In this episode of The Cyber Threat Perspective, we tackle the crucial first step in cybersecurity: preventing initial compromise. We'll dissect common attack vectors like phishing and exploitation and explore layered defenses ranging from MFA and patch management to DMZs and WAFs. Get actionable guidance to integrate these controls into your security program and safeguard your organization against the risk of that initial foothold.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode of The Cyber Threat Perspective, we break down how attackers steal credentials and hijack sessions to gain unauthorized access to systems and data. From phishing to cookie stealing to session token theft, we’ll explore the most common techniques and how to defend against them. Whether you're an IT admin or security pro, you’ll walk away with practical tips to help protect your users and your organization.

Recommended Conditional Access Policies to protect against account compromise: https://x.com/techspence/status/1919815226158932119

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode Spencer and Brad review the M-Trends 2025 Report. M-Trends 2025 is Mandiant's annual report that shares frontline learnings from its global incident-response engagements—over 450 000 hours of investigations in 2024—providing sanitized, data-driven analysis of evolving attacker tactics, dwell times, industry and regional trends, and practical recommendations to help organizations improve their defenses.

M-Trends 2025: Data, Insights, and Recommendations From the Frontlines | Google Cloud Blog

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this replay, Spencer and Brad dive into lateral movement, discussing various techniques like RDP, RATs, Impacket tools, PsExec, PTH, PTT, and PowerShell Remoting. They explain how attackers use these methods to gain unauthorized access, evade detection, and enable malicious activities. They also discuss precursors to lateral movement and strategies to restrict it, such as least privilege access, network segmentation, and monitoring. The podcast emphasizes the importance of understanding lateral movement and implementing comprehensive security measures to mitigate these threats.

Resources

• https://www.reddit.com/r/cybersecurity/comments/1ellylu/what_lateral_attacks_have_you_been_seeing/
• The DFIR Report
• Lateral Movement, Tactic TA0008 - Enterprise | MITRE ATT&CK®

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Tyler and Brad discuss DMARC and how the latest version of the PCI framework requires phishing protection. You'll also learn about DMARC, DKIM, and SPF and how to elevate them to help protect your organization from attacks like Business Email Compromise (BEC).

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode of The Cyber Threat Perspective, we explore the strategic integration of deception technology like canaries and honeypots into your cybersecurity defenses. Discover how these tools allow you to detect threat actors earlier in their attack sequence, disrupt malicious activities, and mitigate potential damage to your organization. Join us for actionable insights and defensive advice to enhance your organization's security posture.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Threat reports can be goldmines for defenders — but only if we know how to extract and apply what matters. A good analysis can mean catching an attack early or missing it entirely. There's no shortage of threat intel out there. The real challenge is making sense of it without getting overwhelmed. In this episode we discuss:

• What makes up a threat report
• Goals of analyzing threat reports
• How to analyze the pieces that matter
• Actionable tips you can use today

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Brad and Sam discuss the most common security issues found on external penetration tests, how to find them yourself, and how to address them. 

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

 This episode focuses on SaaS (Software as a Service) Supply Chain Attacks. We discuss what SaaS applications are most at risk, what the real danger of saas supply chain attacks are and most importantly how to defend and detect these attacks. 

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Dive into the quirky underworld of digital misdirection in this episode, where we explore the art of typosquatting. Discover how a simple mistyped URL can turn into a gateway for cyber trickery, as we break down the many forms of typosquatting—from subtle misspellings that mimic trusted sites to more elaborate schemes designed to deceive. Learn why these small errors are so effective in luring unsuspecting users and get insider tips on how to protect yourself from falling into these cleverly crafted traps. Whether you're a digital native or just curious about the hidden risks of the internet, this episode equips you with the knowledge and defenses you need to navigate online spaces with confidence. 

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we discuss whose job is harder. The red team or the blue team? We discuss the roles and responsibilities of many red and blue teamers, the challenges both those teams face, and then we share some advice for handling and overcoming those challenges.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Unlock the secrets of effective attack surface monitoring in this replay of The Cyber Threat Perspective. Brad and Spencer dive into essential practices, tools, and methodologies to keep your systems secure.

• Define and understand attack surface and attack vectors
• Distinguish between physical and digital attack surfaces
• Explore DIY vs. commercial tools for attack surface monitoring
• Learn from bug bounty industry methodologies and resources
• Emphasize the importance of continuous monitoring and asset management

Check out our show notes for additional resources, and don't forget to like, share, and subscribe!

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we discuss several insecure protocols that are found within Active Directory environments. When these protocols are enabled, they could be abused by an attacker to perform a number of attacks, including privilege escalation and lateral movement. 

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Chelsea (ChatGTP) interviews Brad about web application penetration testing. Listen in to learn how the process works from start to finish!

