InfoSec Bites
Episodes
Risk Assessment in Cyber Security
30 Apr 2026
Contributed by Lukas
The discussion in this podcast explores cybersecurity risk assessment as a vital strategic capability for modern organizational resilience. It cente...
Risk Governance in Cyber Security: Foundations and Frameworks
23 Apr 2026
Contributed by Lukas
The discussions in this podcast serves as a comprehensive manual on cybersecurity risk governance, emphasizing its role as the strategic blueprint for...
Cloud Forensic : Trustworthiness of Digital Evidence in Cloud Environments
16 Apr 2026
Contributed by Lukas
In this podcast we discuss a systematic literature review investigating the legal and technical hurdles of cloud-based digital forensics. The discussi...
VM Escape in Cloud: Hypervisor Security and the Evolution of Virtual Isolation
09 Apr 2026
Contributed by Lukas
In this podcast we examine the complex security landscape of virtualization and bare metal cloud environments, focusing on the critical threat of Virt...
VM and Resource Sprawl: Mastering Cloud Efficiency
02 Apr 2026
Contributed by Lukas
This podcast collectively define and address the challenges of cloud and virtual machine sprawl, emphasizing the necessity of cost optimization and...
Zero-Click Attacks: The Invisible Cyber Threats
26 Mar 2026
Contributed by Lukas
In this episode we examine the rise of zero-click hacking, a sophisticated cyber threat that compromises devices through unpatched software flaws w...
Crypto-Shredding: Cloud Data Sanitization and Quantum Security Strategies
20 Mar 2026
Contributed by Lukas
In this Podcast we discuss crypto-shredding, a data sanitization method where information is rendered unreadable by permanently destroying its encry...
Cloud Data Governance: Life Cycle, Global Regulations, and Compliance Frameworks
13 Mar 2026
Contributed by Lukas
In this podcast we will discuss comprehensive analysis of Cloud Data Lifecycle Management (CDLM), tracing the journey of digital information from its ...
Cloud eDiscovery and Jurisdictional Conflicts
06 Mar 2026
Contributed by Lukas
Modern legal discovery and digital forensics are increasingly defined by the transition from traditional email to complex cloud-based platforms and co...
GDPR vs The CLOUD Act: Navigating Global Data Sovereignty
27 Feb 2026
Contributed by Lukas
In this podcast we examine the complex regulatory intersection of the General Data Protection Regulation (GDPR) and international laws governing dat...
Hypervisor - Security and Architecture : AWS, GCP, Azure
20 Feb 2026
Contributed by Lukas
Hypervisor - Security and Architecture : AWS, GCP, Azure
Confidential Computing and Trusted Execution Environments (TEEs) in the Cloud
13 Feb 2026
Contributed by Lukas
In this podcast we discuss Confidential computing which refers to technologies that protect data while it's being processed in memory, ensuring it...
Cloud Security Alliance's Governance Frameworks: Cloud Control Matrix and STAR
07 Feb 2026
Contributed by Lukas
The Cloud Security Alliance (CSA) provides a global framework for cloud governance and trust. Key tools like the Cloud Controls Matrix (CCM) and the S...
Well Architected Framework :The Architecture of Resilience
06 Feb 2026
Contributed by Lukas
Major cloud providers like Amazon Web Services, Microsoft Azure, and Google Cloud have developed Well-Architected Frameworks to help organisatio...
Engineering Resilience: The Netflix Chaos Framework
02 Feb 2026
Contributed by Lukas
In this podcast we explore Netflix’s Chaos Engineering philosophy, a proactive strategy designed to ensure business continuity and disaster recove...
The Architecture of Isolation: Virtualization Security and Cloud Exploits
28 Jan 2026
Contributed by Lukas
In this podcast we examine the critical evolution of virtualisation security within modern cloud environments, highlighting how the hypervisor act...
SS7 Attacks: Decade Old Flow In Your Phone, Vulnerabilities, Exploitation, and Remediation
23 Jan 2026
Contributed by Lukas
The dicussion provides a detailed expert analysis of the Signaling System 7 (SS7) protocol, identifying it as a foundational yet profoundly vulnerable...
Security Architectures: Zero Trust vs Defence in Depth
16 Jan 2026
Contributed by Lukas
The podcast dicussion provides an extensive comparative analysis of two major cybersecurity paradigms: Defence in Depth (DiD) and Zero Trust Architect...
