Blue Security
Episodes
Midnight Blizzard Attack on Microsoft
30 Jan 2024
Contributed by Lukas
Summary In this episode, the hosts discuss the midnight blizzard attack on Microsoft and the lessons that can be learned from it. They cover topics su...
X accounts hacked, 23andMe revisited, CA for Entitlement Management
23 Jan 2024
Contributed by Lukas
Summary This episode of the Blue Security Podcast discusses the recent Twitter account hacks and the importance of multifactor authentication (MFA) in...
Entra Join is the way
16 Jan 2024
Contributed by Lukas
In this episode, Andy and Adam discuss the transition from hybrid join to cloud native Entra Join for device management. They explain the difference b...
Entra improvements, QR Code phishing, AppGuard deprecated
09 Jan 2024
Contributed by Lukas
In this episode, Andy and Adam discuss updates to the Microsoft Authenticator app, including its phish-resistant capabilities and FIPS compliance. The...
Common PIM mistakes
01 Jan 2024
Contributed by Lukas
In this episode, the hosts discuss Privileged Identity Management (PIM) and common misconceptions and mistakes related to its configuration. They cove...
Microsoft Digital Defense Report 2023
25 Dec 2023
Contributed by Lukas
Microsoft's Digital Defense Report for 2023 provides insights into the state of cybercrime, critical cybersecurity challenges, and the importance ...
Audits and Data/AI Security with Special Guests Carley Salmon and Megan Maley
18 Dec 2023
Contributed by Lukas
On this episode, Adam and Andy talk with Carley and Megan, about compliance, auditing, and data protection in the cybersecurity industry. They emphasi...
CNAPP - Defender for Cloud Overview
11 Dec 2023
Contributed by Lukas
This episode of the Blue Security Podcast discusses the Cloud Native Application Protection Platform (CNAPP) and Microsoft's Defender for Cloud. T...
MeridianLink extortion, Plastic Surgery office breached, AI voice clones
04 Dec 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about a ransomware gang making an SEC complaint against their victim, a medical office breach, and AI v...
Microsoft Ignite 2023 - Part 2
04 Dec 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about more things on security from Microsoft Ignite. From canary capabilities in MDE to Automatic Condi...
Microsoft Ignite 2023 - Part 1
20 Nov 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about all the security announcements from Microsoft Ignite 2023. There were SO many that this will be p...
Okta Breach Follow-up and Passkeys
13 Nov 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about the follow up investigation from Okta about their support system breach along with some lessons t...
SEC charges Solarwinds CISO & Backing up and Archiving M365 data
12 Nov 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about the SEC charging the Solarwinds CISO with fraud and the implications on the overall security lead...
23andMe, Okta breach, MDE Automatic Attack Disruption
30 Oct 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about the 23andMe and Okta breach that happened recently along with some recommendations on how organiz...
Entra Web-sign in, MDE Device Control, Imposter Syndrome
23 Oct 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about some new features with Entra Web Sign-in and Microsoft Defender for Endpoint Device Control. They...
Conditional Access Gap Analysis
19 Oct 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about how to think about your conditional access policy design to avoid some common gaps that attackers...
Unpopular Cybersecurity Opinions
09 Oct 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about a fun Twitter/X thread where cybersecurity professionals expressed some "unpopular opinions....
JCI Ransomware, Ransomware Negotiations, CISA guidance
02 Oct 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about Johnson Controls' ransomware attack and some implications on national security. They also tal...
MITRE Engenuity ATT&CK Evaluations and Insider Risk
26 Sep 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about the results of the MITRE Engenuity ATT&CK Evaluations and how to interpret them. They also ta...
MGM Resorts Security Incident
18 Sep 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about the security incident impacting MGM Resorts. They discuss the attack vector of social engineering...
Apple 0-day's, Storm-0558 follow up, MFST Conditional Access Dashboard
11 Sep 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about Apple's no-click zero day, the technical findings of the follow up investigation on Storm-055...
Data Security in Microsoft 365
04 Sep 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about data security in Microsoft 365. They talk about data discovery, data classification, and some of ...
Side channel attack, White House cybersecurity workforce plan, IBM Cost of a Data Breach
28 Aug 2023
Contributed by Lukas
On this week's episode, Andy and Adam catch up some worthy infosec news including a new side channel attack, the White House cybersecurity workfor...
Red Teaming with Special Guest 23P
21 Aug 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk with Michael Belton and Dave Falkenstein from 23p, a Madison, Wisconsin based red-teaming company about...
Securing Entra External Identities
14 Aug 2023
Contributed by Lukas
On this week's episode, Andy and Adam talk about securing Entra external identities. They talk about B2B and B2C as well as a few other lesser kno...
