterprise software management. They emphasize the need for ad blockers, the challenges of identifying legitimate software downloads, and the necessity of implementing robust security measures in organizations.----------------------------------------------------YouTube Video Link: https://youtu.be/t6ERCYqFHFU----------------------------------------------------Documentation:https://arstechnica.com/security/2026/02/notepad-updater-was-compromised-for-6-months-in-supply-chain-attack/https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
289
Do we need phishing sims & Upcoming Intune changes
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the evolving landscape of cybersecurity training, particularly in light of generative AI and the limitations of traditional phishing simulations. They argue that expecting employees to outsmart sophisticated cybercriminals is unrealistic and emphasize the need for a robust security architecture that assumes clicks will happen. The conversation then shifts to recent updates regarding Microsoft Intune Suite, including pricing changes and new features, highlighting the importance of adapting to the changing cybersecurity environment.----------------------------------------------------YouTube Video Link: https://youtu.be/KzT_wOyC4-w----------------------------------------------------Documentation:https://www.linkedin.com/posts/james-haynes_im-going-to-say-something-that-might-get-activity-7417944035304079360-s1D_/https://techcommunity.microsoft.com/blog/microsoftintuneblog/microsoft-365-adds-advanced-microsoft-intune-solutions-at-scale/4474272----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
288
Do we need phishing sims & Upcoming Intune changes
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the evolving landscape of cybersecurity training, particularly in light of generative AI and the limitations of traditional phishing simulations. They argue that expecting employees to outsmart sophisticated cybercriminals is unrealistic and emphasize the need for a robust security architecture that assumes clicks will happen. The conversation then shifts to recent updates regarding Microsoft Intune Suite, including pricing changes and new features, highlighting the importance of adapting to the changing cybersecurity environment.----------------------------------------------------YouTube Video Link: https://youtu.be/KzT_wOyC4-w----------------------------------------------------Documentation:https://www.linkedin.com/posts/james-haynes_im-going-to-say-something-that-might-get-activity-7417944035304079360-s1D_/https://techcommunity.microsoft.com/blog/microsoftintuneblog/microsoft-365-adds-advanced-microsoft-intune-solutions-at-scale/4474272----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
287
Smartphone Privacy, Know Your Rights
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the intersection of cybersecurity, user rights, and the evolving landscape of threats. They explore the importance of understanding the rights individuals have when interacting with law enforcement. The conversation also touches on one's rights at the border. Throughout the episode, the hosts emphasize the need for actionable insights and practical advice for listeners.----------------------------------------------------YouTube Video Link: https://youtu.be/yXw20pT-8ks----------------------------------------------------Documentation:https://legalclarity.org/can-cops-force-you-to-unlock-your-phone-with-your-face/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
286
Smartphone Privacy, Know Your Rights
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the intersection of cybersecurity, user rights, and the evolving landscape of threats. They explore the importance of understanding the rights individuals have when interacting with law enforcement. The conversation also touches on one's rights at the border. Throughout the episode, the hosts emphasize the need for actionable insights and practical advice for listeners.----------------------------------------------------YouTube Video Link: https://youtu.be/yXw20pT-8ks----------------------------------------------------Documentation:https://legalclarity.org/can-cops-force-you-to-unlock-your-phone-with-your-face/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
285
BSP Maturity Model - Data Security with guest Amren Gill
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam, along with expert Amren Gill, delve into the critical topic of data security. They discuss the importance of data classification and identification, the challenges of data loss prevention, and the significance of lifecycle management in maintaining data integrity. The conversation emphasizes the need for a strong security culture within organizations, highlighting the role of training, shared responsibility, and continuous improvement in achieving effective data governance. The episode serves as a comprehensive guide for organizations looking to enhance their data security practices and benchmark their maturity in this essential area.----------------------------------------------------Documentation:https://github.com/ajawzero/bspdatasecurity----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
284
BSP Maturity Model - Data Security with guest Amren Gill
