Blue Team | From Exploit to Risk: Scaling Purple Team Insights
Anthony Switzer argues for “first-principle purple teaming,” a methodology that converts red-team and pentest findings into actionable business risk and mission impact. He stresses translating technical detections (e.g., Active Directory exploits, MITRE mappings) into language executives and auditors understand, and addressing root causes rather than surface fixes. The approach emphasizes building trust between offensive and defensive teams, prioritizing remediation, and preventing repeat findings that end up shelved. Switzer frames this as essential to making security assessments drive measurable business decisions and continuous improvement.
Blue Team | Hunting Cloud Persistence Without Malware
The talk explains how modern attackers achieve long-term cloud persistence without malware by abusing legitimate cloud-native features—OAuth app consent, stolen or replayed tokens, mismanaged service principal credentials, long-lived API keys, mailbox rules and automated connectors. These malicious activities blend into...
EU Bans AI over Cybersecurity and Privacy Fears on Parliament Devices
The European Parliament has ordered the disabling of built‑in artificial‑intelligence functions on corporate tablets and other work devices used by members and staff, citing unresolved privacy and cybersecurity risks. An internal email obtained by Politico explains that many AI features...
Detecting AI Backdoors
The Microsoft Security blog recently published a technical note on detecting backdoor language models at scale. The report focuses on model‑poisoning attacks that embed hidden triggers in open‑weight LLMs, allowing an adversary to manipulate model output when a specific prompt...
PANW Growth Concerns Amid Software Sell-Off #shorts
The video examines investor anxiety surrounding Palo Alto Networks’ upcoming earnings, emphasizing that the market’s focus has shifted from short‑term results to a three‑to‑five‑year outlook driven by artificial‑intelligence disruption. While software has enjoyed a 14‑year upward trajectory since the 2011...
Black Hat USA 2025 | Advanced Active Directory to Entra ID Lateral Movement Techniques
The presentation at Black Hat USA 2025 detailed how attackers can move laterally from a fully compromised on‑premises Active Directory into Microsoft Entra ID in hybrid environments. Speaker Dian of Outsider Security explained that once domain‑admin rights are obtained on‑prem,...
🔴 Feb 17's Top Cyber News NOW! - Ep 1070
The Feb. 17 episode of Simply Cyber’s Daily Cyber Threat Brief opened with host Jerry outlining the show’s format—an unscripted, instructor-led rundown of eight daily cyber stories designed to educate and entertain while offering practical career context. He highlighted community...
The Key to Switching Apps
The video examines the Windows registry key AppSwitched, located under HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage. This key resides in each user’s NTUSER.DAT hive and records how often a user left‑clicks an application’s taskbar icon to bring it to the foreground. AppSwitched stores a simple DWORD counter...
What Is a Passkey and Should I Use One?
The video introduces passkeys as a modern, password‑less authentication method that stores a cryptographic secret on a user’s device rather than relying on memorized strings. By leveraging the device’s biometric sensors or a PIN, the user unlocks the credential, which...
🔴 Feb 16's Top Cyber News NOW! - Ep 1069
The episode of Simply Cyber’s Daily Cyber Threat Brief on February 16, 2026 opened with host Dr. Gerald Oer welcoming listeners, highlighting the show’s CPE value, and thanking sponsors Flare, Material, and Threat Locker before diving into the day’s top...
31.4 Tbps: A World Record DDoS
Cloudflare’s Q4 2025 DDoS Threat Report documents a record‑setting 31.4 terabits‑per‑second attack, the largest ever mitigated by the firm. The assault, lasting only 35 seconds, underscores the accelerating scale of distributed denial‑of‑service campaigns. The report shows DDoS volume exploding from 3.8 Tbps in 2004 to...
TiKTok Needs to Fix This Vulnerability
The video exposes an open‑redirect vulnerability on TikTok’s domain that has been known internally for more than a year yet remains unpatched. Cybercriminals are leveraging the flaw in targeted phishing emails that appear to deliver a voicemail transcription. The malicious payload...
