A weekly Football Manager Podcast brought to you every Monday focusing on Football Manager past, present and future as well as little bit of real football for good measure!
…
continue reading
Patching Management Podcasts
Author and Triathlon Coach, Matt Dixon, will empower and educate you to integrate sport into life in order to reach your athletic potential because, it is through the lens of athletic potential, that you reach your human potential. In addition to topics such as planning your fitness into a time-starved life, the show will provide in-depth interviews, advice, and insight into optimizing your health, work, and life performance, along with the critical habits and approaches that facilitate the ...
…
continue reading
Verbose Mode is a bi-weekly podcast from the team at TuxCare, where IT pros Eric Hendricks and Chris DeMars dig into open source, enterprise IT, and cybersecurity without the jargon. Each episode blends real-world stories, practical insights, and a bit of geeky humor to keep sysadmins, developers, IT leaders, and open-source enthusiasts informed and inspired.
…
continue reading
Explore the life of a security leader with NetSPI Field Chief Information Security Officer (CISO) Nabil Hannan. Hear how CISOs with diverse expertise tackle the challenges and opportunities that come with life on the frontlines of cybersecurity.
…
continue reading
Endpoint Management Today is a podcast brought to you by Rhonda and James from the BigFix team. Listen in to understand how IT operations and security teams fully automate discovery, management and remediation of endpoints – whether on-premise, virtual, or cloud – regardless of operating system, location or connectivity. Hear from technical experts, customers, thought leaders and more as we bring you new episodes each month. FIND more. FIX more. DO more.
…
continue reading
…
continue reading
Soul Soiree is a weekly podcast hosted by Danielle Brooker, from The Daisy Patch, which helps people who are stuck—wanting to reclaim their lives from ‘busy’ and reconnect with themselves. This podcast is a celebration of bringing out more of ourselves. We share tips and insights to reconnect to your inner spark & interviews Soulful Inspirers who are creating more of what they want in their lives – all so you too can embrace and live your life more fully. This is about balance, wellness, not ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
That's Theatre Darling is a podcast celebrating theatre in all it's glory. I'll be joined by a whole host of inspiring guests, each with a story to tell about their life, career and an abundance of theatrical anecdotes. -Music kindly provided by the wonderful Patch and The Giant. Find more of their music at https://www.patchandthegiant.com/ [Track: Patch and The Giant - The Sleeping Boat] Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Host Noel Bradford teams up with cybersecurity experts to deliver essential tech insights for UK small businesses and consumers. Cutting through jargon with wit and authority, each episode tackles real-world cyber threats, updates, and digital security challenges that actually matter to your business. From patch management to data protection, get actionable advice that doesn't require a computer science degree.Where cybersecurity meets practicality.
…
continue reading
Welcome to the Flexera Security Vulnerability Insight Podcast, your go-to source for all things related to cybersecurity, software vulnerabilities, and threat intelligence. In this engaging podcast series, we will dive deep into the ever-evolving world of digital security, providing you with valuable insights, expert interviews, and the latest industry trends. Hosted by Jeroen Braak and leading experts in the field, each episode explores critical topics such as: Vulnerability Management: Sta ...
…
continue reading
Master the CompTIA Server+ exam with the Server+ Audio Course—your complete audio companion for learning server hardware, administration, security, storage, and troubleshooting. Each episode breaks down the official exam objectives into clear, practical lessons designed for listening and learning on the go. You’ll gain a deep understanding of physical and virtual server environments, network integration, performance monitoring, and disaster recovery planning—all explained in simple, direct l ...
…
continue reading
We have plenty of people within Foundation IT that like to talk and like to talk technology. What better way to share our knowledge, our frustrations and our thoughts for the future than via a podcast. Technology, specifically IT infrastructure, remains under invested in; whilst as a nation we responded brilliantly to the pandemic in terms of homeworking, many businesses cobbled something together and made do. With a mixture of podcast guests we’ll be tackling some of the technology challeng ...