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam, along with expert Amren Gill, delve into the critical topic of data security. They discuss the importance of data classification and identification, the challenges of data loss prevention, and the significance of lifecycle management in maintaining data integrity. The conversation emphasizes the need for a strong security culture within organizations, highlighting the role of training, shared responsibility, and continuous improvement in achieving effective data governance. The episode serves as a comprehensive guide for organizations looking to enhance their data security practices and benchmark their maturity in this essential area.----------------------------------------------------YouTube Video Link: https://youtu.be/xhxH_zrOYbE----------------------------------------------------Documentation:https://github.com/ajawzero/bspdatasecurity----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
283
WEF Security Survey, AI Browsers, NTLMv1
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the latest AI security concerns facing leaders today. They discuss a World Economic Forum report highlighting the divergence in priorities between CEOs and CISOs, with CEOs focusing on cyber-enabled fraud and AI vulnerabilities, while CISOs are more concerned with ransomware and supply chain resilience. The episode also covers the growing risks of AI-related vulnerabilities, cyber-enabled fraud, and data leaks, as well as the importance of securing AI tools. Additionally, they explore the role of AI browsers and the need for organizations to adopt a unified browser strategy for enhanced security.----------------------------------------------------YouTube Video Link: https://youtu.be/SE-hT1GPjGQ----------------------------------------------------Documentation:https://thecyberexpress.com/ai-security-is-top-cyber-concern/https://www.gartner.com/en/documents/7211030https://lifehacker.com/tech/i-compared-the-biggest-ai-browsershttps://cloud.google.com/blog/topics/threat-intelligence/net-ntlmv1-deprecation-rainbow-tables----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
282
LinkedIn job scams and Zero-Click Gemini Vulnerability
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the challenges faced in the job market, particularly the rise of scams on platforms like LinkedIn. They emphasize the importance of verifying recruiters and job postings to avoid falling victim to scams. The conversation then shifts to the vulnerabilities associated with AI tools, particularly a recent incident involving Google Gemini Enterprise, highlighting the need for robust security measures in the face of evolving threats. The hosts stress the importance of responsible disclosure in cybersecurity and the ongoing need for vigilance against potential AI-related risks.----------------------------------------------------YouTube Video Link: https://youtu.be/HyPK6uTH0wc----------------------------------------------------Documentation:https://restofworld.org/2025/linkedin-job-scams/https://noma.security/blog/geminijack-google-gemini-zero-click-vulnerability/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
281
RC4 Deprecated, Are passkeys still an issue?
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates in Microsoft's security protocols, particularly regarding Kerbroasting and the transition from RC4 to AES encryption. They delve into the challenges surrounding the adoption of passkeys, emphasizing the need for user education and the importance of credential managers. The conversation highlights the friction users face when transitioning from traditional passwords to passkeys and the implications of vendor lock-in. The hosts conclude with thoughts on the future of digital security and the necessity for individuals to take control of their credential management.----------------------------------------------------YouTube Video Link: https://youtu.be/REBYRjYoEbM----------------------------------------------------Documentation:https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authenticationhttps://fy.blackhats.net.au/blog/2025-12-17-yep-passkeys-still-have-problems/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
280
Our 2026 Predictions
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss key cybersecurity predictions for 2026, focusing on the rise of agentic AI, quantum computing threats, deepfakes, the expanding attack surface due to IoT, the evolution of cybercrime into corporate structures, and the necessity for cybersecurity to be viewed as a strategic business pillar. They emphasize the importance of data security and the need for organizations to adapt to these emerging threats while fostering a culture of security awareness.----------------------------------------------------YouTube Video Link: https://youtu.be/CGCFayOx3z0----------------------------------------------------Documentation:https://www.forbes.com/sites/chuckbrooks/2025/11/10/cybersecurity-2026-6-forecasts-and-a-blueprint-for-the-year-ahead/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
279
Introducing the BSP Maturity Model for Identity