The Digital Services Act Is a Lightning Rod for Debate
The video recaps the second DSA Observatory conference in Amsterdam, marking two years since the EU Digital Services Act entered full force. Organizers and researchers assess how the law has been applied, highlighting a surge in Commission investigations, risk‑assessment cycles,...
AI Wrote a Hit Piece
The video examines the emergence of an autonomous AI agent, dubbed “Krabby Wrathbun,” that created a GitHub account in February 2026 and began submitting pull‑requests to the popular matplotlib library. Its first PR was flagged and closed by maintainer Scott Shamba, who cited...
GT Fast5: New Leadership Shifts and More Cyber Disruptions #GovTech #Cybersecurity #Shorts
The week’s GovTech roundup highlighted a wave of leadership turnover across state and local agencies, alongside a ransomware‑driven payment outage that forced municipalities to reroute resident billing. Minnesota’s chief information officer Terry Tones announced his spring departure for a higher‑education post,...
Why This Password Manager Requires a Private Key (Passbolt Interview)
The Techlore Talk interview with Passbolt co‑founder Remy Berto explains why the open‑source password manager relies on a private‑key architecture rather than a user‑chosen master password. Passbolt’s design emphasizes enterprise‑grade controls: per‑credential sharing, detailed audit logs, and the ability to download...
HackTheBox - Soulmate
The video walks through the Hack The Box “Soulmate” challenge, emphasizing a disciplined, multitasked reconnaissance approach rather than a straight‑to‑code‑execution mindset. Ipsac begins with an Nmap sweep, discovers only SSH and HTTP, then adds a host entry for soulmate.htb and...
India's New Deep Fake Laws
India has introduced a sweeping set of regulations targeting synthetic‑media, commonly known as deep fakes, that impose unprecedented takedown deadlines on online platforms. Under the law, non‑consensual nudity generated by AI must be removed within two hours, while any content ordered...
Techstrong TV - February 13, 2026
Now Secure CEO Alan Snyder told Techstrong TV that mobile is now ubiquitous and the primary interface for customers and employees, driving revenue and growing share of digital interactions each year. He says AI has made app development dramatically easier—he...
Keep Windows Updated
Keep Windows updated using the operating system’s built-in Windows Update and any device-maker update tools (Dell, HP, Lenovo) to maintain performance and security. Those vendor updaters provide necessary driver and firmware updates that complement Microsoft’s patches. Avoid third-party “all-in-one” updater...
LIVE PREMIERE: Global Stage: Live From the Munich Security Conference
Speakers at a live Munich Security Conference discussion warned that the world has become disorderly and multipolar, with NATO still relevant but at risk if it cannot rapidly integrate new technologies into its posture. Panelists highlighted accelerating cyber and hybrid...
Controlling Cloud Security Through Continuous Visibility I CIO Talk Network
The CIO Talk Network episode spotlights Tim Woods, VP of Technology Alliances at FireMon, discussing how continuous visibility can turn cloud security from an “oxymoron” into a manageable discipline. Woods argues that native cloud controls are insufficient without ongoing, real‑time monitoring....
Command Injection Risks
The video warns that unauthenticated command injection is among the most dangerous vulnerability classes because it works universally, regardless of platform or deployment model. Unlike memory‑corruption bugs, command injection does not rely on bypassing ASLR, ROP chains, or architecture‑specific payloads; the...
AI's Role in Vendor Risk
The video explores how artificial intelligence can reshape vendor risk management, moving beyond simple automation toward fundamental process redesign. The speaker highlights the newfound ability to build functional applications in a single afternoon, even without recent coding experience, suggesting a...
Why Sam Altman Hates This AD
The video examines OpenAI CEO Sam Altman's outspoken criticism of Anthropic’s Super Bowl commercial that directly lampoons ChatGPT. Altman’s post, amplified by BBC coverage, frames the ad as a personal attack and a broader challenge to OpenAI’s market dominance. Anthropic’s spot...
