Episode 140: Financial Services Cybersecurity Challenges & How to Address Them - Part 2
In this episode, we dive into the unique cybersecurity challenges faced by the financial services sector, from high-value targets and strict compliance requirements to the constant threat of phishing and ransomware. We’ll break down common attack paths, what makes financial orgs so attractive to threat actors, and most importantly, what IT and security teams can do to stay ahead. Whether you're on the red team, blue team, or in leadership, this episode will help you strengthen your security posture in one of the most targeted industries on the planet.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com
--------
43:33
--------
43:33
Episode 139: Financial Services Cybersecurity Challenges & How to Address Them - Part 1
In this episode, we dive into the unique cybersecurity challenges faced by the financial services sector, from high-value targets and strict compliance requirements to the constant threat of phishing and ransomware. Whether you're on the red team, blue team, or in leadership, this episode will help you strengthen your security posture in one of the most targeted industries on the planet.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com
--------
41:12
--------
41:12
(Replay) How We Evade Detection During Internal Pentests
(Replay) In this episode, Spencer and Brad discuss the ever popular and highly debated topic of evasion. In this podcast we talk about evasion from the context of evading defense controls, not necessarily EDR specific evasion techniques. Our hope with this episode is to shed light on this topic and help defenders understand various methods of evasion and this topic more in general.Resources(Jun 1, 2021) Evadere Classifications - detection & response focusDefense Evasion, Tactic TA0005 - Enterprise | MITRE ATT&CK® - controls focus(Mar 22, 2024) Atomics on a Friday - Evade or Bypass - edr focusBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com
--------
40:44
--------
40:44
Episode 138: The 7 Questions Every Security Leader Should Ask After a Pentest
In this episode of The Cyber Threat Perspective, we break down the 7 critical questions every security leader should ask after a penetration test. A pentest isn’t just about checking a box, it’s an opportunity to assess your defenses, measure progress, and refine your strategy. We discuss how to go beyond the report, extract real value from the assessment, and ensure findings lead to meaningful action across your organization. Whether you’re a CISO, IT director, or team lead, this episode will help you make every pentest count.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com
--------
42:16
--------
42:16
Episode 137: Common Pentest Findings That Shouldn’t Exist in 2025
In this episode of The Cyber Threat Perspective, we highlight the pentest findings that, frankly, have no business showing up in 2025. From accounts with weak passwords and no MFA to plaintext credentials on file shares, we break down the common misconfigurations and oversights that attackers still abuse, despite years of seeing the same issues over and over again. If you're an IT admin or security leader, this episode is your checklist of what to fix yesterday.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting [email protected]
Brasil