Resources

• https://owasp.org/
• https://nvd.nist.gov/vuln-metrics/cvss
• https://chatgpt.com/

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Spencer and Brad discuss the ever popular and highly debated topic of evasion. In this podcast we talk about evasion from the context of evading defense controls, not necessarily EDR specific evasion techniques. Our hope with this episode is to shed light on this topic and help defenders understand various methods of evasion and this topic more in general.

Resources

• (Jun 1, 2021) Evadere Classifications - detection & response focus
• Defense Evasion, Tactic TA0005 - Enterprise | MITRE ATT&CK® - controls focus
• (Mar 22, 2024) Atomics on a Friday - Evade or Bypass - edr focus

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Spencer and Tyler discuss key things that they as pentesters wish all organizations knew about pentesting and the pentest process. They go through the entire lifecycle of a pentest and discuss definitions, processes, misconceptions and much more. By the end of this episode, we hope you have a better understanding of everything that goes into the pentesting process including things that are not typically visible to clients.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we draw parallels between natural disasters and navigating today’s cybersecurity landscape. From the importance of preparation and layered defenses to the critical need for constant monitoring and resilience, we uncover valuable lessons that nature’s challenges can teach us about protecting systems and data. Whether you’re an IT professional, a business owner, or just someone passionate about cybersecurity, this episode will inspire you to think differently about your defenses—and stay one step ahead.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Join us for this replay of episode 78 - an enthralling journey into the heart of cybersecurity operations with “Tales from the Trenches,” an exclusive podcast presented by Brad Causey, Vice President of Offensive Security at SecurIT360.

Dive deep into the high-stakes world of offensive security as Brad shares his firsthand experiences from a career spent on the front lines of digital defense.

Engage with real-life stories illustrating offensive cybersecurity's intense challenges and triumphant victories. Brad's narrative will transport you to the core of high-pressure operations, where strategic decisions can impact the security posture of entire organizations.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Welcome to this replay on The Cyber Threat Perspective! In this episode, Brad and Spencer dive into the mechanics and recent developments of email spoofing, shedding light on how attackers are bypassing advanced email protections.

In this episode, we cover:

• The fundamentals of email spoofing and why it's a significant threat.
• Insight into the recent echo spoofing campaign exploiting Proofpoint's misconfiguration.
• The role of SPF, DKIM, and DMARC in combating email spoofing.
• How threat actors are using Microsoft 365 to bypass email protections.
• Mitigation strategies and the latest updates from Proofpoint and Microsoft to address these vulnerabilities.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode of The Cyber Threat Perspective, Nathan and Spencer discuss crucial strategies for Windows and Active Directory hardening, emphasizing the importance of community collaboration and the value of using CIS benchmarks for security compliance.

In this episode, we cover:

• Implementing multi-factor authentication for domain admins
• The benefits and importance of using CIS benchmarks for Windows 10 and 11
• Advantages of having a consistent standard in an active directory environment
• Assurance and verification tools available in the benchmarks
• Simulated environment testing and active community participation for benchmark improvement

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we’re discussing what a seasoned CISO is focused on going into 2025. Mike Whitt is a Cheif Information Security Officer in the financial sector with over 20 years of experience building teams, security programs, and leading organizations to a more secure posture. 

https://www.linkedin.com/in/mike-whitt-a4b4802/

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we’re peeling back the layers of the question so many organizations ask: Why do penetration tests cost so much? But here’s the real twist—are they actually expensive, or are we measuring their value the wrong way?

By the end of this episode, you’ll understand not just the cost of a penetration test, but its value as an investment in protecting your business. We’ll dive into real-world examples, break down the factors that drive pentest pricing, and explore how it compares to the costs of incidents like data breaches, ransomware, and PR disasters. Let’s get started.

https://www.morganlewis.com/blogs/sourcingatmorganlewis/2024/03/study-finds-average-cost-of-data-breaches-continued-to-rise-in-2023

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we’re diving into one of the most enduring cybersecurity challenges—weak passwords. We’ll explore how poor password practices and identity management pitfalls leave organizations vulnerable to compromise. From understanding the most common mistakes to implementing effective defenses, we’re breaking down what it takes to fortify your systems against attackers exploiting the weakest link.

Sources

• https://www.verizon.com/about/news/2023-data-breach-investigations-report?utm_source=chatgpt.com
• https://blog.1password.com/challenges-of-shadow-it/
• https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024?msockid=2e875ee0e1fe64d22f854aa6e0746523

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, we discuss the broad concept of risk, what it is, and how to manage it. This episode is a great way to begin understanding how to develop an overall risk management strategy at your organization or understand how a risk management program might work for you.

You find out more about what Rob and his team can do here:
https://www.securit360.com/services/managed-services-consulting/
Reach him directly here: 
rob@securit360.com

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com