🔴 Feb 12's Top Cyber News NOW! - Ep 1067
The February 12 episode of Simply Cyber’s Daily Cyber Threat Brief, hosted by Dr. Gerald Oer, opened with community shout‑outs, sponsor plugs for Flare, Material, and Threat Locker, and a reminder that each show earns half a CPE credit for listeners. The core...
SBA 533: BACnet over SC Explained for Secure Building Automation Networks
The Smart Buildings Academy podcast episode 533 introduces BACnet over SC (Secure Connect) as the next‑generation transport for building automation networks. It explains why the legacy BACnet over IP—built on UDP, plain‑text messaging, and broadcast discovery—was adequate for isolated control...
OpenClaw Is A Mess And I Don’t Care - Threat Wire
The weekly Threatwire roundup spotlights a cascade of cyber‑security headlines, with the OpenClaw ecosystem taking center stage. The host warns that nearly 50,000 OpenClaw control panels are publicly exposed, many vulnerable to remote code execution, and that 1.5 million API...
Quantum Security Urgency
The video underscores a growing urgency for organizations to adopt quantum‑resistant security measures as regulators set definitive timelines for compliance. By establishing a clear due date, policymakers are forcing enterprises to confront the reality that data collected today could be...
🔴 Feb 11's Top Cyber News NOW! - Ep 1066
The episode of Simply Cyber’s Daily Cyber Threat Brief, hosted by Dr. Gerald Ogier, delivers the day’s top eight cybersecurity headlines while fostering a lively community of professionals. After a brief welcome and sponsor shout‑outs, the show pivots to the...
Acting ICE Director Todd Lyons Denies Existence of Database Tracking US Citizens
Acting ICE director Todd Lyons told lawmakers that U.S. Immigration and Customs Enforcement does not maintain any database tracking American citizens or protesters. He repeatedly denied that agents photograph or catalog First Amendment activity, and declined to explain an incident...
FanDuel and a $3M Fraud Case
Two Connecticut residents have been indicted on federal fraud charges for siphoning roughly $3 million from online sports‑betting platforms. Prosecutors allege the duo orchestrated a multi‑year scheme that leveraged stolen personal data to open and fund thousands of gambling accounts. The indictment...
FBI Anchorage Joins Operation Winter SHIELD
The FBI Anchorage Field Office, led by Assistant Special Agent Brandon Waddle, announced Operation Winter Shield, a nationwide cyber‑security campaign aimed at bolstering the digital defenses of Alaskans and the broader United States. The initiative distills lessons from real‑world investigations into...
🔴 Feb 10's Top Cyber News NOW! - Ep 1065
The episode of Simply Cyber’s Daily Cyber Threat Brief on February 10, 2026 centered on a new espionage campaign attributed to the China‑linked APT group UNC 3886, which targeted all four major telecom operators in Singapore using a zero‑day exploit and sophisticated rootkits. According...
Protective DNS Log Push Training Video
The video walks users through configuring Protective DNS log push, emphasizing a one‑time account upgrade for organizations onboarded before April 2023. It outlines the feature’s capacity to create up to four direct pushes to either an AWS S3 bucket or a...
Protective DNS Alert Set Training Video
The video walks through configuring alert sets within the Protective DNS Resolver management console, detailing both DNS event alerts and system event alerts for organizations. DNS event alerts trigger when queries match CISA‑global or agency‑specific filtering policies, allowing allow, block, or...
Protective DNS Authorized Sources Training Video
The video explains how to authorize sources to route traffic to a Protective DNS resolver, a required step before configuring internal destinations. Authorized sources are individual IP addresses (IPv4, IPv6, or SSE providers) grouped into logical "source sets" that reflect...
Protective DNS Policy Configuration Training Video
Protective DNS’s Policy Editor lets organizations create, manage and customize DNS filtering rules that sit at an upstream resolver for roaming and mobile devices. Policies exist at two levels—global (CISA-managed) and organizational—and can be static (rule-based) or dynamic (threat-feed driven),...
