CyberSpace Podcast

EXPLORE

Society & Culture

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/4b/fa/9a/4bfa9a8e-b5c0-72ab-92df-8a90874d8127/mza_5958692215831676045.jpg/600x600bb.jpg

CyberSpace Podcast

Empirical Training

65 episodes

1 month ago

Josh and Robbie run duos on the pod this week, looking into early information around the recent Citrix vulnerability (CVE-2025-5777) dubbed Bleed 2 for it's similarity to the 2023 vulnerability. Bleed 2 has opened old wounds, and there has been some confusion amongst researchers and defenders due to a few rouge PoC exploits in the wild... I'm sure we'll come back to this exploit as related compromises are disclosed in the following weeks. For the second part, Robbie and Josh look at a simpler...

Show more...

All content for CyberSpace Podcast is the property of Empirical Training and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Josh and Robbie run duos on the pod this week, looking into early information around the recent Citrix vulnerability (CVE-2025-5777) dubbed Bleed 2 for it's similarity to the 2023 vulnerability. Bleed 2 has opened old wounds, and there has been some confusion amongst researchers and defenders due to a few rouge PoC exploits in the wild... I'm sure we'll come back to this exploit as related compromises are disclosed in the following weeks. For the second part, Robbie and Josh look at a simpler...

Show more...

Episodes (20/65)

CyberSpace Podcast

Citrix Bleed 2 | CyberSpace | S2E15

Josh and Robbie run duos on the pod this week, looking into early information around the recent Citrix vulnerability (CVE-2025-5777) dubbed Bleed 2 for it's similarity to the 2023 vulnerability. Bleed 2 has opened old wounds, and there has been some confusion amongst researchers and defenders due to a few rouge PoC exploits in the wild... I'm sure we'll come back to this exploit as related compromises are disclosed in the following weeks. For the second part, Robbie and Josh look at a simpler...

4 months ago

26 minutes

CyberSpace Podcast

Messaging Apps, Disinformation & Ransomware Cleanup | CyberSpace | S2E14

Join Josh, AJ and Robbie as they unpack recent developments in the threat landscape, including: US gov bans whatsapp for official use, Russia targets Ukraine using Signal. McLaren Ransomware details disclosed and a look inside a disinformation and cyber crime advertisement campaign. Support the show

4 months ago

37 minutes

CyberSpace Podcast

CoPilot EchoLeak Bug | CyberSpace | S2E13

Gen AI, LLMs and new applications of AI have created novel attack surfaces for attackers to probe, often looking to exfiltrate the hoards of sensitive data held in vector data stores. Luckily, the researchers got there first this time and discovered a super interesting attack sequence that tricks CoPilot into locating the most sensitive data it has access to, and then exfiltrating it to the attackers server. Josh, AJ and Vaughan take a look at this new bug in some depth, before looking at oth...

4 months ago

37 minutes

CyberSpace Podcast

Ukraine Claims Devastating Hack while SentinelOne Catches Supply Chain Attack | CyberSpace | S2E12

We're back! And it's been a busy week for cyber security news. Josh, AJ, Robbie and Vaughan, incident responders and SOC leaders gather to discuss a new Ticketmaster data dump reminiscent of a similar dump in 2024, details on a supply chain compromise attack that used an IT provider to go after 70+ companies, including SentinelOne, and finally a look at Ukraine's cyber offensive against a Russian bomber manufacturer. Support the show

4 months ago

33 minutes

CyberSpace Podcast

DanaBot Own Goal & M&S Breach Latest | CyberSpace | S2E11

We're back, the ET guys share where they've been hiding these last few weeks before rounding up the spike in different data breaches that have occurred in our absence. After TCS declare an internal investigation connected to the M&S breach, could a third party supply chain compromise be the common denominator between all these recent breaches? Towards the end of the pod, we celebrate some wins as the DanaBot malware as a service operation is officially shut down, thanks to some great rese...

5 months ago

39 minutes

CyberSpace Podcast

Scattered Spider Succeed with DragonForce | CyberSpace | S2E10

The Scattered Spider threat actor (also known as Octo Tempest among other names) has been attributed to some high profile breaches as part of a concerted campaign against retail organisations. with PCI DSS 4.0 having just come into full enforcement, Josh and AJ question whether retail are doing a good enough job at securing all of the sensitive data that they hold for employees and customers. Finally, the conversation turns to the future of agentic AI as Microsoft announce new Copilot feature...

5 months ago

41 minutes

CyberSpace Podcast

European Power Outage, Suspected Ivanti Zero-Day & Stats | CyberSpace | S2E9

It's an Empirical full house as Josh, Robbie, Vaughan and AJ shine their expertise on some of the key stories of this week. Join us as we analyse the massive power outage that impacted Portugal, Spain and other regions and why this could be an act of cyber warfare. We also look at a spike in scan activity for Ivanti edge devices suggesting a potential zero-day on the horizon? Finally Josh takes the guys through some of the highlights of the Verizon data breach and incident report for 2025. Su...

