YusufOnSecurity.com

Hosted by YusufOnSecurity.Com

TechnologyInterviews guests

Website RSS feed

Episodes

276

Latest episode

May 2026

Language

EN-GB

About the show

This is a weekly podcast on cyber security domains. We discuss, dissect and demystify the world of security by providing an in-depth coverage on the cybersecurity topics that matter most. All these in plain easy to understand language. Like it, share it, and most importantly enjoy it!

Listen to episodes

60 recent

May 16, 202627 min

276 - copy.fail Explained-The Linux Kernel Bug That Turns Any User Into Root

Enjoying the content? Let us know your feedback!This week we are going to talk about a bug with one of the most misleading names I have seen in a while. It is called copy.fail. And if you saw that name pop up in your feed, you would be forgiven for thinking it was some clever browser demo, or maybe a problem with your clipboard. It is neither.copy.fail is a Linux kernel vulnerability. Its official label is CVE-2026-31431. And what makes it worth a full episode is not how exotic it is — it is actually quite simple — but how wide its reach is. This single flaw lets an ordinary, unprivileged user on a Linux machine promote themselves all the way up to root. And it does so on nearly every modern Linux distribution shipped since 2017.- https://xint.io:copy.fail- https://www.cisa.gov: CVE-2026-31431- https://www.bugcrowd.com: Hacker Opinion Piece How Lazy Hacking Killed Curls Bug-bountyBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

May 9, 202630 min

275 - The Mercor Breach-When Your Security Scanner Becomes the Attack Vector

Enjoying the content? Let us know your feedback!Today's episode is one of those stories that, when you start pulling the thread, the whole thing just keeps unravelling. We are going to talk about the Mercor breach. Now, if that name doesn't ring a bell, Mercor is a ten-billion-dollar AI recruiting startup. They match human experts with companies like OpenAI, Meta, and Anthropic to help train AI models. Big clients. Big data. Big target.Towards the end of March of this year, a threat group called TeamPCP and no, that is not a household cleaning detergent type of product - managed to steal roughly four terabytes of data from Mercor. And the way they did it? They didn't attack Mercor directly. They didn't even attack the software Mercor relied on directly. They attacked the security tool that was supposed to protect that software. Let me say that again. They compromised the vulnerability scanner. We have all that coming up next in this week's episode.- https://securitylabs.datadoghq.com: LiteLLM and Telnyx compromised on PyPI: Tracing the TeamPCP supply chain campaign- https://www.securityweek.com: SecurityWeek — Mercor Hit by LiteLLM Supply Chain Attack:Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

May 2, 202635 min

274 - Ransomware Hit a Water Plant - Why Your Tap Water Is a Cybersecurity Problem

Enjoying the content? Let us know your feedback!Today's episode is one of those stories that really does hit home. Not a bank breach. Not some government leak. I want to talk about the water coming out of your tap.On March 14th, 2026, hackers dropped ransomware on a water treatment plant in Minot, North Dakota. Staff walked in that morning, saw a ransom note sitting on a server screen, and had to unplug the whole thing. For the next sixteen hours, plant operators were physically walking through the facility, reading gauges by hand — old school, the way it was done decades ago — while the FBI got the call.The city says the water stayed safe. Nobody got sick. But this incident ripped the cover off a problem the cybersecurity community has been warning about for years: water infrastructure is dangerously exposed. And most people have no idea.Today I want to unpack what happened in Minot, why water utilities are such soft targets, what SCADA systems actually are and why they are so difficult to defend, and what defenders and regulators are doing — and should be doing — about all of this.- https://therecord.media: North Dakota Ransomware Water Plant- https://www.cisa.gov: CISA — Adapting Zero Trust Principles to Operational TechnologyBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

April 25, 202628 min

273 - Project Glasswing (Mythos) - Anthropic Watershed Moment for Cybersecurity - Part 2

Enjoying the content? Let us know your feedback!This is Part 2 of our deep dive into Anthropic's Claude Mythos Preview and Project Glasswing. In Part 1, we covered what Mythos is, how it fits into the Claude model family, and why Anthropic is pushing the boundaries of extended thinking and complex reasoning. Today, we are picking up right where we left off and turning our attention to Project Glasswing — what it is, what it means for security professionals, and why this convergence of advanced AI reasoning and autonomous capability should be on every defender's radar. If you have not listened to Part 1 yet, I would recommend going back and starting there, but if you are already caught up, let us get right into it.https://www.forrester.com: Project Glasswing The 10 Consequences Nobody Writing About Yet- https://www.anthropic.com: Project Glasswing- https://blogs.cisco.com: Rising To the Era of AI Powered Cyber Defense- https://www.wired.com: Mozilla Used Anthropics Mythos To Find 271 Bugs In FirefoxBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

April 18, 202627 min

272 - Project Glasswing (Mythos) - Anthropic Watershed Moment for Cybersecurity - Part 1

Enjoying the content? Let us know your feedback!About three weeks ago, on the 7th of April, Anthropic — the company behind the Claude family of AI models — announced something called Claude Mythos Preview. They paired the announcement with a coordinated industry effort they're calling Project Glasswing. And the headlines that followed have been, frankly, alarming.Fortune ran a piece headlined that Mythos can hack nearly anything, and we aren't ready. Coindesk reported that banks like JP Morgan, and crypto exchanges like Coinbase and Binance, are already approaching Anthropic to test it. And Anthropic's own researchers described this as a watershed moment — meaning, a before-and-after divide in how we think about software security.So let's break this down. What is Mythos? What can it actually do? And — most importantly — what should you and I, as defenders, be doing about it starting today?- https://www.anthropic.com: Project Glasswing- https://blogs.cisco.com: Rising To the Era of AI Powered Cyber Defense- https://www.wired.com: Mozilla Used Anthropics Mythos To Find 271 Bugs In FirefoxBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

