Overkill Security podcast artwork

PODCAST · technology

Overkill Security

Because Nothing Says 'Security' Like a Dozen Firewalls and a Biometric Scannerhttps://t.me/+li0tDAgOYDNkZTBhhttps://boosty.to/overkill_security

  1. 71

    From IDE to IDK. How JetBrains Became a Playground for Cyber Intruders

    This document provides aт analysis of the Exploiting JetBrains TeamCity CVE advisory, as detailed in the Defense.gov publication. The analysis delves into various critical aspects of cybersecurity, focusing on the exploitation of CVEs to gain initial access to networks, deployment of custom malware.This analysis serves as a valuable resource for cybersecurity professionals, software developers, and stakeholders in various industries, offering a detailed understanding of the tactics, techniques, and procedures (TTPs) employed by cyber actors. By providing a qualitative summary of the advisory, this document aims to enhance the cybersecurity posture of organizations, enabling them to better protect against similar threats and contribute to the collective defense against state-sponsored cyber espionage activities.Full content (all-in-one episodes)

  2. 70

    JetBrains. Edge Sword of Software Development II

    A non-obvious view of the benefits and drawbacks of using JetBrains related to cyber actors and NSA

  3. 69

    JetBrains. Edge Sword of Software Development

    A balanced view of the benefits and drawbacks of using JetBrains tools, highlighting the security risks alongside their functionality.

  4. 68

    JetBrains. The Unofficial Contributor to MITRE ATT&CK

    How JetBrains vulnerabilities enriched the MITRE ATT&CK framework, providing new tactics and techniques for attackers.

  5. 67

    JetBrains. A Hacker's Best Friend

    How JetBrains vulnerabilities became essential tools in the adversary's arsenal, much to CISA's dismay.

  6. 66

    JetBrains. The Lateral Movement Express

    An examination of how JetBrains vulnerabilities enabled swift lateral movement across networks, with CISA struggling to keep up.

  7. 65

    JetBrains. Digging Tunnels in Cybersecurity

    How JetBrains vulnerabilities facilitated tunneling into compromised environments, with CISA left to fill in the gaps.

  8. 64

    JetBrains. Network Exploration Made Easy

    A look at how JetBrains vulnerabilities simplified network reconnaissance for attackers, much to CISA's frustration.

  9. 63

    JetBrains. The Unofficial Data Courier

    How JetBrains vulnerabilities turned sensitive data into a traveler without a destination, with CISA left to pick up the pieces.

  10. 62

    The Art of Staying Put. JetBrains Edition

    An analysis of how attackers used JetBrains vulnerabilities to maintain persistence, with CISA's attempts to evict them proving challenging.

  11. 61

    JetBrains. Elevating Privileges Since 2024

    How JetBrains vulnerabilities offered hackers a free upgrade to admin status, much to the dismay of CISA.

  12. 60

    JetBrains. Masters of Disguise or Not

    An exploration of the tactics used by attackers to avoid detection, exploiting JetBrains' vulnerabilities while CISA played catch-up.

  13. 59

    SQL Servers. JetBrains' Unwanted Guests

    JetBrains vulnerabilities sparked an unexpected interest in SQL servers, turning them into the hottest party spots for cyber intruders.

  14. 58

    Data's Great Escape. A JetBrains Tale

    The story of how JetBrains vulnerabilities facilitated the grand exfiltration of sensitive files, with CISA desperately trying to catch the runaway data.

  15. 57

    JetBrains' Unintentional Tour Guide

    A deep dive into how JetBrains' flaws turned host reconnaissance into a guided tour for hackers, with CISA scrambling to close the exits.

  16. 56

    JetBrains' Open-Door Policy

    How JetBrains' vulnerabilities provided cybercriminals with a VIP pass to systems worldwide, much to CISA's chagrin.

  17. 55

    Lessons in Security. JetBrains Edition

    Key takeaways from the JetBrains saga: Always patch your software, and never underestimate the power of a well-timed CISA advisory.

  18. 54

    Welcome to the JetBrains Security Circus

    An introduction to the thrilling world of JetBrains vulnerabilities, where every bug is a new act, and CISA plays the role of the reluctant ringmaster.

  19. 53

    [Trailer] JetBrains. When Security Takes a Coffee Break

    A humorous look at how JetBrains' vulnerabilities became the cybersecurity equivalent of leaving your front door wide open. CISA's recommendations? Just a polite reminder to lock it.