Salesforce/Salesloft Cyber Incident 2025: Identity and API Crisis Analysis
09 Jan 2026
Contributed by Lukas
The dicussion in this podcast provides an extensive post-mortem and strategic analysis of the 2025 Salesforce/Salesloft cyber incident, attributed to ...
MFA Fatigue and Social Engineering Cyber Incidents
26 Dec 2025
Contributed by Lukas
The discussion in this podcast is about analyzing the rise of Multi-Factor Authentication (MFA) fatigue as a critical new cyber threat, detailing how ...
Willow Processor: Fault Tolerance and Verifiable Quantum Advantage
19 Dec 2025
Contributed by Lukas
This podcast primarily discusses Google’s advancements in processor technology, focusing on the Willow quantum chip and the Tensor series of syst...
Cybersecurity Strategies 2025: Attack, Defence, and Future Trends
12 Dec 2025
Contributed by Lukas
This comprehensive summary outlines in this podcast is about the 4th Edition of "Cybersecurity Attack and Defense Strategies" (2025) by Yuri...
Federal Information Processing Standards(FIPS): Security, Adoption, and Key Standards
05 Dec 2025
Contributed by Lukas
The discussion in this podcast offers a comprehensive overview of Federal Information Processing Standards (FIPS), which are guidelines developed by t...
FIDO2: Deep Dive into The New Passwordless Authentication Standard
28 Nov 2025
Contributed by Lukas
The discussion in this podcast provides an extensive, expert-level overview of FIDO2, which is presented as the new gold standard for passwordless aut...
Virtualisation and VDI: Architecture, Security, Exploitation, and Resilience
21 Nov 2025
Contributed by Lukas
The discussion in this podcast provides an extensive analysis of the security challenges, exploitation techniques, and resilience strategies necessary...
Eternal Blue & WannaCry: How NSA secret leaked & Cost the world $10B
14 Nov 2025
Contributed by Lukas
The interesting discussion in this podcast provides a comprehensive post-mortem of the EternalBlue cyber crisis, focusing primarily on the devastating...
Cozy Bear's(APT29) Quiet Espionage Against the DNC
07 Nov 2025
Contributed by Lukas
The discussion in this podcast provide an extensive analysis of the Russian threat actor Cozy Bear (APT29), focusing on its sophisticated cyber espion...
Due Diligence and Due Care in Security Governance
03 Nov 2025
Contributed by Lukas
The dicussion in this podcast provides an exhaustive analysis of Due Diligence (DD) and Due Care (DC), presenting them as the dual legal and operation...
Jaguar Land Rover 2025 Cyber Failure: Resilience and IT/OT Breakdown
01 Nov 2025
Contributed by Lukas
This podcast dicussion provides an extensive post-mortem analysis of the Jaguar Land Rover (JLR) Cyber Incident of 2025, which caused an estimated £1...
SIEM, SOAR, EDR, and DLP: The Integrated Cybersecurity Ecosystem
30 Oct 2025
Contributed by Lukas
The dicussion in this podcast provides an extensive overview of the integrated cybersecurity ecosystem, detailing the four foundational pillars necess...
Single Sign-On(SSO) Protocols: Kerberos, SAML, OAuth, and OpenID Connect
29 Oct 2025
Contributed by Lukas
The discussion in this podcast is an expert-level analysis of four critical Single Sign-On (SSO) protocols: Kerberos, SAML, OAuth, and OpenID Connect ...
Overflow, RCE, and MITM Attacks: Advanced Cyber Threats
27 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an extensive analysis of three major categories of cyber threats: Buffer Overflow, Remote Code Execution (RCE)...
Australia's Cyber Security Act 2024: Analysis and Impact
26 Oct 2025
Contributed by Lukas
The dicussion in this podcast provides an exhaustive analysis of the Australian Cyber Security Legislative Package of 2024, a major government overhau...
AWS US-EAST-1 Outage: Cascading Failure and Systemic Fragility
25 Oct 2025
Contributed by Lukas
The podcast discussion provides an extensive forensic analysis of the Amazon Web Services (AWS) US-EAST-1 outage in October 2025, attributing the init...
OAIC and ACSC: Australian Cyber Preparedness and Response Benchmarks
24 Oct 2025
Contributed by Lukas
The discussion on this podcast is an extensive analysis of the Australian cyber security benchmarks established by the Federal Court's landmark ju...
