Get inside the minds of leading white-hat hackers and security researchers. Each week, we’ll educate and entertain you by breaking down and simplifying the latest cyber security headlines and trends. Using our special blend of expertise, wit, and cynicism, we’ll turn complex security concepts into easily understood and actionable insights.
All content for The 443 - Security Simplified is the property of Secplicity and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Get inside the minds of leading white-hat hackers and security researchers. Each week, we’ll educate and entertain you by breaking down and simplifying the latest cyber security headlines and trends. Using our special blend of expertise, wit, and cynicism, we’ll turn complex security concepts into easily understood and actionable insights.
This week on the podcast, we cover a recent blog post from Google's Threat Intelligence Group on a financially motiviated threat actor's latest techniques for stealing data. After that, we dive into the Model Context Protocol (MPC) that organizations have been rapidly adopting to add functionality to their AI deployments and all of the security risks that it introduces.
This week on the podcast, recent guest Adam Winston hops back on to continue our discussion on Artificial Intelligence in cybersecurity. This week, we focus on how attackers are using AI, what to worry about and what not to lose sleep over, and guidance for evaluating AI for use within your own organization.
This week on the podcast, we cover Coinbase's recent filing with the SEC that described an insider threat event that lead to a ransomware extortion. After that, we discuss dive in to Signal and other secure messaging apps, how they protect communications, and how other apps can undermine those protections.
This week on the podcast, we bring on Ryan Estes from the WatchGuard Threat Lab to discuss the latest trends in ransomware operations. Ryan is an expert in ransomware analysis and currently owns the data behind WatchGuard's public Ransomware Tracker on the WatchGuard Security Center.
This week on the podcast, we bring in Adam Winston, former CSO of ActZero and current Field CTO for Managed Services at WatchGuard to discuss automating the SOC with AI. We cover the history of AI in SecOps, the good and bad applications of AI and Machine Learning, what the future looks like, and how compliance might impact our ability to get there.
This week on the podcast, we discuss how the CVE program was granted an 11th hour temporary reprieve after the program’s steward, MITRE, originally announced their contract had not been renewed. After that, we cover the recent cyberattack against 4chan that took it offline and resulted in leaked moderator information and source code. We end with a quick discussion on a post-exploitation technique being used in the wild against Fortinet FortiGate devices.
This week on the podcast, we discuss a recent White House executive order that revoked the security clearances of former CISA chief Christopher Krebs as well as all other employees at SentinelOne and the implications that brings to our industry. Before that, we give a quick update on the Oracle Cloud breach from a few weeks back that Oracle has finally confirmed. We end with our thoughts on a few Microsoft Windows AI features that just launched in early preview and how they might impact data privacy and security.
This week on the podcast, we discuss a recent threat intelligence report on the Chinese Phishing-as-a-Service platform Lucid. Before that, we cover the alleged Oracle Cloud breach before reviewing the Singapore Shared Responsibility Framework, designed to combat financial scams.
This week, we discuss a recent cascading supply chain attack involving multiple Github actions workflows that nearly succeeded in compromising a popular Coinbase application. Before that, we discuss a novel way to download malware onto an endpoint by abusing a web browser's caching feature. Additionally, we cover an FBI alert on file converter malware scams.
This week on the podcast, we discuss a research post by SquareX that invents a new way to impersonate any extension installed on a victim's web browser. Before that, we cover the latest supply chain attack attempts from Lazarus, as well as a malvertising campaign that managed to infect 1 million endpoints.
This week on the podcast, we discuss a recent update from Microsoft's Threat Intelligence Center describing the latest tactics from Silk Typhoon, a Chinese nation state threat actor focusing in espionage. Before that, we cover the recent 0day vulnerabilities in VMware ESXi, Workstation and Fusion. We also analyze a report by S-RM on an Akira ransomware attack that leveraged IoT devices to hide from EDR tools.
This week on the podcast, we cover the largest cryptocurrency heist ever (for now). Before that, we cover Apple's decision to disable Advanced Data Protection (ADP) for its UK customers. We end the episode with a review of Wiz's State of Code Security report for 2025.
his week on the podcast, we cover a video game that delivered malware through the Steam marketplace before diving into an analysis of a recent Palo Alto authentication bypass vulnerability.
This week on the podcast, we cover a recent report that highlights a drop in ransomware payments in 2024. After that, we discuss a recent attack targeting ASP.NET web servers before ending with a report on sensitive data leakage caused by AI model use.
This week on the podcast, we discuss the Common Vulnerability Scoring System or CVSS and why one popular developer thinks its completely broken. After that, we cover Lumen's Black Lotus Labs' research into a Juniper backdoor malware. We end with the latest car hacking research and an admin portal with possibly the worst MFA implementation ever.
This week on the podcast, we cover security researcher Eaton Zveare's recent blog post on a trove of vulnerabilities they found in McDonalds India's McDelivery web application. Before that, we give an update on Salt Typhoon's latest US government victim and discus an attack involving hijacked Google Chrome extensions.
This week on the podcast, we dive in to the WatchGuard Threat Lab's 2025 security predictions. We'll cover each of the predictions and explain the trends that drove us to making them for the coming year.
This week on the podcast, we cover the first ever UEFI bootkit targeting Linux systems and what it means for evasive malware. After that, we give an update on whats being called "the worst telecom hack in US history" before ending with our analysis of a research post showing the latest phishing evasion techniques for malicious office documents.
This week on the podcast, we look back to our 2024 security predictions that we made last year and grade ourselves on how well we saw the future. We cover everything from AI deep-fake phishing to VR headset hacking!
This week on the podcast, we review CISA's most recent report on the top routinely exploited vulnerabilities from the last year. Before that, we cover North Korea's latest malware evasion testing followed by a report on a different evasion technique that abuses concatenated ZIP archives.
Get inside the minds of leading white-hat hackers and security researchers. Each week, we’ll educate and entertain you by breaking down and simplifying the latest cyber security headlines and trends. Using our special blend of expertise, wit, and cynicism, we’ll turn complex security concepts into easily understood and actionable insights.