6 months ago

35 minutes

CyberSpace Podcast

Application Security Special | CyberSpace | S2E8

Special guest and AppSec team lead Andrew OE joins the CyberSpace team to share his specialist focus on testing, breaking and securing applications using various techniques including SAST, DAST, fuzzing, CI/CD integrations and more. At the end of the episode, Andrew lets you know where you can access his free resources to upskill your AppSec. Support the show

6 months ago

33 minutes

CyberSpace Podcast

Dialysis Hack, Hertz Breach & China Names NSA Agents | CyberSpace | S2E7

Everyone is back for a full house episode, as Josh, Robbie, Vaughan and AJ discuss a ransomware attack on a dialysis provider, the consequences of the Hertz Cleo zero-day breach and the implications of China naming alleged NSA agents involved in espionage and cyber attacks, including on the Chinese winter games. Support the show

6 months ago

31 minutes

CyberSpace Podcast

Are Ransomware Actors Abandoning Encryption? | CyberSpace | S2E6

Josh and Robbie are joined by special guest Andrew OE, AppSec Engineering leader and friend of Empirical, to discuss the shift in Hunters International's operations, the infamous ransomware as a service group formerly known as Hive, as well as an update on the Oracle breach. Support the show

6 months ago

26 minutes

CyberSpace Podcast

US Gov Signal Leak, Oracle Breach & Coinbase Compromise | CyberSpace | S2E4

Josh is joined by Vaughan and a refreshed AJ after his holiday. Using their experience on the frontlines of incident response, they talk about the security implications of using signal that people might not have considered, the Oracle breach (or not, as they still dispute it) and the impact on real Oracle users and an update from last weeks GitHub supply chain compromise see's Coinbase get compromised and rapidly contain the threat. Support the show

7 months ago

32 minutes

CyberSpace Podcast

Oracle Breach(?) Update & SANS AI Summit Highlights | CyberSpace | S2E5

Josh, AJ and Vaughan ask themselves why Oracle are denying the breach, despite Vaughan having first hand insights into organizations with compromised cloud credentials and other researchers and security companies coming forward with the same. After that, Josh provides some insights from the first day and a half of the SANS AI summit for the latest and greatest AI cyber security trends. Support the show

7 months ago

26 minutes

CyberSpace Podcast

Chat GPT SSRF Exploit & GitHub Supply Chain Attack | CyberSpace | S2E3

Josh, Robbie and Vaughan look at developments in the threat landscape this week, including an SSRF campaign from 4000s unique IPs, an SSRF vulnerability in ChatGPT's infrastructure and the GitHub supply chain attack that leaked secrets. Support the show

7 months ago

33 minutes

CyberSpace Podcast

Kill Switches, Cobalt Strike, Space Hacks & LastPass | CyberSpace | S2E2

Josh, Robbie and AJ discuss the recent attack on the Polish space agency, a developer who tried to enact revenge when he was fired, a win for the good guys and the 2022 LastPass breach's involvement in crypto heists. Support the show

7 months ago

33 minutes

CyberSpace Podcast

Bybit Heist, AI Leaks Secrets & US Stop Cyber Offensive | CyberSpace | S2E01

Welcome back! For season 2 of the Cyber Space podcast. Four cyber security experts unpick some key developments in the threat landscape, including unpicking the Bybit hack where 1.5 trillion dollars of Ethereum was stole, how AI models leaked 12000 passwords and secrets as well as taking a look at recent shifts in the US cyber intelligence programs against Russia. Support the show

7 months ago

33 minutes

CyberSpace Podcast

The Reckless Penetration Tester | 051 | CyberSpace

On this episode of Cyber Space, Josh tells the others about a reckless penetration tester who decided he should hack local businesses in order to create business for himself. He's currently facing jail time for it, so where is the line between responsible disclosure of vulnerabilities and outright egotistical attacks? Support the show

11 months ago

24 minutes

CyberSpace Podcast

Nearest Neighbour Attacks & Ransomware Gangs Coordinating | 050 | CyberSpace

The Empirical Training gang dive into a sophisticated attack where a state sponsored actor managed to compromise a Wifi network from the other side of the world, before they take a closer look at some reports on the similarities and shared capabilities of Ransomware actors. Support the show

11 months ago

27 minutes

CyberSpace Podcast

T-Mobile Hack & SOC Struggles | 049 | CyberSpace

Join Robbie, AJ and Josh as they take questions from the community on what it takes to be a SOC analyst, the moment they felt like they made it! And the moment's they are humbled... We then dive into the T-Mobile breach, reported to be compromised by Chinese state-sponsored actors and wonder if this is a sign of things to come in a geo-political world with increased tensions? Or if this was just business as usual. Support the show

11 months ago

30 minutes

CyberSpace Podcast

S3 Bucket Sniping & TPlink Botnets | 048 | CyberSpace

All four of the Empirical Trainers sit down to discuss the latest threats they've been facing in their SOCs. Securing S3 buckets has been an issue since they existed, and new developments have seen an increase in success for S3 bucket sniping and namesquatting, stealing data or uploading malicious files. A new zombie botnet is on the lose, thousands of TPlink devices being compromised by a new remote code execution attack. Support the show

11 months ago

25 minutes

CyberSpace Podcast

Spooky Cyber Security | EP047 | CyberSpace

There's a lot to be scared about in cyber security, ransomware actors, payment of ransoms, 23 and me genome mapping company breach, and critical incidents coming in at 5:25pm. Josh and Robbie, former SOC analyst together and present day builder of SOCs, and strategist of security products, to try and scare each other with real stories about cyber security in the news, and from the frontlines. Support the show

1 year ago

44 minutes