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the Security Maturity Model, focusing on identity security. They explore the current state of security practices, identifying areas where organizations may be behind the curve, on track, or ahead of the curve in their security measures. Key topics include the importance of multi-factor authentication (MFA), the transition to passwordless authentication, and the need for robust governance and privileged access management. The conversation emphasizes the necessity of evolving security practices to keep pace with emerging threats and technologies.----------------------------------------------------YouTube Video Link: https://youtu.be/oDIN9jD1TCM----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/architecture/secure-best-practices----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
278
Microsoft Bug Bounty, CISA hiring surge, US goes offensive in cyber ops, OWASP Top 10
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates in cybersecurity, including Microsoft's overhaul of its bug bounty program, CISA's hiring strategy amidst workforce challenges, the US's shift towards a more aggressive cyber strategy, and insights from the updated OWASP Top 10 vulnerabilities. The conversation emphasizes the importance of security research, the evolving landscape of cybersecurity threats, and the need for organizations to prioritize basic security practices.----------------------------------------------------YouTube Video Link: https://youtu.be/dgAjUunyiKE----------------------------------------------------Documentation:https://www.theregister.com/2025/12/12/microsoft_more_bug_payouts/https://www.cybersecuritydive.com/news/cisa-hiring-workforce-strategy/805733/https://www.darkreading.com/cyber-risk/us-makes-cyber-strategy-changeshttps://owasp.org/Top10/2025/0x00_2025-Introduction/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
277
Salt Typhoon - The Growing China Threat
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the growing cybersecurity threat posed by the Chinese state-sponsored group, Salt Typhoon. They discuss the group's tactics, motivations, and the implications for global security. The conversation highlights China's strategic focus on economic power as a means of national security, their long-term approach to cyber warfare, and the emerging role of AI in both coding and cybersecurity. The hosts emphasize the importance of understanding these dynamics to better defend against potential threats.----------------------------------------------------YouTube Video Link: https://youtu.be/QCwhcTjVZuY----------------------------------------------------Documentation:https://www.axios.com/2025/11/20/fcc-telecom-cybersecurity-rules-votehttps://www.thetimes.com/uk/defence/article/china-stolen-personal-data-britain-8lw0bpmmchttps://www.techradar.com/pro/security/notorious-chinese-hacking-group-salt-typhoon-found-lurking-in-european-comms-networkshttps://www.crowdstrike.com/en-us/blog/crowdstrike-researchers-identify-hidden-vulnerabilities-ai-coded-software/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
276
Chat app vulnerabilities, Use AI or else
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss vulnerabilities in popular chat applications, particularly focusing on Line and WhatsApp. They explore the implications of these vulnerabilities for user privacy and security, emphasizing the importance of API security and rate limiting. The conversation then shifts to the integration of AI in the workplace, highlighting how companies are adapting to this technology and the challenges employees face in learning to use it effectively. Finally, they touch on the impact of AI on education and the need for responsible use of technology.----------------------------------------------------YouTube Video Link: https://youtu.be/zK3JKEcisfY----------------------------------------------------Documentation:https://www.darkreading.com/application-security/line-messaging-bugs-asian-cyber-espionagehttps://www.bleepingcomputer.com/news/security/whatsapp-api-flaw-let-researchers-scrape-35-billion-accounts/https://www.wsj.com/tech/ai/ai-work-use-performance-reviews-1e8975df?mod=e2li----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
275
2025 Microsoft Ignite Recap for Security
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the major announcements from Microsoft Ignite, focusing on the introduction of Security Copilot for Microsoft 365 E5 customers, innovations in identity management through Entra, and the integration of Defender for Cloud with GitHub. They also explore the new capabilities in Intune for remote management of Windows devices, highlighting the significant advancements in cybersecurity technology and its implications for organizations. In this episode, the hosts discuss significant advancements in device management, particularly focusing on Intune's future and its capabilities. They explore enhancements in Microsoft Sentinel, the introduction of the Security Store for security solutions, and the integration of AI in data security through Purview. Additionally, they highlight various security enhancements in Windows, emphasizing the importance of adapting to modern cybersecurity challenges.----------------------------------------------------YouTube Video Link: https://youtu.be/GdHZWGm7e0o----------------------------------------------------Documentation:https://news.microsoft.com/ignite-2025-book-of-news/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
