Zero Day + Sloppy IAM = Catastrophe: Lessons from 2025’s Biggest Breaches w/ Darrick Richardson Artwork

#AuditTuesday GRC Podcast

Every Tuesday we're sharing valuable content for you with the leading authorities in GRC, Compliance and Identity Security.

All Episodes

#AuditTuesday GRC Podcast

Zero Day + Sloppy IAM = Catastrophe: Lessons from 2025’s Biggest Breaches w/ Darrick Richardson

December 02, 2025 • YouAttest • Season 3 • Episode 19

Discussion on how sloppy identity practices made 2025 breaches worse

2025 delivered zero-day nightmares: SharePoint RCE, Oracle EBS privilege escalation, VMware vCenter remote code execution — all exploited in the wild.

But the real catastrophe? Sloppy IAM. Overprivileged accounts, ghost users, and orphan access turned surgical strikes into enterprise-wide meltdowns. One compromised admin in VMware? Full domain takeover. One stale Oracle account? Financial data exfiltrated.

Join Garret Grajek (CEO, YouAttest) and Darrick Richardson (IAM & Cloud Security Architect) for a no-BS breakdown of 2025’s worst breaches — and how automated user access reviews stop the bleeding.

🔍 We’ll cover:

• Real 2025 zero-day attack chains

• How overprivileged & orphan accounts amplify damage

• One-click fixes with modern identity governance

Expect a lively discussion with live Q&A—questions welcomed! Don’t miss this chance to stay informed about AI governance’s future.