Educating Defenders with Special Guest Howard Friedman, Ascent Solutions
07 Aug 2023
Contributed by Lukas
On this week's episode, Andy and Adam welcome guest Howard Friedman of Ascent Solutions to the program. Howard helps educate our audience of secur...
New SEC and FCC rules, and Samsung device security
31 Jul 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about some new SEC and FCC rules as well as some news on Samsung device security. -------------------...
Expanded M365 audit logs, Threads, new Entra features
24 Jul 2023
Contributed by Lukas
On this week's episode, Adam and Andy follow up on Storm-0558 and how Microsoft is expanding cloud logging as a result of the threat actor. They a...
Storm-0558 - Attack on Exchange Online
17 Jul 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk Storm-0558, the China-based actor, that compromised Exchange Online. They go through the attack chain a...
Common M365 Misconfigurations
10 Jul 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk through Trimarc Security's blog on M365 security misconfigurations. Surprisingly, there are a few t...
What's new with Intune and Entra
03 Jul 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about some new features in Intune and Entra. There are some great features that are in public preview a...
OWASP Top 10 and Top 10 for LLM
26 Jun 2023
Contributed by Lukas
on this week's episode, Adam and Andy talk about the OWASP Top 10 and the Top 10 for Large Language models. It is good for defenders to understand...
Network Security 101
19 Jun 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the basics of network security. They go over asset management, firewalls, IDS/IPS, NDR's, and...
MSSP's
12 Jun 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Managed Security Service Providers (MSSP's). They talk about the different levels and service...
Protecting M365 from on-premise attacks
05 Jun 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Microsoft's guidance on how to protect your M365 environment from on-premises attacks. ------...
Microsoft Build 2023 Recap
30 May 2023
Contributed by Lukas
On this week's episode, Adam and Andy give their perspective on some of the interesting security topics from Microsoft Build 2023. ---------------...
Limiting Chatgpt
22 May 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about how many companies are limiting access to ChatGPT in their corporate assets. They discuss why thi...
Apple Rapid Security, Data Encryption, Layoffs & Insider Risk
15 May 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Apple's new Rapid Security update for iOS and Android. They also talk about different ways to...
Microsoft Secure Score
08 May 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about one of the most underutilized features of M365: Secure Score. They talk about what it is and go t...
Workplace Join, Azure AD Join, and Windows (Cloud) LAPS
01 May 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about how Microsoft FTE's are going from Workplace Join to only Azure AD Join devices and their tho...
Meta E2E, Proton Pass, LI Verified ID, iPhone Security
24 Apr 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Meta's plans on end to end encryption for Facebook and Instagram messages. They also talk abo...
Security Copilot, Incident Response Retainer, Exchange Server On-Prem
17 Apr 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about some Microsoft news including the newly unveiled Security Co-Pilot. They also talk about Microsof...
State of Identity 2023
10 Apr 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Oort's report on the state of identity in 2023. They talk about the takeaways from the report...
News Update - MDVM, SEC Guidance, M365 Copilot
03 Apr 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about some recent news including Microsoft Defender Vulnerability Management going generally available,...
Protect your home network by the NSA
27 Mar 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the NSA's guidance on how to secure your home network. This may be basic for most cybersecuri...
White House National Cybersecurity Strategy
20 Mar 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the new White House National Cybersecurity Strategy from the Biden-Harris administration. -------...
Intune Suite
13 Mar 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the new Intune Suite. This is a new offering from Microsoft that will help bolster the security and s...
Lastpass Incident Update
06 Mar 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the update to the Lastpass security incident. There are a lot of lessons to learn from the mistakes o...
Road to the Cloud
27 Feb 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the different states of transformation when going through your journey to reduce dependency on on-pre...
Identity Trends
20 Feb 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk through Alex Weinert's post about Identity Trends. Stay through the end to get your identity to-do list for...
Identity Governance and Administration
13 Feb 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Identity Governance and Administration (IGA). They talk about what makes up a good IGA program and ad...
ChatGPT
06 Feb 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about ChatGPT. This innovative AI based chatbot is stirring up a storm of news. They'll talk about what it ...
Tech Layoffs
30 Jan 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about the tech layoffs. Andy talks about his career and how he's dealt with being laid off multiple times. ...
Operational Excellence
23 Jan 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about what operational excellence means and how it can help bolster your cybersecurity at your organization...
News Catchup
16 Jan 2023
Contributed by Lukas
On this week's episode, Adam and Andy do a catch up on news from December and talk about the retirement of Windows 7 ESU and 8.1. They also talk about...
Windows Defender Firewall
09 Jan 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about Windows Defender Firewall. This often is overlooked, misconfigured, or part of legacy policies. With ...