…
continue reading
The Self Mastery Show documents the journey of internet-entrepreneur, David Wong on the path towards becoming the best version of himself. Join us in discovering your potential and definition of self mastery. David shares the lessons, struggles and feelings along his journey and also interviews like-minded individuals, thought leaders and influential celebrities to share their story. The Self Mastery Show is for you whether you're going through a bit of a rough patch in life or are already l ...
…
continue reading
Downtime Procedures is the podcast where healthcare innovation meets human ingenuity. Hosted by Rich G. Kenny, Chief Clinical Officer at Veritas Labs, and Dr. Dan Weberg, a healthcare leader with expertise in innovation and transformation, this show dives into the real stories behind healthcare’s operational challenges. Each week features candid conversations with executives, frontline leaders, and innovators tackling everything from workforce transformation to crisis management. Hear how sy ...
…
continue reading
Mastering Cybersecurity is your narrated audio guide to the essential building blocks of digital protection. Each 10–15 minute episode turns complex security concepts into clear, practical lessons you can apply right away—no jargon, no fluff. From passwords and phishing to encryption and network defense, every topic is designed to strengthen your understanding and confidence online. Whether you’re new to cybersecurity or refreshing your knowledge, this series makes learning simple, smart, an ...
…
continue reading
The Shift is a regular podcast series produced by DemandFarm that brings strategic sales and account management leaders from global companies, as guests, to share their stories & experiences about the transition to digital Key Account Management. Increasingly, as customers prefer their B2B Sales interactions to remain virtual, Key Account Management has also shifted towards a virtual direction where technology comes to the forefront as a key differentiator and enabler. Account Managers and S ...
…
continue reading
Anesthesiology News will be publishing a new season of our popular podcast series, “On the Case” and “Ask the Experts.” “On the Case” is a review series that features the authors of our popular case report series. We hear the behind-the-scenes story on the most unique clinical case studies published in the magazine directly from the professionals who managed them. The first episode of this new season features an interview with L. Jane Stewart, MD, JD, MPH, who co-wrote a case report about a ...
…
continue reading
Safeguarding Your Business in the Digital Age Welcome to The Cyberdap Podcast, your go-to resource for navigating the complex world of cybersecurity tailored specifically for small and medium business owners. In an era where digital threats lurk around every corner, staying ahead of cyber attacks is paramount to the success and security of your business. Join us as we delve deep into the ever-evolving landscape of cybersecurity, shedding light on the latest threats, vulnerabilities, and atta ...
…
continue reading
SAM is the leading provider of cloud-native security and intelligence services for unmanaged networks and IoTs, covering upwards of 500 million connected devices globally. With its powerful and intuitive AI technology, SAM addresses the challenges of our hyperconnected world, in which an explosion of IoT devices exposes potential attack surfaces for companies and consumers alike. SAM's device-agnostic software provides deep network visibility to not only protect against sophisticated cyber- ...
…
continue reading
Unscripted, anti-hustle conversations with real founders working through real problems. Behind closed doors, founders aren't talking about the highlight reels. Listen in as we help each other–and you–navigate the ups and downs of life as a business owner, whether you're on your 1st startup or your 15th.
…
continue reading
Join Director of Security Research, Neil Weitzel, for the Cygilant Cybersecurity Podcast. We’ve decided to create this cast to discuss security trends and best practices. Future casts will feature hot topics in security news, best practices, information from Cygilant labs and interviews with industry experts.
…
continue reading
1
Security Insights - Cybersecurity for Real-World Workplaces
Ivanti: Cybersecurity and Information Technology Solutions
7
52
Welcome to Security Insights, where best-practice cybersecurity meets the real-world risks facing workplaces every day. Ivanti's VP of Product Management, Chris Goettl, brings in a rotating cast of guests to discuss the strategies and tactics that truly matter to the security teams protecting organizations, agencies and businesses like yours.
…
continue reading
This Week in Enterprise Tech explores the complex, cutting edge world of enterprise technology. Hosted by Lou Maresca, TWiET features IT professionals explaining the ins and outs of enterprise solutions. Although the show is no longer in production, you can enjoy episodes from our archives.