274
Unencrypted Satellite Data, China AI Cyberattack
SummaryIn this episode of the Blue Security Podcast, hosts Adam Brewer and Andy discuss critical issues surrounding satellite security, particularly the vulnerabilities of unencrypted communications. They explore a recent study revealing how researchers intercepted sensitive data from various satellite communications, highlighting the need for encryption. The conversation shifts to the implications of AI in cybersecurity, detailing a sophisticated cyber attack executed with minimal human intervention. The hosts emphasize the importance of adapting cybersecurity strategies to counteract evolving threats, particularly those leveraging AI technologies.----------------------------------------------------YouTube Video Link: https://youtu.be/URiBKZLlO2g----------------------------------------------------Documentation:https://www.wired.com/story/satellites-are-leaking-the-worlds-secrets-calls-texts-military-and-corporate-data/https://www.anthropic.com/news/disrupting-AI-espionage----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
273
How Face ID Works, Least Private Browser, Ring and Flock
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricate relationship between privacy and security, particularly focusing on biometric data and the transition to passwordless technology. They discuss the security implications of various biometric methods, the privacy risks associated with popular web browsers like Chrome, and explore alternatives that prioritize user privacy. The conversation also highlights the controversial practices of Flock Safety in surveillance and the potential consequences of such technologies.----------------------------------------------------YouTube Video Link: https://youtu.be/7HDxGTCRPnM----------------------------------------------------Documentation:https://www.stuff.tv/features/apple-face-id-explained/https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/faqhttps://www.rd.com/article/worst-browser-for-privacy/https://arstechnica.com/gadgets/2025/10/ring-cameras-are-about-to-get-increasingly-chummy-with-law-enforcement/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
272
Microsoft Digital Defense Report 2025
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft's Digital Defense Report for 2025. The conversation delves into the critical issues surrounding identity attacks, particularly focusing on the vulnerabilities associated with weak passwords. Andy highlights the prevalence of password spraying in identity attacks and discusses the ClickFix social engineering method, which tricks users into executing malicious commands. The discussion further explores the implications of fileless malware, emphasizing its stealthy nature and the challenges it poses to traditional security measures.----------------------------------------------------YouTube Video Link: https://youtu.be/C4GL-Vmo_8w----------------------------------------------------Documentation:https://www.microsoft.com/en-us/corporate-responsibility/cybersecurity/microsoft-digital-defense-report-2025/Full Report: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/msc/documents/presentations/CSR/Microsoft-Digital-Defense-Report-2025.pdf#page=1Government Executive Summary: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/msc/documents/presentations/CSR/MDDR-2025-Government-Executive-Summary.pdf#page=1CISO Executive Summary: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/bade/documents/products-and-services/en-us/security/CISO-Executive-Summary-MDDR-2025.pdf----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
271
F5 Breached, Windows 10 EOL, AWS Outage
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant recent cybersecurity events, including the F5 breach attributed to state-backed actors, the implications of Windows 10 reaching end of life, and the risks associated with outdated mobile operating systems. They also explore the geopolitical context of cybersecurity threats from China and the lessons learned from a recent AWS outage, emphasizing the importance of preparedness and proactive security measures for organizations.----------------------------------------------------YouTube Video Link: https://youtu.be/zn6cgCe5W8I----------------------------------------------------Documentation:https://arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaignhttps://www.forbes.com/sites/zakdoffman/2025/10/25/unprotected-1-billion-iphone-and-android-users-must-act-now/https://www.wired.com/story/what-that-huge-aws-outage-reveals-about-the-internet/https://youtu.be/43vxbytjDSM?si=bzmgru3AHrhd7lP2https://youtu.be/vFu63JNtIZ4?si=DAi64IzjkwD5bSTW----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
270
What's new in Microsoft Sentinel
SummaryIn this episode, Andy Jaw and Adam Brewer discuss the latest updates in Microsoft Sentinel, focusing on the new features such as the Sentinel Data Lake, Sentinel Graph, and the MCP server. They explore how these innovations enhance security operations, improve data management, and leverage AI for better threat detection and response. The conversation emphasizes the importance of cost-effective data storage and the integration of AI in cybersecurity practices.----------------------------------------------------YouTube Video Link: https://youtu.be/dspGvRHMiPc----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/azure/sentinel/whats-new----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