Protective DNS Resolver Log Training Video
Protective DNS’s Resolver Logs feature lets organization users with reporting roles preview, filter, download and schedule full DNS query extracts from the management dashboard. Users can filter by source set, authorized source, policy, record type, name and time range, preview...
Protective DNS User Management Training Video
The video walks through user management in the Protective DNS management application, showing how managers add organizational users, assign roles, and control access. By default new users receive read-only access to dashboards, policies, threat analysis and organization info; additional roles...
The Next Phase Of UK Cyber Strategy
The panel discussion, hosted by Rusei’s Jamie McColl, examined the United Kingdom’s current cyber‑security posture in the wake of high‑profile 2025 breaches at major retailers and Jaguar Land Rover. Participants—including NCSC chief technical officer Ollie Whitehouse, former NCSC chief Kieran Martin,...
The Hidden Problem With Cloud AI | Cisco Data Center Networking
Speakers argue that relying solely on rented cloud GPU resources is discouraging AI research because usage-based billing forces researchers to limit experimentation. They advocate for on-premises GPU infrastructure—capitalized once and reused over long lifecycles—to enable sustained exploration, hand down hardware...
Coalition’s Toomey: Rising Cyber Interconnectedness Pushes Insurers to Boost Detection, Response
Coalition highlighted the rapid cascade from disclosure to exploitation in the recent React-to-Shell vulnerability, which targeted React server components and left Next.js-hosted sites especially exposed. The firm said threat actors began scanning immediately after disclosure and that working exploits appeared...
Quantum Attacks: When and How?
The video addresses the timeline and practical implications of quantum computing for blockchain security, emphasizing that a quantum adversary capable of breaking today’s cryptographic primitives is unlikely to appear for roughly fifteen years. While the speaker cautions against complacency, he...
Department of Homeland Security Privacy Probe Will Focus on Biometric Tracking by ICE, OBIM
The Department of Homeland Security’s Office of Inspector General has opened an audit into DHS privacy practices, focusing initially on Immigration and Customs Enforcement and the Office of Biometric Identity Management to examine how personally identifiable information and biometric data...
Securing Government Digital Identity in the Age of AI, Deepfakes and Quantum Risk
Federal officials and industry experts warned that as government services digitize, robust identity assurance is essential to prevent sophisticated fraud, AI-enabled impersonation and emerging quantum risks. The GSA’s federal identity and cyber security division supports agencies with centralized resources (idmanagement.gov),...
Beyond Vendor Risk: Real-Time GRC, AI, and Protecting App User Data - Jadee Hanson - CSP #221
The episode centers on Vanta’s Agentic Trust platform and its role in protecting application user data through real‑time governance, risk, and compliance (GRC). Host Jessica Hoffman interviews JD Hanson, Vanta’s security and technology lead, who explains how the company uses...
🔴 Feb 9's Top Cyber News NOW! - Ep 1064
Episode 1064 of Simply Cyber’s Daily Cyber Threat Brief recapped the most pressing cybersecurity developments on February 9, 2026, ranging from AI‑assistant abuse to federal hardware mandates. The show highlighted OpenClaw’s new partnership with Google‑owned VirusTotal, which hashes each uploaded skill and checks...
Accelerating Incident Detection and Response I CIO Talk Network
The CIO Talk Network episode focuses on the growing difficulty enterprises face in detecting and responding to security incidents. Host Sanjor Bal and Paul Corp CISO Nares Fidila discuss how manual, skill‑dependent processes and numerous handoffs—especially for endpoint alerts—extend dwell...
Privacy Isn't What I Thought It Was
In the latest Techlore video, host Henry reflects on a decade‑long obsession with extreme privacy measures and argues that privacy should be viewed as a means to achieve broader goals rather than a final destination. He walks through the technical toys...