…
continue reading
We are a show about nature’s role in tackling climate change. A new industry is taking shape, and our goal is to host a candid, cross-disciplinary conversation on nature and its role in addressing climate change. We are three friends with diverse backgrounds who met in business school at Stanford and share a common interest in demystifying natural climate solutions. Together, we’ll unpack this growing field and connect the dots across the people and ideas shaping its future. Whether you work ...
…
continue reading
Welcome to Meet YARAL, a podcast designed to bridge the gap between pharmaceutical companies and the pharmacy profession through candid conversations with pharmacists, healthcare leaders, and YARAL’s executive team. Each episode highlights the vital role pharmacists play in patient care, unpacks challenges on the front lines, and explores how thoughtful collaboration can lead to better outcomes. Along the way, we share how YARAL’s “Doing Things Differently” approach is helping redefine relat ...
…
continue reading
1
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847
5:50
5:50
Play later
Play later
Lists
Like
Liked
5:50
MongoDB Unauthenticated Attacker Sensitive Memory Leak CVE-2025-14847 Over the Christmas holiday, MongoDB patched a sensitive memory leak vulnerability that is now actively being exploited https://www.mongodb.com/community/forums/t/important-mongodb-patch-available/332977 https://github.com/mongodb/mongo/commit/505b660a14698bd2b5233bd94da3917b585c5…
…
continue reading
Merry Christmas! It's time for the 5 Star Pod quiz of the year. Madd tests the knowledge of Doop, Dave and Matt to see who will take this year's quiz crown.
…
continue reading
1
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues
6:00
6:00
Play later
Play later
Lists
Like
Liked
6:00
DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. Bu…
…
continue reading
It's a bumper save update this week. With Matt returning we hear about his early ventures in non-league, Dave talks about the latest in Scotland and Doop talks Portugal. 5 Star Potential - www.twitter.com/5starpod - www.5starpotential.com TikTok - https://www.tiktok.com/@5starpod DaveAzzopardi - Twitch: www.twitch.tv/daveazzopardi Twitter: twitter.…
…
continue reading
1
SANS Stormcast Friday, December 19th, 2025: Less Vulnerabie Devices; Critical OneView Vulnerablity; Trufflehog finds JWTs
4:37
4:37
Play later
Play later
Lists
Like
Liked
4:37
Positive trends related to public IP range from the year 2025 Fewer ICS systems, as well as fewer systems with outdated SSL versions, are exposed to the internet than before. The trend isn t quite clean for ISC, but SSL2 and SSL3 systems have been cut down by about half. https://isc.sans.edu/diary/Positive%20trends%20related%20to%20public%20IP%20ra…
…
continue reading
1
SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory
6:10
6:10
Play later
Play later
Lists
Like
Liked
6:10
Maybe a Little Bit More Interesting React2Shell Exploit Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit applications that do not have Next.js exposed. https://isc.sans.edu/diary/Maybe%20a%20Little%20Bit%20More%20Intere…
…
continue reading
1
Episode 077 – What Security Leaders Do for Fun
15:59
15:59
Play later
Play later
Lists
Like
Liked
15:59
From Spartan races to culinary arts, discover the hobbies and passions that keep CISOs balanced and inspired in this behind-the-scenes edition of Agent of Influence. Welcome to a special edition of the Agent of Influence podcast! In this episode, we step away from the usual cybersecurity deep dives to explore the personal side of security leaders, …
…
continue reading
1
383 - Triathletes Before You Start Training In 2026, Listen To This
44:01
44:01
Play later
Play later
Lists
Like
Liked
44:01
Welcome to the Purple Patch Podcast! In this episode, IRONMAN Master Coach Matt Dixon discusses strategies for setting performance goals and training effectively in 2026. He emphasizes the importance of starting now, before the holidays, to avoid the "New Year, New You" pressure. Dixon identifies three common challenges: the overwhelmed athlete, th…
