Yusuf On Security

This is the part 2 of RSAC 2025 episode. If you have not listened to episode 1 (that episode 222), I would suggest you listen to episode 1 before you listen this episode.Before you we get into part 2, lets review what has been happening last week on...

It was RSAC week and it would be remiss of me if I did not give you a highlight on what went on this year, 2025. After all, RSAC has a critical role in security.  We will be reviewing the top key announcements from this year’s event, including...

This week’s episode is continuation of Troy Hunt’s cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We’ll...

In this week’s episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through...

In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization’s security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the...

In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and...

In today’s episode, we’re diving deep into Data Exfiltration; one of the most serious threats facing organizations today.We’ll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools...

We are continuing with part 2 of “Behind the Login Screen – Understanding OS Authentication.” If you missed our first episode, I highly recommend giving it a listen before diving into today’s content. In part one, we started...

This episode is one for you system admins out there! Today we’re discussing three actively exploited vulnerabilities you absolutely need to know about—CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These vulnerabilities have been making...

This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I’m your host, Yusuf, and today’s episode is all about starting the new year with a solid plan.We’re diving into...

Today, we’re tackling a fundamental yet often misunderstood tool in every cybersecurity professional’s arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short?As...

This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all.  Lets start with the first eisode 191 – Is The Browser The New Operating...

It is a topical episode we’re diving into a high-stakes challenge every organization faces: It is holiday season, how do you manage threats when most of the security team is off duty. Imagine a holiday season, a long weekend, or even an unexpected...

In this week’s episode, we’re diving into a concerning and highly consequential topic: the Volt Typhoon espionage campaign—an advanced persistent threat that has sent shockwaves through the cybersecurity and telecommunications industries.Volt...