What we learned in 2022 in cybersecurity
02 Jan 2023
Contributed by Lukas
On this week's episode, Adam and Andy talk about some trends from this past year and what they would focus on securing for 2023. ---------------------...
Windows Autopatch with Special Guest Adam Nichols
26 Dec 2022
Contributed by Lukas
On this week's episode, Adam and Andy talk with Adam Nichols, a Product Manager for Windows Autopatch. They talk about all things patching and do a de...
Passkeys
19 Dec 2022
Contributed by Lukas
On this week's episode, Adam and Andy talk about passkeys. This may be the replacement for passwords that we're looking for and it is starting to go m...
Microsoft's Insider Risk Report
12 Dec 2022
Contributed by Lukas
On this week's episode, Adam and Andy talk about Microsoft's Insider Risk Report for 2022. This report give insight on how to build a holistic insider...
DDoS Protection
05 Dec 2022
Contributed by Lukas
On this week's episode, Adam and Andy talk about CISA's DDoS protection guidance. This follows the episode on Microsoft's Digital Defense Report where...
Microsoft's Digital Defense Report
28 Nov 2022
Contributed by Lukas
On this week's episode, Adam and Andy talk about Microsoft's Digital Defense Report. This report has a wealth of information on the state of cybersecu...
How to Mastodon
21 Nov 2022
Contributed by Lukas
On this week's episode, Adam is back and joined by Andy to talk about Mastodon. This decentralized social media platform has been around since 2016 an...
Patch Tuesday, Medibank Breach, Twitter Meltdown
14 Nov 2022
Contributed by Lukas
This week, friend of the pod, Shannon Fritz, fills in for Adam and he and Andy talk about the big update for Patch Tuesday, the Medibank double extort...
Old Phishing Tricks Are Still Working
07 Nov 2022
Contributed by Lukas
This week, Adam and Andy talk about the Dropbox and Twilio breach where old phishing tricks worked and attackers were able to get credentials. They al...
SOCRadar and Ignite 2022 highlights
31 Oct 2022
Contributed by Lukas
This week, Adam and Andy talk about the SOCRadar disclosure of a misconfigured Microsoft endpoint that led to a data privacy incident. They talk about...
IBM Incident Responder Report
24 Oct 2022
Contributed by Lukas
This week, Adam and Andy talk about IBM's Incident Responder Report. This report has some great empirical data on incident responder perceptions and h...
BYOD Zero-Trust Architecture
17 Oct 2022
Contributed by Lukas
This week, Adam and Andy talk about how to look at BYOD policies in a Zero-Trust architecture. They go over a blueprint put out by Microsoft Middle Ea...
MDE Tamper Protection
10 Oct 2022
Contributed by Lukas
This week, Adam and Andy talk about Microsoft Defender for Endpoint's Tamper Protection. This type of feature is also available on other endpoint prot...
Active Directory Security Tips
03 Oct 2022
Contributed by Lukas
This week, Adam and Andy talk about some tips on securing Active Directory. This was inspired by a session led by Trimarc Security at The Experts Conf...
Kerberoasted
26 Sep 2022
Contributed by Lukas
This week, Adam and Andy talk about kerberoasting: how it works and how to defend against it. Listen in on this unique attack technique! -------------...
Microsoft Teams, Patreon, and Uber
19 Sep 2022
Contributed by Lukas
This week, Adam and Andy talk about Microsoft Teams and the post-exploit technique that was discovered by Vetra's Project Team and the decision of Pat...
Cloudflare and Kiwi Farms
12 Sep 2022
Contributed by Lukas
This week, Adam and Andy breakdown what led to Cloudflare dropping Kiwi Farms as a customer, why the media and Twitter were up-in-arms about the whole...
Cloud Security 101
05 Sep 2022
Contributed by Lukas
This week, Adam and Andy talk about cloud security. If you're looking to learn about cloud security concepts, this is the show for you. They talk abou...
Beyond E5, Rebranding, Public Previews in Microsoft Security
29 Aug 2022
Contributed by Lukas
This week, Adam and Andy pull together all the new product launches and rebranding for Microsoft Security over the last couple of months. Listen in to...
Quantum & Cryptography Follow-up, TikTok, and Janet Jackson
22 Aug 2022
Contributed by Lukas
This week, Adam and Andy follow up on a few things from the post quantum cryptography episode talking about how one of the quantum resistant algorithm...
Post Quantum Series - Part 2 - Quantum Cryptography
15 Aug 2022
Contributed by Lukas
This week, Adam and Andy talk about post quantum cryptography this week. They go over why quantum computers are a threat to classical cryptography lik...