…
continue reading
1
SANS Stormcast Wednesday, December 17th, 2025: Beyond RC4; Forticloud SSO Vuln Exploited; FortiGate SSO Exploited;
6:38
6:38
Play later
Play later
Lists
Like
Liked
6:38
Beyond RC4 for Windows authentication Microsoft outlined its transition plan to move away from RC4 for authentication and published guidance and tools to facilitate this change. https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication FortiCloud SSO Login Vuln Exploited Arctic Wolf observed exploit attemp…
…
continue reading
1
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML woes; MSMQ issues after patch;
5:45
5:45
Play later
Play later
Lists
Like
Liked
5:45
More React2Shell Exploits CVE-2025-55182 Our honeypots continue to detect numerous React2Shell variants. Some using slightly modified exploits https://isc.sans.edu/diary/More%20React2Shell%20Exploits%20CVE-2025-55182/32572 The Fragile Lock: Novel Bypasses For SAML Authentication SAML is a tricky protocol to implement correctly, in particular if dif…
…
continue reading
1
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches
6:45
6:45
Play later
Play later
Lists
Like
Liked
6:45
Abusing DLLs EntryPoint for the Fun DLLs will not just execute code when some of their functions are called, but also as they are loaded. https://isc.sans.edu/diary/Abusing%20DLLs%20EntryPoint%20for%20the%20Fun/32562 Apple Patches Everything: December 2025 Edition Apple released patches for all of its operating systems, fixing two already exploited…
…
continue reading
Doop and Dave lead the squad this week as they chat about the latest in the FM saves. With the teams in similar situations, they switch notes on players and tactics whilst also having a discussion on how they'd manage a team struggling at the bottom. 5 Star Potential - www.twitter.com/5starpod - www.5starpotential.com TikTok - https://www.tiktok.co…
…
continue reading
1
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack
6:56
6:56
Play later
Play later
Lists
Like
Liked
6:56
Using AI Gemma 3 Locally with a Single CPU Installing AI models on modes hardware is possible and can be useful to experiment with these models on premise https://isc.sans.edu/diary/Using%20AI%20Gemma%203%20Locally%20with%20a%20Single%20CPU%20/32556 Mystery Google Chrome 0-Day Vulnerability Google released an update for Google Chrome fixing a vulne…
…
continue reading
1
SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation
6:58
6:58
Play later
Play later
Lists
Like
Liked
6:58
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection) We observed HTTP requests with our honeypot that may be indicative of a new version of an exploit against an older vulnerability. Help us figure out what is going on. https://isc.sans.edu/diary/Possible%20exploit%20variant%20for%20CVE-2024-9042%20%28Kubernetes%20OS%20Comma…
…
continue reading
1
382 - Raising Great Humans Through Sport- The Real Path to High Performance
1:37:42
1:37:42
Play later
Play later
Lists
Like
Liked
1:37:42
Steve Magness x Matt Dixon on joy, resilience, and what actually creates long-term success in young athletes Too many conversations about youth sports focus on podiums, rankings, and early success. But the real power of sport isn't medals— it's the humans our kids become along the way. In this special conversation, performance experts Steve Magness…
…
continue reading
1
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches.
8:04
8:04
Play later
Play later
Lists
Like
Liked
8:04
Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. h…
…
continue reading
1
SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26
nanoKVM Vulnerabilities The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as undocumented may actually be documented in the underlying hardware description. https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in…
…
continue reading
1
SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln
5:34
5:34
Play later
Play later
Lists
Like
Liked
5:34
