Yusuf On Security

– : North Dakota Ransomware Water Plant – : CISA — Adapting Zero Trust Principles to Operational Technology So, today’s episode is one of those stories that really does hit home. Not a bank breach. Not some government leak. I want...

If you’ve been watching the cybersecurity space for the last two years, you’ve noticed something. Almost every breach report, every vendor pitch, every board meeting — AI is in the conversation. Sometimes as the hero, sometimes as the...

In this week’s episode, I am joined by my good old friend Shakel Ahmed, a cybersecurity practitioner with over 20 years of experience across some of the most demanding environments in the industry. We are covering the importance of skills and...

Just over a week ago, on 11 March 2026, a cyberattack brought one of the world’s largest medical device makers to its knees. Stryker – a $25 billion company that manufactures surgical robots, joint implants and emergency equipment...

Cisco Live is one of the largest networking and security conferences in the world, bringing together thousands of IT and security professionals for a week of learning, innovation, and hands-on experience — and this year, I was there, working as a...

In Part 1 of this series, we explored why Microsoft is finally saying goodbye to NTLM authentication after more than 25 years of service. We discussed NTLM’s security weaknesses, from relay attacks to weak cryptography, and touched on Kerberos...

Today, we’re diving into a significant announcement from Microsoft that will fundamentally change how Windows handles authentication. In this two-part series, we’ll explore Microsoft’s plan to phase out the NT LAN Manager protocol...

It has been a while since we’ve done a news update episode. So today, we’re diving into two major stories that have been dominating cybersecurity headlines this past week. First, we’ll unpack React2Shell, a critical vulnerability...

Today, we’re focusing on the critical lessons from one of the most disruptive IT failures in recent memory: the global outage triggered by a CrowdStrike software update on July 19, 2024. While the headlines focused on grounded flights and downed...

This week on YusufOnSecurity, we’re diving into a topic that’s become increasingly critical as our world grows more connected: the security of the Internet of Things, or IoT. From smart thermostats and wearable fitness trackers to industrial sensors...

In today’s interconnected world, the security of our digital infrastructure relies heavily on cryptography—the science of protecting information by transforming it into unreadable formats for unauthorized users. But how do we know the cryptographic...

In today’s episode is about a seismic shift in the world of cyber threats. The emergence of AI-powered malware. We’ll unpack how this new breed of malware works, the science behind it, real-world incidents, and what the latest academic research...

Today, we’ll answer a pressing question in cybersecurity: Is UTM still relevant in 2025? We’ll trace the origins of UTM, explain why it was created, break down its core features, compare it to newer technologies, and finish by busting a common...

In this week’s episode, we get into some detailed exploration of an up and coming  malware. Looking at it closer, it is one of the most advanced post-exploitation code families shaping the cybersecurity landscape in 2025. Over the time we...