Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into pe...
(Replay) Email Spoofing: From Basics to Advanced Techniques and Solutions
Welcome to this replay on The Cyber Threat Perspective! In this episode, Brad and Spencer dive into the mechanics and recent developments of email spoofing, shedding light on how attackers are bypassing advanced email protections.In this episode, we cover:The fundamentals of email spoofing and why it's a significant threat.Insight into the recent echo spoofing campaign exploiting Proofpoint's misconfiguration.The role of SPF, DKIM, and DMARC in combating email spoofing.How threat actors are using Microsoft 365 to bypass email protections.Mitigation strategies and the latest updates from Proofpoint and Microsoft to address these vulnerabilities.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
--------
27:10
(Replay) Windows and Active Directory Hardening
In this episode of The Cyber Threat Perspective, Nathan and Spencer discuss crucial strategies for Windows and Active Directory hardening, emphasizing the importance of community collaboration and the value of using CIS benchmarks for security compliance.In this episode, we cover:Implementing multi-factor authentication for domain adminsThe benefits and importance of using CIS benchmarks for Windows 10 and 11Advantages of having a consistent standard in an active directory environmentAssurance and verification tools available in the benchmarksSimulated environment testing and active community participation for benchmark improvementBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
--------
47:58
Episode 118: 2025 - A CISO's Perspective with Mike Whitt
In this episode, we’re discussing what a seasoned CISO is focused on going into 2025. Mike Whitt is a Cheif Information Security Officer in the financial sector with over 20 years of experience building teams, security programs, and leading organizations to a more secure posture. https://www.linkedin.com/in/mike-whitt-a4b4802/Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
--------
46:26
Episode 117: Why Do Pentests Cost So Much?
In this episode, we’re peeling back the layers of the question so many organizations ask: Why do penetration tests cost so much? But here’s the real twist—are they actually expensive, or are we measuring their value the wrong way?By the end of this episode, you’ll understand not just the cost of a penetration test, but its value as an investment in protecting your business. We’ll dive into real-world examples, break down the factors that drive pentest pricing, and explore how it compares to the costs of incidents like data breaches, ransomware, and PR disasters. Let’s get started.https://www.morganlewis.com/blogs/sourcingatmorganlewis/2024/03/study-finds-average-cost-of-data-breaches-continued-to-rise-in-2023Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this episode, we’re diving into one of the most enduring cybersecurity challenges—weak passwords. We’ll explore how poor password practices and identity management pitfalls leave organizations vulnerable to compromise. From understanding the most common mistakes to implementing effective defenses, we’re breaking down what it takes to fortify your systems against attackers exploiting the weakest link. Sourceshttps://www.verizon.com/about/news/2023-data-breach-investigations-report?utm_source=chatgpt.comhttps://blog.1password.com/challenges-of-shadow-it/https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024?msockid=2e875ee0e1fe64d22f854aa6e0746523Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting [email protected]