AutoIT3 Compiled Scripts Dropping Shellcodes Malicious AutoIT3 scripts are usign the FileInstall function to include additional scripts at compile time that are dropped as temporary files during execution. https://isc.sans.edu/diary/AutoIT3%20Compiled%20Scripts%20Dropping%20Shellcodes/32542 React2Shell Update The race is on to patch vulnerable syst…
…
continue reading
This week Dave and Madd lead the line discussing the latest announcement from SI with shouts set to return to FM! The lads give their thoughts on that and bring us up to date with what is happening in their own FM worlds. 5 Star Potential - www.twitter.com/5starpod - www.5starpotential.com TikTok - https://www.tiktok.com/@5starpod DaveAzzopardi - T…
…
continue reading
1
SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks
4:35
4:35
Play later
Play later
Lists
Like
Liked
4:35
Nation-State Attack or Compromised Government? [Guest Diary] An IP address associated with the Indonesian Government attacked one of our interns' honeypots. https://isc.sans.edu/diary/Nation-State%20Attack%20or%20Compromised%20Government%3F%20%5BGuest%20Diary%5D/32536 React Update Working exploits for the React vulnerability patched yesterday are n…
…
continue reading
1
SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch
6:44
6:44
Play later
Play later
Lists
Like
Liked
6:44
Attempts to Bypass CDNs Our honeypots recently started receiving scans that included CDN specific headers. https://isc.sans.edu/diary/Attempts%20to%20Bypass%20CDNs/32532 React Vulnerability CVE-2025-55182 React patched a critical vulnerability in React server components. Exploitation is likely imminent. https://react.dev/blog/2025/12/03/critical-se…
…
continue reading
1
381 - The New Science of Mental Toughness with Steve Magness
49:10
49:10
Play later
Play later
Lists
Like
Liked
49:10
Welcome to the Purple Patch Podcast! On this episode, IRONMAN Master Coach Matt Dixon and Human Performance Author & Coach Steve Magness discuss the importance of mental toughness in athletic performance and life. Magness emphasizes that mental toughness is not about ignoring pain but navigating it effectively. He highlights the need for a comprehe…
…
continue reading
1
SANS Stormcast Wednesday, December 3rd, 2025: SmartTube Compromise; NPM Malware Prompt Injection Attempt; Angular XSS Vulnerability
6:06
6:06
Play later
Play later
Lists
Like
Liked
6:06
SmartTube Android App Compromise The key a developer used to sign the Android YouTube player SmartTube was compromised and used to publish a malicious version. https://github.com/yuliskov/SmartTube/issues/5131#issue-3670629826 https://github.com/yuliskov/SmartTube/releases/tag/notification Two Years, 17K Downloads: The NPM Malware That Tried to Gas…
…
continue reading
1
SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.
5:49
5:49
Play later
Play later
Lists
Like
Liked
5:49
Hunting for SharePoint In-Memory ToolShell Payloads A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decoding embedded PowerShell commands. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524 Android Security Bulletin December 20…
…
continue reading
1
SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity
5:42
5:42
Play later
Play later
Lists
Like
Liked
5:42
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix The latest variant of ClickFix tricks users into copy/pasting commands by displaying a fake blue screen of death. https://www.acronis.com/en/tru/posts/fake-adult-websites-pop-realistic-windows-update-screen-to-deliver-stealers-via-clickfix/ B2B Guest Access Cre…
…
continue reading
This week on 5 Star Potential, Doop and Madd dive headfirst into the ups and downs of Doop’s Vitória save. Doop unpacks the twists and turns of his season of two halves
…
continue reading
1
Threat-Informed Defense: Using ATT&CK and Models to Plan Improvements
11:08
11:08
Play later
Play later
Lists
Like
Liked
11:08
Threat informed defense means using knowledge about real attacks to guide security work, so defensive choices stay connected to how adversaries actually behave in the world. For a beginner, this idea matters because it turns cybersecurity from a pile of disconnected tools into a story about attackers, their steps, and the ways defenders can interru…
…
continue reading
1
Triage 101: What Happens When an Alert Fires.