April 11, 202622 min

271 - $21 Billion Lost to Cybercrime — FBI's 2025 Report and Microsoft's Massive April Patch Tuesday

Enjoying the content? Let us know your feedback!We have got two big stories to get through today. First, the FBI just released its 2025 Internet Crime Report — and the numbers are not just record-breaking, they are genuinely alarming. We are talking about over twenty billion dollars in reported losses in a single year. And for the first time ever, the report includes a dedicated section on how criminals are using artificial intelligence to supercharge their scams.Then, we are going to pivot to Microsoft's April 2026 Patch Tuesday — one of the largest patch cycles we have seen in a long time. A hundred and sixty-seven vulnerabilities fixed, including an actively exploited zero-day in SharePoint Server. If your organisation runs SharePoint, and most do, you are going to want to hear this.Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

April 4, 202626 min

270 - Securing AI - The 3 Frameworks Every Defender Must Know

Enjoying the content? Let us know your feedback!If you've been watching the cybersecurity space for the last two years, you've noticed something. Almost every breach report, every vendor pitch, every board meeting — AI is in the conversation. Sometimes as the hero, sometimes as the villain, and very often as both at the same time.But here's the uncomfortable truth. Most organisations are racing to deploy AI far faster than they are learning how to secure it. We're plugging large language models into customer service, into code pipelines, into decision-making workflows — and we're often doing it without a framework to guide us.So in today's episode, I want to fix that. I want to walk you through the three frameworks that have become the gold standards for AI security. They are NIST AI RMF, MITRE ATLAS, and the OWASP Top 10 for LLM Applications.Hopefully by the end of the next fifteen minutes, you will know what each one is, what each acronym actually stands for, what problem each one solves, and — most importantly — how they fit together so you can use them in the real world.- https://www.nist.gov: AI Risk Management Framework- https://atlas.mitre.org: MITRE ATLAS- https://owasp.org: OWASP Top 10 for Large Language Model ApplicationsBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

March 28, 202643 min

269 - Cyber Resilience in 2026 - The Skills Gap, Team Readiness, and What Security Leaders Must Do Now

Enjoying the content? Let us know your feedback!In this week's episode, I am joined by my good old friend Shakel Ahmed, a cybersecurity practitioner with over 20 years of experience across some of the most demanding environments in the industry. We are covering the importance of skills and cyber resilience — and this is particularly important for those of you who are responsible for building and maintaining security teams, managing risk at a strategic level, or simply trying to figure out where to focus your energy in an industry that never sits still. Whether you are an analyst wondering which skills will keep you relevant in the age of AI, or a CISO trying to ensure your organisation can absorb a hit and keep operating, this conversation is for you. Shakel brings a practitioner's perspective — not theory, not vendor talk — just hard-won insight on what it actually takes to build resilient people, resilient processes, and resilient organisations. So grab a coffee, settle in, and let's get into it.Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

March 21, 202630 min

268 - The Stryker Attack: How State Sponsored Hackers Weaponised a Microsoft Tool to Wipe 80K Devices

Enjoying the content? Let us know your feedback!Just over a week ago, on 11 March 2026, a cyberattack brought one of the world's largest medical device makers to its knees. Stryker - a $25 billion company that manufactures surgical robots, joint implants and emergency equipment - woke up to find thousands of employee devices wiped clean, its ordering systems offline, and surgeries being rescheduled around the world.This was not ransomware. This was something more deliberate and destructive - a wiper attack carried out by a state sponsored-linked hacking group called Handala, who exploited a trusted Microsoft device management tool to erase data from up to 80,000 employee phones and laptops in one move.In this episode, we break down exactly what happened, how it happened, and what it means for every organisation that relies on cloud-based device management tools. We also look at the governance lessons - from business continuity planning to privileged access controls - that this attack makes impossible to ignore.- https://csrc.nist.gov: NIST SP 800-34 Rev. 1 - https://www.cybersecuritydive.com: Stryker attack raises concerns about role of Microsoft IntuneBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

March 14, 202629 min

267 - SMB Protocol Explained-Why It Keeps Getting Hacked and Why We Can't Remove it?

Enjoying the content? Let us know your feedback!Today we are talking about a protocol that is older than most of the people working in IT security right now, a protocol that has powered some of the most catastrophic cyberattacks in history, a protocol that security professionals have been trying to retire for years — and a protocol that is still quietly running in the background of almost every Windows environment on the planet. I am talking about SMB — the Server Message Block protocol. By the end of this episode, you will understand what it does, why it has been so dangerous, how it connects to something we have touched on before called Kerberos and NTLM authentication, and most importantly, what you should actually be doing about it in your organisation today. So, lots to talk about today. Lets go!- https://learn.microsoft.com: SMB Security Hardening - https://blog.barracuda.com: Majority of Attacks Against SMB Protocol Attempt to Exploit EternalBlue- https://securelist.com: NTLM Is Being Abused In 2025Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.