In this episode of The Cyber Threat Perspective, we're diving into one of the most pressing trends in cybersecurity: how threat actors are using AI. From deepfake scams and AI-generated phishing emails to automated malware and voice cloning, attackers are leveraging artificial intelligence to scale their operations and sharpen their tactics. We’ll break down real-world examples, tools like WormGPT, and what this means for defenders going forward.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com
--------
31:53
--------
31:53
Episode 143: Stop Wasting Money on Pentests - Do This First
In this episode, we break down a question that often gets overlooked: When should you not do a penetration test? Not every organization needs a pentest right away, and choosing the wrong assessment can waste time, money, and effort. We’ll walk through the differences between pentests, vulnerability scans, and risk assessments — and when each one is the right move.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com
--------
44:46
--------
44:46
Episode 142: How Active Directory Certificates Become Active Threats
In this episode, we're diving into one of the most overlooked yet dangerous components of Active Directory: Certificate Services. What was designed to build trust and secure authentication is now being exploited by attackers to silently escalate privileges and persist in your environment. We’ll break down how AD CS works, how it gets abused, and what defenders need to do to lock it down.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com
--------
35:56
--------
35:56
Episode 141: Are You Making These Windows Security Mistakes
It’s easy to overlook small misconfigurations on Windows endpoints, but those little mistakes can create big opportunities for attackers. In this episode, we break down the most common Windows security missteps we see in real-world environments, from missing the basics to reused local admin passwords. If you’re a sysadmin, IT admin, or just responsible for keeping Windows machines secure, this one's for you.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com
--------
30:24
--------
30:24
Episode 140: Financial Services Cybersecurity Challenges & How to Address Them - Part 2
In this episode, we dive into the unique cybersecurity challenges faced by the financial services sector, from high-value targets and strict compliance requirements to the constant threat of phishing and ransomware. We’ll break down common attack paths, what makes financial orgs so attractive to threat actors, and most importantly, what IT and security teams can do to stay ahead. Whether you're on the red team, blue team, or in leadership, this episode will help you strengthen your security posture in one of the most targeted industries on the planet.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting [email protected]
Österreich