Enjoying the content? Let us know your feedback!

This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I’m your host, Yusuf, and today’s episode is all about starting the new year with a solid plan.

We’re diving into _Cybersecurity Resolutions for 2025: Best Practices for Individuals and Organizations._ As we step into a new year, it’s the perfect time to reflect on how we protect our digital lives—whether at home or in the workplace.

From bolstering personal security habits to implementing stronger organizational policies, this episode will cover actionable resolutions you can adopt today. Along the way, we’ll explain key jargon, explore real-life examples, and, as always, bust a common cybersecurity myth at the end.

- https://nypost.com: Apple users warned of hi-tech Mac malware that steals personal data, goes undetected for months— here’s how to stay safe
- https://www.youtube.com: When Do We Get to Play On Easy Mode?

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

Today, we’re tackling a fundamental yet often misunderstood tool in every cybersecurity professional's arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short?

As always, we’ll cut through the jargon and break things down for everyone—from seasoned professionals to those just beginning their journey in cybersecurity. And stick around until the end for this week’s myth-busting segment, where we debunk a misconception about cyber security in general that many people still believe.

So grab your favorite beverage, get set, and let’s dive right in!

• Tenable Scanner Agent went offline globally

All that coming up next, in this week episode.

- https://docs.tenable.com: Tenable Nessus Agent 2025 Release Notes
- https://www.splunk.com: Vulnerability Scanners Primer

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all. 

Lets start with the first eisode 191 - Is The Browser The New Operating System? released on the 28th of September. Next is episode 172 - SSL VPN versus IPsec VPN - Part 1 and part 2 released 18th of May and 25 of May respectively.
And finally Episode 191 - APIs and Webhooks released on the the 5th October.

Enjoy and see you in the new year!

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

It is a topical episode we’re diving into a high-stakes challenge every organization faces: It is holiday season, how do you manage threats when most of the security team is off duty.

Imagine a holiday season, a long weekend, or even an unexpected emergency. With key team members unavailable, how do we keep our defenses strong? This episode will provide actionable strategies, backed by real-world examples, to help you stay prepared.

Stick around until the end, where we’ll also bust a common cybersecurity myth.

- https://www.bleepingcomputer.com: CISA Urges Switch To Signal Like-Encrypted Messaging Apps After Telecom Hacks

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

In this week's episode, we’re diving into a concerning and highly consequential topic: the Volt Typhoon espionage campaign—an advanced persistent threat that has sent shockwaves through the cybersecurity and telecommunications industries.

Volt Typhoon, a state-backed APT group, has been making headlines for its stealthy and highly sophisticated attacks on telecom networks. In this episode, we’ll dissect the technical details of this malware campaign, the vulnerabilities it exploited, and the regulatory loopholes that attackers took advantage of. We’ll also explore lessons the industry can learn to bolster defenses and, as always, bust a common cybersecurity myth along the way.

As always, we will break down all the jargon so that anyone can understand. Whatever you are doing, settle in or keep your eyes on the road, and let’s get started.

Before we get into the main topic, we will start with a recap of top trending security news this week...and that is:

• The Last Patch Tuesday

- https://msrc.microsoft.com: Microsoft - December 2024 Security Updates
- https://www.cisa.gov: CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity
- https://www.cisco.com: China APT’s, Volt Typhoon, and what to do!
- https://www.fcc.gov:  Communications Assistance for Law Enforcement Act

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

This week episode, we dive into one of the most fascinating aspects of digital investigations: Windows forensic artifacts.

It does not matter who you are: a security professional, an aspiring investigator, or simply curious about how experts uncover the digital breadcrumbs left on your computer, this episode will walk you through the essential pieces of evidence, known as _forensic artifacts_.

We’ll dip our hand into that Shellbags...wait what bags? I heard you say, Don't worry we will break down those complex terms, discuss real-world cases, and provide you with an in-depth understanding of artifacts like Shellbags, Prefetch files, and more. 

Before we go any futher, we will review one top trending security news, this week... and that is:

•  Microsoft NTLM Zero Won't get fixed until April 2025!

- https://blog.0patch.com: NTLM Hash Disclosure Vulnerability (0day)
- https://www.splunk.com: Cyber Forensics
- https://www.coursera.org: Digital Forensics Concepts

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

Today, we’re tackling a topic that every organization, big or small, absolutely must take seriously: Incident Response Playbook

Imagine this: It’s 3 a.m., and your phone buzzes with an alert. A possible ransomware attack has been detected in your network. Do you panic, or do you execute a clear, structured plan? That’s the difference an Incident Response (IR) playbook can make—it turns chaos into control.

Today, we’ll break down what an IR playbook is, why it’s crucial, and how to implement one effectively. We’ll demystify technical jargon and provide actionable insights that you can apply right away. Stick around for the final section, where we’ll bust a common cybersecurity myth that everyone should know about.

Before we go ahead with the show, lets review the top trending security news this week:

•  https://www.bleepingcomputer.com: Microsoft TPM is non-negotiable
• https://learn.microsoft.com: Windows 11 Hardware and Software Requirements
  
  

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

This week, we’re diving into a hot-off-the-presses report from the FBI, CISA, and NSA —a breakdown of the most exploited vulnerabilities of 2023. Think of this as the hackers' “most wanted” list: the weaknesses in software and systems that bad actors love to exploit because they’re effective and widely available.

Before we get into that, lets review the top security news this week.

• Pygmy Goat: The Sophisticated Linux Backdoor Targeting Network Devices

- https://www.ncsc.gov.uk: Pygmy Goat Analysis
- https://www.cisa.gov: 2023 Top Routinely Exploited Vulnerabilities

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

Today, we’ll dive into what browser engines are, how they power your online experiences, and the security efforts shaping the modern web. We’ll also unpack extension security, with a spotlight on Google’s Manifest v3, and see how Safari and Firefox approach these challenges.

Whether you’re a casual browser user or a budding tech enthusiast, this episode is designed to give you insight into a part of your digital life that you might not even realize exists—the browser engine.

So If phrases like “browser engines” and “Manifest v3” sound daunting, don’t worry! I’ll break it all down so it’s as simple as possible. By the end, you’ll not only understand these terms but also appreciate why they’re crucial for a safer internet.

Before we  get started, lets review a top trending piece of news this week....and that is:

• iOS 18.1 Forcing Reboots

- https://www.macrumors.com: iOS 18.1 Forcing Reboots
- https://en.wikipedia.org: Browser_engine, what they are
- https://en.wikipedia.org: Comparison OF Browser Engines

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.

Enjoying the content? Let us know your feedback!

It is another week and another podcast shaw on YusufOnSecurity where we deep dive into the complex world of cybersecurity that concerns both  professionals and anyone interested in how attackers continue to evolve their methods. 
This week we will be covering advanced malware evasion techniques—strategies used by malicious software to avoid detection—and, crucially, the countermeasures that can help protect against these threats.

Before we  get started, lets review a top trending piece of news this week....and that is:

•  SANS' Holiday Hack Challenge 2024 is Up

- https://www.sans.org: SANS' Holiday Hack Challenge 2024
- https://redcanary.com: Defense- Evasion Why Is It So Prominent How Can You Detect It?
- https://attack.mitre.org/tactics/TA0005/

Be sure to subscribe!
You can also stream from https://yusufonsecurity.com
In there, you will find a list of all previous episodes in there too.