269
WhatsApp banned; Discord, TransUnion, Jaguar-Land Rover hacked
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss various topics related to cybersecurity, including the security implications of WhatsApp, the challenges of age verification laws, the recent TransUnion data breach, and the significant cyber attack on Jaguar Land Rover. They emphasize the importance of strong cybersecurity measures, the risks associated with third-party data management, and the need for businesses to invest in cybersecurity to protect against potential breaches and their cascading effects on supply chains.----------------------------------------------------YouTube Video Link: https://youtu.be/Z-StvCprzjE----------------------------------------------------Documentation:https://www.fastcompany.com/91357825/whatsapp-banned-capitol-hill-how-secure-meta-messaging-encryptedhttps://arstechnica.com/security/2025/10/discord-says-hackers-stole-government-ids-of-70000-users/https://www.msn.com/en-us/money/other/transunion-hack-has-put-44-million-americans-personal-data-at-risk-including-social-security-how-to-protect-yourself-before-it-s-too-late/ar-AA1OhP12https://www.msn.com/en-us/news/world/fears-putin-backed-hackers-are-behind-cyber-attack-on-jaguar-land-rover/ar-AA1OiZnzhttps://cybersecuritynews.com/jaguar-land-rover-breached-by-hellcat/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
268
iPhone MIE, Microsoft - Israel MOD, npm supply chain attacks
SummaryIn this episode, hosts Andy Jaw and Adam Brewer discuss the newly announced iPhone 17 and its enhanced security features, particularly the memory integrity enforcement that aims to protect user data from spyware. They also delve into Microsoft's response to allegations regarding the use of Azure by the Israeli Defense Force for surveillance purposes, emphasizing the company's commitment to privacy. The conversation concludes with a discussion on recent supply chain attacks affecting NPM packages and the proactive measures being taken to enhance security in the software development ecosystem.----------------------------------------------------YouTube Video Link: https://youtu.be/YLTiud1ibhU----------------------------------------------------Documentation:https://www.theverge.com/news/775234/iphone-17-air-a19-memory-integrity-enforcement-mte-securityhttps://security.apple.com/blog/memory-integrity-enforcement/https://blogs.microsoft.com/on-the-issues/2025/09/25/update-on-ongoing-microsoft-review/https://www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/https://github.blog/security/supply-chain-security/our-plan-for-a-more-secure-npm-supply-chain/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
267
Kerberoasting in 2025
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------YouTube Video Link: ----------------------------------------------------Documentation:https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
-
266
Advanced Data Protection with Special Guest Amren Gill
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam celebrate their five-year anniversary with guest Amren Gill, a data security solutions engineer at Microsoft. They delve into the complexities of data protection, focusing on Microsoft Purview's capabilities, including data classification, data loss prevention (DLP), and advanced data protection features. The conversation highlights the importance of securing data by default, leveraging AI for enhanced security measures, and the role of data security posture management (DSPM) in identifying and addressing security gaps. Amren also discusses the new Data Security Investigations tool, which aids in responding to data breaches effectively.----------------------------------------------------YouTube Video Link: https://youtu.be/MZBEW265WwU----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/purview/deploymentmodels/depmod-securebydefault-introhttps://learn.microsoft.com/en-us/purview/purview----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.
No matches for "" in this podcast's transcripts.
No topics indexed yet for this podcast.
Loading reviews...
ABOUT THIS SHOW
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
HOSTED BY
Andy Jaw & Adam Brewer
CATEGORIES
Loading similar podcasts...
Frequently Asked Questions
How many episodes does Blue Security have?
Blue Security currently has 50 episodes available on PodParley. New episodes are automatically indexed when they're published to the podcast feed.
What is Blue Security about?
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
How often does Blue Security release new episodes?
Blue Security has 50 episodes. Check the episode list to see recent publication dates and frequency.
Where can I listen to Blue Security?
You can listen to Blue Security on PodParley by clicking any episode. We provide an embedded audio player for direct listening, and you can also subscribe via your preferred podcast app using the RSS feed.
Who hosts Blue Security?
Blue Security is created and hosted by Andy Jaw & Adam Brewer.
URL copied to clipboard!