Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricate relationship between privacy and security, particularly focusing on biometric data and the transition to passwordless technology. They discuss the security implications of various biometric methods, the privacy risks associated with popular web browsers like Chrome, and explore alternatives that prioritize user privacy. The conversation also highlights the controversial practices of Flock Safety in surveillance and the potential consequences of such technologies.----------------------------------------------------
YouTube Video Link: https://youtu.be/7HDxGTCRPnM
----------------------------------------------------
Documentation:
https://www.stuff.tv/features/apple-face-id-explained/
https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/faq
https://www.rd.com/article/worst-browser-for-privacy/
https://arstechnica.com/gadgets/2025/10/ring-cameras-are-about-to-get-increasingly-chummy-with-law-enforcement/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft's Digital Defense Report for 2025. The conversation delves into the critical issues surrounding identity attacks, particularly focusing on the vulnerabilities associated with weak passwords. Andy highlights the prevalence of password spraying in identity attacks and discusses the ClickFix social engineering method, which tricks users into executing malicious commands. The discussion further explores the implications of fileless malware, emphasizing its stealthy nature and the challenges it poses to traditional security measures.
----------------------------------------------------
YouTube Video Link: https://youtu.be/C4GL-Vmo_8w
----------------------------------------------------
Documentation:
https://www.microsoft.com/en-us/corporate-responsibility/cybersecurity/microsoft-digital-defense-report-2025/
Full Report: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/msc/documents/presentations/CSR/Microsoft-Digital-Defense-Report-2025.pdf#page=1
Government Executive Summary: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/msc/documents/presentations/CSR/MDDR-2025-Government-Executive-Summary.pdf#page=1
CISO Executive Summary: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/bade/documents/products-and-services/en-us/security/CISO-Executive-Summary-MDDR-2025.pdf
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant recent cybersecurity events, including the F5 breach attributed to state-backed actors, the implications of Windows 10 reaching end of life, and the risks associated with outdated mobile operating systems. They also explore the geopolitical context of cybersecurity threats from China and the lessons learned from a recent AWS outage, emphasizing the importance of preparedness and proactive security measures for organizations.----------------------------------------------------
YouTube Video Link: https://youtu.be/zn6cgCe5W8I
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/
https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign
https://www.forbes.com/sites/zakdoffman/2025/10/25/unprotected-1-billion-iphone-and-android-users-must-act-now/
https://www.wired.com/story/what-that-huge-aws-outage-reveals-about-the-internet/
https://youtu.be/43vxbytjDSM?si=bzmgru3AHrhd7lP2
https://youtu.be/vFu63JNtIZ4?si=DAi64IzjkwD5bSTW
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, Andy Jaw and Adam Brewer discuss the latest updates in Microsoft Sentinel, focusing on the new features such as the Sentinel Data Lake, Sentinel Graph, and the MCP server. They explore how these innovations enhance security operations, improve data management, and leverage AI for better threat detection and response. The conversation emphasizes the importance of cost-effective data storage and the integration of AI in cybersecurity practices.
----------------------------------------------------
YouTube Video Link: https://youtu.be/dspGvRHMiPc
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/sentinel/whats-new
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss various topics related to cybersecurity, including the security implications of WhatsApp, the challenges of age verification laws, the recent TransUnion data breach, and the significant cyber attack on Jaguar Land Rover. They emphasize the importance of strong cybersecurity measures, the risks associated with third-party data management, and the need for businesses to invest in cybersecurity to protect against potential breaches and their cascading effects on supply chains.
----------------------------------------------------
YouTube Video Link: https://youtu.be/Z-StvCprzjE
----------------------------------------------------
Documentation:
https://www.fastcompany.com/91357825/whatsapp-banned-capitol-hill-how-secure-meta-messaging-encrypted
https://arstechnica.com/security/2025/10/discord-says-hackers-stole-government-ids-of-70000-users/
https://www.msn.com/en-us/money/other/transunion-hack-has-put-44-million-americans-personal-data-at-risk-including-social-security-how-to-protect-yourself-before-it-s-too-late/ar-AA1OhP12
https://www.msn.com/en-us/news/world/fears-putin-backed-hackers-are-behind-cyber-attack-on-jaguar-land-rover/ar-AA1OiZnz
https://cybersecuritynews.com/jaguar-land-rover-breached-by-hellcat/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, hosts Andy Jaw and Adam Brewer discuss the newly announced iPhone 17 and its enhanced security features, particularly the memory integrity enforcement that aims to protect user data from spyware. They also delve into Microsoft's response to allegations regarding the use of Azure by the Israeli Defense Force for surveillance purposes, emphasizing the company's commitment to privacy. The conversation concludes with a discussion on recent supply chain attacks affecting NPM packages and the proactive measures being taken to enhance security in the software development ecosystem.