14:07
14:07
Play later
Play later
Lists
Like
Liked
14:07
Alert triage is the first pass an analyst makes on incoming security alerts. In those first few minutes, the analyst decides whether something needs fast action or patient investigation. The goal is not to solve every detail immediately, but to understand whether the situation is dangerous, harmless, or still unclear. For beginners, this moment can…
…
continue reading
1
Logs, Events, and Alerts: Turning Raw Data Into a Story
11:10
11:10
Play later
Play later
Lists
Like
Liked
11:10
Logs are the raw notes that help turn messy digital activity into clear security stories. Every website, device, and application constantly writes these notes in the background, even when people barely notice them. Security teams use logs to understand what really happened when something breaks or looks suspicious, instead of guessing based on inco…
…
continue reading
1
Types of Security Controls: Preventive, Detective, Corrective, and More
10:28
10:28
Play later
Play later
Lists
Like
Liked
10:28
Security controls are the many small and large actions, tools, and rules that organizations use to keep information, systems, and people safe from harm. When someone installs a lock, sets up a password, turns on monitoring, or writes a policy, they are putting a control in place to shape what can happen and how problems are handled. At first, the i…
…
continue reading
1
Defense in Depth: Layers That Work Together
11:12
11:12
Play later
Play later
Lists
Like
Liked
11:12
Defense in depth is a simple idea that quietly shapes strong cybersecurity for real organizations. Instead of trusting one perfect barrier, defense in depth stacks several ordinary protections so mistakes stay small. A beginner might hear about firewalls, antivirus, passwords, and backups as separate topics, without seeing how they support each oth…
…
continue reading
Network segmentation sounds like a complex expert topic, but it starts very simply. If you understand that computers send messages over shared roads, segmentation shapes those roads. Earlier episodes described basic networks and architectures, the maps connecting devices and services together. This episode builds on that foundation and zooms in on …
…
continue reading
1
You Can’t Secure What You Can’t See: Asset Inventory Basics
9:01
9:01
Play later
Play later
Lists
Like
Liked
9:01
Welcome to our exploration of why you cannot secure what you cannot see in cybersecurity. This episode focuses on asset inventory, the simple idea of knowing exactly what technology you depend on every day. Before anything else, you need to understand what security professionals mean when they say the word assets. In security, assets are anything v…
…
continue reading
Patch and update management is where earlier vulnerability concepts finally turn into concrete daily security actions. When you scan for weaknesses or read about new flaws, the story only becomes real when something actually changes on your systems. A patch is a small piece of software code that fixes a known flaw in an existing product, closing a …
…
continue reading
1
Vulnerabilities, CVEs, and CVSS Scores Explained.
12:54
12:54
Play later
Play later
Lists
Like
Liked
12:54
Vulnerabilities sit at the center of almost every cybersecurity story people read about today. A vulnerability is a weakness in hardware, software, or a process that an attacker can misuse to cause harm. When organizations understand their vulnerabilities clearly, they can fix the most dangerous ones before someone takes advantage of them in the re…
…
continue reading
1
Threat Modeling 101: Thinking Like an Attacker
13:12
13:12
Play later
Play later
Lists
Like
Liked
13:12
Threat modeling is a structured way to think about how systems might be attacked before any real harm occurs. Instead of picturing hacking as mysterious magic, threat modeling turns it into a calm, methodical review of what could go wrong and how serious each problem might be. For beginners, it provides a guided path to notice important details tha…
…
continue reading
1
SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving
6:07
6:07
Play later
Play later
Lists
Like
Liked
6:07
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Spyware attacks messaging applications in part by triggering vulnerabilities in messaging applications but also by deploying tools like keystroke loggers and screenshot applications. https://www.cisa.gov/news-events/alerts/2025/11/24/spyware-allows-cyber-threat-actors-targ…
…
continue reading
Cyber attacks rarely happen as single isolated moments; they usually unfold in connected stages over time. When headlines talk about a breach, they often focus on the final impact, such as stolen data or encrypted files, and they skip the many earlier steps that made that result possible. A beginner who only sees the ending can feel confused, surpr…
…
continue reading
1
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore
6:11
6:11
Play later
Play later
Lists
Like
Liked
6:11
Conflicts between URL mapping and URL based access control. Mapping different URLs to the same script, and relying on URL based authentication at the same time, may lead to dangerous authentication and access control gaps. https://isc.sans.edu/diary/Conflicts%20between%20URL%20mapping%20and%20URL%20based%20access%20control./32518 Sha1-Hulud, The Se…
…
continue reading
1
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
4:59
4:59
Play later
Play later
Lists
Like
Liked
4:59
Use of CSS stuffing as an obfuscation technique? Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510 Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Early exploit attem…
…
continue reading
This week Matt and Madd lead proceedings with Football Manager dropping new patches/updates. With Madd returning we catch up on the latest save updates and finish off with a quiz! 5 Star Potential - www.twitter.com/5starpod - www.5starpotential.com TikTok - https://www.tiktok.com/@5starpod DaveAzzopardi - Twitch: www.twitch.tv/daveazzopardi Twitter…
…
continue reading