  20. 52

    Cloud Infiltration. How Cyber Actors Adapt and Overcome

    This content provides an overview of how cyber actors adapt and overcome security measures to infiltrate cloud environments, emphasizing the need for continuous vigilance and adaptation in cybersecurity strategies.

  21. 51

    Benefits and Drawbacks of NSA’s Advisory. The Double-Edged Sword

    This part discusses the benefits and potential drawbacks of advisories issued by agencies like CISA and NSA, highlighting the importance of balancing security measures with operational needs.

  22. 50

    Mitigations to Strengthen Defense. The Cybersecurity Workout Plan

    This part outlines various mitigations and best practices recommended by CISA to strengthen cloud security, including the use of multi-factor authentication and continuous monitoring.

  23. 49

    Defense through Cybersecurity Fundamentals. The Basics Never Looked So Good

    This part emphasizes the importance of basic cybersecurity practices, such as regular audits, secure password management, and timely patching, in defending against cloud attacks.

  24. 48

    Sophistication of Cyber Actors. The James Bonds of the Digital Realm

    This part examines the sophistication and adaptability of cyber actors in their efforts to compromise cloud infrastructure.

  25. 47

    Use of Service and Dormant Accounts. Sleeping Giants

    This part explores the use of service and dormant accounts by cyber actors to gain access to cloud environments, highlighting the risks associated with these types of accounts.

  26. 46

    Expansion of Targeting. The More, the Merrier

    This part discusses how cyber actors are expanding their targeting to include a broader range of cloud services and accounts, including service and dormant accounts.

  27. 45

    Increased Importance of Initial Access. First Impressions Matter

    This part emphasizes the critical role of initial access in cloud security, highlighting how cyber actors focus on gaining this initial foothold to launch further attacks.

  28. 44

    Authentication as a Key Step. We Don't Need No Stinkin' Passwords

    This part explains how cyber actors use stolen access tokens and other authentication methods to bypass traditional password-based security measures in cloud environments.

  29. 43

    TTPs Details. The Cyber Magician's Handbook

    This part provides a detailed look at the tactics, techniques, and procedures (TTPs) used by cyber actors to gain initial access to cloud environments, including brute forcing, password spraying, and token authentication.

  30. 42

    Adaptation to Cloud Services. Chameleons of the Cyber World

    This part details how cyber actors are adapting their tactics to exploit cloud services, blending in with legitimate traffic to evade detection.

  31. 41

    Key Findings. The Art of Cloud Sneakery

    This part presents key findings from recent advisories on how cyber actors are adapting their tactics to target cloud infrastructure, focusing on the stealthy methods they employ.

  32. 40

    Cloud Tactics. Welcome to the Cloud Circus

    This part explores the evolving tactics and techniques used by cyber actors to gain initial access to cloud environments, emphasizing the dynamic nature of cloud security threats.

  33. 39

    [Trailer] Cloud Attacks. The Comedy of Cloud Errors

    This part discusses the various methods cyber actors use to attack cloud services, highlighting the vulnerabilities and mistakes that can lead to successful breaches.

  34. 38

    EdgeRouter on the Edge. When Default Settings Become Default Targets

    Discusses the risks associated with leaving default settings unchanged on Ubiquiti EdgeRouters, which can be easily exploited by attackers.

  35. 37

    MITRE ATT&CK. Ubiquiti's Unofficial User Guide

    Suggests that the tactics and techniques outlined in the MITRE ATT&CK framework are frequently applicable to Ubiquiti routers, indicating common vulnerabilities and attack vectors.

  36. 36

    MASEPIE Malware. Because One Malware Isn't Enough

    Highlights the presence of multiple malware threats targeting Ubiquiti routers, such as MASEPIE, underscoring the need for comprehensive security solutions.

  37. 35

    Proxy and Tunnel. Ubiquiti's Unofficial Features

    Points to the unintended use of Ubiquiti routers for proxying and tunneling, which can be exploited by attackers to mask their activities.

  38. 34

    CVE-2023-23397. The Exploit That Keeps on Exploiting

    Refers to a specific vulnerability (CVE-2023-23397) affecting Ubiquiti routers, which attackers can repeatedly exploit if not properly mitigated.