----------------------------------------------------
YouTube Video Link: https://youtu.be/YLTiud1ibhU
----------------------------------------------------
Documentation:
https://www.theverge.com/news/775234/iphone-17-air-a19-memory-integrity-enforcement-mte-security
https://security.apple.com/blog/memory-integrity-enforcement/
https://blogs.microsoft.com/on-the-issues/2025/09/25/update-on-ongoing-microsoft-review/
https://www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/
https://github.blog/security/supply-chain-security/our-plan-for-a-more-secure-npm-supply-chain/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/
https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/
https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam celebrate their five-year anniversary with guest Amren Gill, a data security solutions engineer at Microsoft. They delve into the complexities of data protection, focusing on Microsoft Purview's capabilities, including data classification, data loss prevention (DLP), and advanced data protection features. The conversation highlights the importance of securing data by default, leveraging AI for enhanced security measures, and the role of data security posture management (DSPM) in identifying and addressing security gaps. Amren also discusses the new Data Security Investigations tool, which aids in responding to data breaches effectively.
----------------------------------------------------
YouTube Video Link: https://youtu.be/MZBEW265WwU
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/purview/deploymentmodels/depmod-securebydefault-intro
https://learn.microsoft.com/en-us/purview/purview
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest developments in Microsoft security technologies, particularly focusing on Entra and its features like Continuous Access Evaluation (CAE) and the integration of threat intelligence into the Global Secure Access (GSA) platform. They reflect on their journey over the past five years of podcasting, emphasizing the importance of security in the modern digital landscape and the evolution of their discussions around these technologies.
----------------------------------------------------
YouTube Video Link: https://youtu.be/5cNlP5_uVhE
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/entra/global-secure-access/concept-universal-continuous-access-evaluation
https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-threat-intelligence
https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-transport-layer-security
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the concept of FUD (Fear, Uncertainty, and Doubt) prevalent in the cybersecurity industry. They discuss the implications of sensationalized reporting, particularly around Windows Hello for Business vulnerabilities and the importance of adopting fish resistant multi-factor authentication (MFA). The conversation also covers the security of passkeys, the risks of social engineering, and the need for critical consumption of cybersecurity news to avoid misinformation.----------------------------------------------------
YouTube Video Link: https://youtu.be/IauO5oA2BA0
----------------------------------------------------
Documentation:
https://cybersecuritynews.com/windows-hello-for-business-flaw/
https://arstechnica.com/security/2025/08/new-research-claiming-passkeys-can-be-stolen-is-pure-nonsense/
https://www.inc.com/jason-aten/why-google-is-warning-2-5-billion-gmail-users-to-stop-using-their-password/91234290
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of Microsoft licensing, focusing on device-based versus user-based licensing, the nuances of shared mailboxes, and the implications of mixing E3 and E5 licenses. They also explore Azure billing models and the costs associated with Security Copilot, providing insights into how organizations can manage their licensing effectively and economically.
----------------------------------------------------
YouTube Video Link: https://youtu.be/S54uqVMH44A
----------------------------------------------------
Documentation:
https://www.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-apps-for-enterprise-product?activetab=pivot:overviewtab
https://azure.microsoft.com/en-us/pricing/calculator/
https://youtu.be/-jG2BFPS45o?si=2BFEOt5J4ZwDtAmf
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
The hosts, Andy and Adam, delve into the nuances of licensing models, particularly focusing on the differences between frontline and information worker licenses. They explore the F1, F3, and F5 licensing models, highlighting key differences such as access to desktop applications and mailbox sizes. The episode also covers the integration of AI tools like M365 Copilot and Security Copilot, and discusses various Microsoft suites like Intune and Entra, emphasizing their components and benefits. The conversation aims to clarify the often confusing landscape of Microsoft licensing for security solutions.----------------------------------------------------
YouTube Video Link: https://youtu.be/k-Qy4XjQDqw
----------------------------------------------------
Documentation:
https://m365maps.com/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
Hosts Andy and Adam discuss the structure of enterprise agreements, the differences between Office 365 and Microsoft 365, and the transition from consumer-focused to enterprise-focused offerings. They explain the historical context of Microsoft's licensing evolution, the role of enterprise agreements, and the introduction of the Microsoft Customer Agreement for Enterprise (MCAE). The episode aims to demystify the licensing process, highlighting the importance of understanding what is included in various bundles and the benefits of moving to enterprise agreements for better pricing and comprehensive solutions.
----------------------------------------------------
YouTube Video Link: https://youtu.be/k-Qy4XjQDqw
----------------------------------------------------
Documentation:
https://m365maps.com/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, Adam and Andy discuss various topics including Instagram's location sharing capabilities and the implications of AI in the workplace. They explore the challenges organizations face with AI adoption, the need for clear policies, and the importance of data security in protecting sensitive information. The conversation emphasizes the necessity for leadership to adapt to technological advancements and provide proper training to employees.
