Yusuf On Security

In this week’s episode, we get into some detailed exploration of an up and coming  malware. Looking at it closer, it is one of the most advanced post-exploitation code families shaping the cybersecurity landscape in 2025. Over the time we...

This week we are exploring what Content Delivery Networks —commonly known as CDNs— are and whether they protect modern businesses. We’ll dive deep into the mechanics of how CDNs work, the technologies behind them, and whether they defend...

224 – Cisco Talos Year 2024 In Review In this week’s episode, we are looking at the latest Cisco Talos’ 2024 report.  In this comprehensive report, we will delve into the major cybersecurity trends and threats observed over the past...

This is the part 2 of RSAC 2025 episode. If you have not listened to episode 1 (that episode 222), I would suggest you listen to episode 1 before you listen this episode.Before you we get into part 2, lets review what has been happening last week on...

It was RSAC week and it would be remiss of me if I did not give you a highlight on what went on this year, 2025. After all, RSAC has a critical role in security.  We will be reviewing the top key announcements from this year’s event, including...

This week’s episode is continuation of Troy Hunt’s cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We’ll...

In this week’s episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through...

In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization’s security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the...

In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and...

In today’s episode, we’re diving deep into Data Exfiltration; one of the most serious threats facing organizations today.We’ll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools...

We are continuing with part 2 of “Behind the Login Screen – Understanding OS Authentication.” If you missed our first episode, I highly recommend giving it a listen before diving into today’s content. In part one, we started...

This episode is one for you system admins out there! Today we’re discussing three actively exploited vulnerabilities you absolutely need to know about—CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These vulnerabilities have been making...

This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I’m your host, Yusuf, and today’s episode is all about starting the new year with a solid plan.We’re diving into...

Today, we’re tackling a fundamental yet often misunderstood tool in every cybersecurity professional’s arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short?As...