  39. 33

    Making Credential Theft Easier Since... Always

    Suggests that Ubiquiti routers may have weaknesses that make it easier for attackers to steal user credentials, highlighting the need for improved security measures.

  40. 32

    Moobot Trojan. When Your Router Becomes a Botnet's Best Friend

    Describes how Ubiquiti routers can be compromised by malware like the Moobot Trojan, which can turn them into part of a botnet, facilitating further malicious activities.

  41. 31

    Threat Actors Love Ubiquiti. A Match Made in Cyber Heaven

    Indicates that Ubiquiti routers are attractive targets for cybercriminals due to potential vulnerabilities. This makes them a common focus for exploitation attempts.

  42. 30

    Key Takeaways. Change Your Passwords, Seriously

    Emphasizes the importance of regularly updating passwords to protect against unauthorized access, a critical step in securing Ubiquiti routers against potential cyber attacks.

  43. 29

    Welcome to Ubiquiti. Where Security is Optional

    This part reflects concerns about the security features of Ubiquiti devices. It suggests that security measures may not be robust or prioritized, making these routers potentially vulnerable to cyber threats.

  44. 28

    [Trailer] Ubiquiti. The Router That Keeps on Giving... Headaches

    This part highlights the persistent issues users face with Ubiquiti routers, particularly in terms of setup and connectivity problems. Users often report difficulties in maintaining stable connections, leading to ongoing frustration and troubleshooting challenges.

  45. 27

    SOHO Router Roulette. Spin the Wheel and Hope for the Best

    This document provides an in-depth analysis of the threats posed by malicious cyber actors exploiting insecure Small Office/Home Office (SOHO) routers. The analysis covers various aspects, including Security Defects and Exploits, Impact on Critical Infrastructure, Secure by Design Principles, Vulnerability and Exposure Research.The document offers a qualitative summary of the current state of SOHO router security, highlighting the risks posed by insecure devices and the steps that can be taken to mitigate these risks. The analysis is beneficial for security professionals, manufacturers, and various industry sectors, providing a comprehensive understanding of the threats and guiding principles for enhancing the security of SOHO routers.Full content (all-in-one episodes)

  46. 26

    The Fallout. Consequences of Ignoring SOHO Router Security

    A grim look at the consequences of ignoring SOHO router security, from data breaches to financial ruin. It’s a happy ending for no one.

  47. 25

    Meet Your New Best Friends. Malicious Cyber Actors

    Key findings on how cybercriminals are exploiting these vulnerabilities to wreak havoc. Hint: They’re really good at it.

  48. 24

    Who’s Screwed. Affected Industries

    A rundown of the industries most impacted by insecure SOHO routers, from small businesses to critical infrastructure. Spoiler: It’s everyone.

  49. 23

    Blame the Firmware. The Root of All Evil

    An exploration of the fundamental flaws in SOHO router firmware that make them as secure as a screen door on a submarine.

  50. 22

    Why We’re All Doomed. An Intro to SOHO Router Security

    A sarcastic introduction to the world of SOHO router vulnerabilities, setting the stage for the disaster that’s about to unfold.

Type above to search every episode's transcript for a word or phrase. Matches are scoped to this podcast.

Searching…

We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.

No matches for "" in this podcast's transcripts.

Showing of matches

No topics indexed yet for this podcast.

Loading reviews...

ABOUT THIS SHOW

Because Nothing Says 'Security' Like a Dozen Firewalls and a Biometric Scannerhttps://t.me/+li0tDAgOYDNkZTBhhttps://boosty.to/overkill_security

HOSTED BY

Overkill Security

Frequently Asked Questions

How many episodes does Overkill Security have?

Overkill Security currently has 50 episodes available on PodParley. New episodes are automatically indexed when they're published to the podcast feed.

What is Overkill Security about?

Because Nothing Says 'Security' Like a Dozen Firewalls and a Biometric Scannerhttps://t.me/+li0tDAgOYDNkZTBhhttps://boosty.to/overkill_security

How often does Overkill Security release new episodes?

Overkill Security has 50 episodes. Check the episode list to see recent publication dates and frequency.

Where can I listen to Overkill Security?

You can listen to Overkill Security on PodParley by clicking any episode. We provide an embedded audio player for direct listening, and you can also subscribe via your preferred podcast app using the RSS feed.

Who hosts Overkill Security?

Overkill Security is created and hosted by Overkill Security.
URL copied to clipboard!