----------------------------------------------------
YouTube Video Link: https://youtu.be/gaIcWdj3UUY
----------------------------------------------------
Documentation:
https://www.today.com/news/instagram-location-turn-off-on-rcna223521
https://www.newsweek.com/nearly-half-employees-are-using-banned-ai-tools-work-2110261
https://learn.microsoft.com/en-us/purview/data-security-posture-management
https://learn.microsoft.com/en-us/purview/dspm-for-ai
https://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-security-posture
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant developments in the cybersecurity landscape, including Palo Alto's acquisition of CyberArk, the introduction of Microsoft Sentinel's Data Lake feature, and the integration of Defender Threat Intelligence into existing Microsoft security solutions. They emphasize the importance of a platform approach to cybersecurity and the challenges associated with acquisitions in the industry.----------------------------------------------------
YouTube Video Link: https://youtu.be/8BRxQUyHNh4
----------------------------------------------------
Documentation:
https://www.paloaltonetworks.com/company/press/2025/palo-alto-networks-announces-agreement-to-acquire-cyberark--the-identity-security-leader
https://techcommunity.microsoft.com/blog/microsoft-security-blog/introducing-microsoft-sentinel-data-lake/4434280
https://techcommunity.microsoft.com/blog/defenderthreatintelligence/mdti-is-converging-into-microsoft-sentinel-and-defender-xdr/4427991
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, Adam Brewer and Andy Jaw discuss recent SharePoint vulnerabilities, the importance of data protection and governance, and the implications of the Clorox cyber attack. They explore the challenges of managing insider threats in IT, emphasizing the need for robust security measures and proactive communication with customers. The conversation highlights the critical nature of cybersecurity in today's digital landscape and the responsibilities of organizations to protect their data and systems.----------------------------------------------------
YouTube Video Link: https://youtu.be/gH8jS0mai2U
----------------------------------------------------
Documentation:
https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/?msockid=247fdde1b8b2631d1f8bc80db91a6238
https://arstechnica.com/security/2025/07/how-do-hackers-get-passwords-sometimes-they-just-ask/
https://flaglerlive.com/it-attack-firing/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the vulnerabilities in solar technology, particularly focusing on smart inverters and their implications for power grids. They delve into the cybersecurity landscape, emphasizing China's role in technology transfer and its impact on national security. The conversation shifts to the potential of AI in cybersecurity, highlighting its ability to discover vulnerabilities and anomalies, and how it can enhance security operations. The episode concludes with a positive outlook on the integration of AI in cybersecurity practices.----------------------------------------------------
YouTube Video Link: https://youtu.be/u3TfSpw10Qc
----------------------------------------------------
Documentation:
https://www.newscientist.com/article/2487089-cyberattacks-could-exploit-home-solar-panels-to-disrupt-power-grids/
https://open.spotify.com/show/1xFnf1ReS81p79TtR7f6vj?si=4d4ea5acc39c4bce
https://www.pcmag.com/news/this-ai-is-outranking-humans-as-a-top-software-bug-hunter
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates from Microsoft, focusing on security enhancements, the evolution of the blue screen of death, and new options for consumers regarding extended security updates. They also explore a new update orchestration platform aimed at improving the user experience for application updates on Windows.----------------------------------------------------
YouTube Video Link: https://youtu.be/Xknb2FXh1GY
----------------------------------------------------
Documentation:
https://www.crn.com/news/security/upcoming-microsoft-security-resilience-updates-includes-ability-to-run-services-outside-windows-kernel
https://www.theverge.com/news/692648/microsoft-bsod-black-screen-of-death-color-change-official
https://www.windowscentral.com/software-apps/windows-10/windows-10-esu-support-free-updates-cloud-backup
https://techcommunity.microsoft.com/blog/windows-itpro-blog/introducing-a-unified-future-for-app-updates-on-windows/4416354
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the recent layoffs at Microsoft and the broader implications for the tech industry. They share personal experiences and insights on navigating job loss, the randomness of layoffs, and the importance of preparation. The conversation also covers practical advice for job seekers, including tips for interviews and negotiating severance packages. The hosts emphasize the need for continuous networking and maintaining an updated resume to stay prepared for unexpected career changes.
----------------------------------------------------
YouTube Video Link: https://youtu.be/mDZXNqmGpas
----------------------------------------------------
Documentation:
https://www.cnn.com/2025/07/02/tech/microsoft-layoffs-9000-employees
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricacies of Entra External ID, a customer identity and access management solution. They discuss the importance of security considerations in application development, the risks associated with customer-facing technologies, and the need for effective authentication methods. The conversation also touches on international revenue share fraud and the implementation of authentication context to enhance security measures. The episode concludes with insights on external authentication methods and their integration into existing systems, emphasizing the collaborative nature of cybersecurity.
----------------------------------------------------
YouTube Video Link: https://youtu.be/SKxShnv6z3I
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/entra/architecture/deployment-external-operations
https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-external-method-manage
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com