Yusuf On Security

Security news, opinion and advice

Cybersecurity topics that matter most.

Weekly podcast on cybersecurity domains. We discuss, dissect and demystify the world of security by providing an in-depth coverage on the cybersecurity topics that matter most. All these in plain easy to understand language. Like it, share it, and most importantly enjoy it!

Latest episodes

190 – DevSecOps

n this episode lets look at the world of DevSecOps—a vital practice in modern software development that has implication on security. We’ll trace the history of software development, discuss the evolution of methodologies, and examine the challenges...

188 – Yubikey Vulnerability

In this episode we’re diving into an important topic that concerns one of the most trusted hardware security tokens on the market—the YubiKey 5 series. We’ll discuss a recently discovered vulnerability affecting YubiKeys and go over what it means...

186 – The New NIST Framework 2.0

In today episode we’re diving into something that’s been making waves in the cybersecurity community—NIST Cybersecurity Framework 2.0.The NIST Cybersecurity Framework has long been a cornerstone for building robust security practices, and with the...

181 – The CrowdStrike IT Outage

This week’s episode needs very little introduction: The CrowdStrike IT Outage.We will delve into the unprecedented IT outage caused by a corrupt update from CrowdStrike, which led to widespread Blue Screen of Death (BSOD) errors on Windows...

178 – Trusted Relationship Attacks

In this episode, we’re focusing on the rising trend of IT outsourcing and its implications for cybersecurity. As more businesses delegate non-core tasks to third-party providers, they inadvertently open doors to trust relationship attacks...

175 – The Dangers Of Remote Workers

In this week’s episode, we’re tackling a topic that has become increasingly relevant in our post-pandemic world: the hidden dangers posed by remote work.As more companies embrace flexible work arrangements, the convenience and efficiency...

Latest from the blog

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...