Defensive Security Podcast Episode 334 скачать в хорошем качестве

Defensive Security Podcast Episode 334

Jump straight to the discussion: 03:33 Vast majority of parked domains now serving malware https://krebsonsecurity.com/2025/12/m... 16:08 Device code phishing continues https://thehackernews.com/2025/12/rus... 25:30 Latency analysis identifies North Korean worker at Amazon https://cybersecuritynews.com/amazon-... 36:59 AI generated vulnerability proofs of concept leading to false negative tests https://www.darkreading.com/applicati... 47:36 Cisco secure email vulnerability remains unpatched https://www.helpnetsecurity.com/2025/... Introduction: In the latest episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat dive into a series of intriguing cybersecurity topics, from the evolving threat of parked domains serving malware to the complexities of AI-generated proof of concepts. Join us as we explore these pressing issues and their implications for the security landscape. Parked Domains and Malware: The episode kicks off with a discussion on the alarming rise of parked domains serving malicious content. Jerry explains how these domains, once used for advertising, are now increasingly being exploited to deliver malware. The hosts delve into the challenges of blocking these threats, emphasizing the need for layered security measures and proactive detection strategies. Device Code Phishing: Next, the conversation shifts to device code phishing, a sophisticated attack method targeting identity services like Microsoft's Entra ID. Andrew highlights the ease with which these attacks can be executed, thanks to the commoditization of attack tools. The hosts stress the importance of migrating to phishing-resistant authentication methods to combat this growing threat. AI-Generated Proof of Concepts: The episode also explores the pitfalls of relying on AI-generated proof of concepts for vulnerability testing. Jerry and Andrew caution against the false negatives these tools can produce, urging security teams to exercise due diligence and verify the accuracy of AI-generated exploits. Conclusion: As the episode wraps up, Jerry and Andrew reflect on the broader implications of these cybersecurity challenges. They emphasize the importance of staying informed and adapting to the ever-evolving threat landscape. Tune in to the full episode for a deeper dive into these topics and more. Subscribe Now: Stay ahead of the curve in cybersecurity by subscribing to the Defensive Security Podcast. Join us for insightful discussions and expert analysis on the latest security trends and threats.