Post Quantum Series - Part 1 - Quantum Computers
08 Aug 2022
Contributed by Lukas
This week, Adam and Andy start a two part series on post-quantum computer information security. This first part goes into understanding how quantum co...
Exchange Online Protection Deep-Dive
01 Aug 2022
Contributed by Lukas
This week, Adam and Andy do a technical deep dive on Exchange Online Protection (EOP). They talk about the pre-delivery and post-delivery protections....
Personal and Organization Privacy
25 Jul 2022
Contributed by Lukas
This week, Adam and Andy talk about privacy both in organizations and your personal life. They talk about some of the new Microsoft Purview Compl...
Microsoft Security News
18 Jul 2022
Contributed by Lukas
This week, Adam and Andy talk about some security news relating to Microsoft. First they talk about a phishing campaign that Microsoft detailed that w...
Risk Management and Data Protection
11 Jul 2022
Contributed by Lukas
This week, Adam and Andy talk about risk-centric security management and how to shift from looking at just severity of vulnerabilities to reducing ris...
Basic Auth, Zero Days, & Burnout
04 Jul 2022
Contributed by Lukas
This week, Adam and Andy catch up some news in their first live show in a couple of weeks. First they talk about CISA's guidance to federal agencies t...
Secure Authentication to Azure VMs
27 Jun 2022
Contributed by Lukas
This week, Adam and Andy talk about different methods to modernize the way you authenticate to virtual machines located in Azure. The first is using A...
Don't Phish Me, Bro
20 Jun 2022
Contributed by Lukas
This week, Adam and Andy talk about OMB procurement requirements changing due to increased cybersecurity defense, Gartner's thoughts on consolidated s...
Securing Guest Access to M365
12 Jun 2022
Contributed by Lukas
This week, Adam and Andy talk about how to secure guest access and collaboration in Microsoft 365. They talk about the differences between member and ...
Windows Defender Exploit Guard
06 Jun 2022
Contributed by Lukas
This week, Adam and Andy talk about Windows Defender Exploit Guard. This is a set of protections built into Windows Server and 10/11 operating systems...
Patch Management
30 May 2022
Contributed by Lukas
This week, Adam and Andy talk about patch management. This is basic security and some organizations are still struggling with it. They talk about the ...
Domain Controller Security
23 May 2022
Contributed by Lukas
This week, Adam and Andy talk about some updated guidance for securing domain controllers in a world where the cloud is a security imperative. They al...
Cyber Threat Intelligence with Special Guest Charity Wright
16 May 2022
Contributed by Lukas
This week, Adam and Andy talk with threat intelligence expert Charity Wright. Charity talks about her military career and how she got selected as a Ch...
Andy was hacked!
09 May 2022
Contributed by Lukas
This week, Adam and Andy talk about passwordless news released on World Password Day and about how Andy was hacked...listen in to hear the details of ...
MFA Bombing
02 May 2022
Contributed by Lukas
This week, Adam and Andy talk about MFA bombing. This tricky compromise circumvents MFA. Listen on what it is and how to protect against it. ---------...
Interview with Special Guest Christina Morillo
25 Apr 2022
Contributed by Lukas
This week, Adam and Andy talk with Christina Morillo about identity, diversity in information security, and her book "97 Things Every Information Secu...
VPNs vs SDPs
18 Apr 2022
Contributed by Lukas
Adam and Andy talk about VPN's versus Software Defined Perimeters (SDP) this week. They break down why companies still use VPN's and why they pose an ...
Okta Says Sorry, Fake Warrants, New PCI Reqs
11 Apr 2022
Contributed by Lukas
This week's episode, Adam and Andy talk about some interesting infosec news including Okta's apology and how that affected their stock prices. They al...
LAPSUS$
04 Apr 2022
Contributed by Lukas
This week's episode, Adam and Andy talk about the hacker group LAPSUS$. They go over what makes this group unique in the cybercriminal world and a bre...
Infosec News Catch Up
28 Mar 2022
Contributed by Lukas
This week's episode, Adam and Andy catch up on some infosec news including the new Cyber Incident Reporting Act signed into law last week and other re...
Helpdesk Security
21 Mar 2022
Contributed by Lukas
This week's episode, Adam and Andy talk about helpdesk security. Enterprise helpdesks are often a popular target for cybercriminals because they ...
War in the Digital Age
14 Mar 2022
Contributed by Lukas
This week's episode, Adam and Andy talk about the Russian invasion of Ukraine and the information war that is happening behind the scenes. They go ove...
Windows Hello for Business Revisited
07 Mar 2022
Contributed by Lukas
This week's episode, Adam and Andy talk about the new cloud key trust deployment model for Windows Hello for Business in hybrid environments. Cloud ke...