Quantum World Congress 2025: Summary and Key Themes
22 Oct 2025
Contributed by Lukas
The podcast provides an extensive overview of the rapidly advancing field of quantum technology, focusing heavily on the Quantum World Congress 2025 e...
Optus Data Breach: A Deep Analysis of Broken API & Corporate Negligence
21 Oct 2025
Contributed by Lukas
The discussion in this podcast provides a deep analysis of the 2022 Optus data breach, describing it as a failure of national significance in Australi...
Medibank Cyber Incident 2022: Analysis and Lessons Learned
20 Oct 2025
Contributed by Lukas
The dicussion in this podcast offers a comprehensive overview of the Medibank cyber incident in 2022, detailing the catastrophic data breach suffered ...
Qantas 2025 Cyber Attack: Supply Chain Attack and Incident Response
19 Oct 2025
Contributed by Lukas
This podcast discussion provides a comprehensive overview of the Qantas data breach that occurred in July 2025, which compromised approximately 5.7 to...
REST APIs and Webhooks: Architecture and Security Deep Dive
18 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an expert-level analysis of two foundational architectural paradigms in digital communication: REST APIs and W...
OAIC vs Australian Clinical Labs: Establishment of Australia's Privacy Enforcement Benchmark
18 Oct 2025
Contributed by Lukas
The dicussion in this podcast details the landmark legal proceedings and outcome against Australian Clinical Labs (ACL) concerning a February 2022 dat...
The AI Crawler Bots Arms Race: Threat Report
17 Oct 2025
Contributed by Lukas
The dicussion in this podcast provides an extensive threat report from 2025 detailing the "AI Crawler Arms Race," which is driven by the urg...
NIST PQC: The Race for Post-Quantum Standards
16 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an extensive overview of the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (...
Active Directory, EntraID, Azure AD: MS Identity Services Architecture, Security & Incidents
15 Oct 2025
Contributed by Lukas
The podcat discussion provides a comprehensive security audit of Microsoft's identity services, comparing the architecture, protocols, and vulnera...
OpenSSL: Architecture, Agility, and Quantum Resilience
14 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an extensive audit of the OpenSSL 3.x toolkit, focusing on its architecture, strategic agility, and quantum re...
AWS Security: An Exhaustive Analysis of its Defense in Depth Architecture
13 Oct 2025
Contributed by Lukas
The podcast discusses an extensive analysis of the Amazon Web Services (AWS) security architecture, focusing on its implementation of the Defense in D...
HTTP/2 Deep Dive: Architecture, Security, Vulnerabilities & Quantum Threat
12 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an extensive analysis of the HTTP/2 protocol, detailing its architectural shift from the text-based HTTP/1.1 t...
ISO 27001: Strategic Information Security Framework
11 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an extensive overview of the ISO/IEC 27001:2022 standard, which serves as the international framework for an I...
AWS ELB, Route 53, and CloudFront Deep Dive
10 Oct 2025
Contributed by Lukas
This podcast provides a comprehensive architectural and security analysis of three core AWS global delivery services: Elastic Load Balancing (ELB), Am...
SolarWind's Supply Chain Espionage: How Sunburst Attack Shattered Digital Trust
09 Oct 2025
Contributed by Lukas
The discussion in this podcast provides an extensive analysis of the SolarWinds cyber incident, detailing how the sophisticated, state-sponsored attac...
Pillars of Cyber Risk : Vectors, Surface, Appetite, Tolerance
06 Oct 2025
Contributed by Lukas
The podcast provides a comprehensive discussion on the Governance, Risk, and Compliance (GRC) Nexus, specifically exploring four foundational cybersec...
CISSP Domain-8: Software Development Security
05 Oct 2025
Contributed by Lukas
The dicussion in this podcast offers a comprehensive overview of Software Development Security, covering the Software Development Life Cycle (SDLC) an...
Capital One Cloud Breach: Misconfigured WAF and Least Privilege Principle Violation
04 Oct 2025
Contributed by Lukas
The podcast discusses post-mortem analysis of the 2019 Capital One cloud breach, detailing the technical, human, and systemic failures that allowed fo...
JFrog Artifactory: DevSecOps, Binary Repository Management and Image Security
02 Oct 2025
Contributed by Lukas
The discussion in this podcast provides a comprehensive security overview of JFrog Artifactory, a critical and foundational component acting as a univ...
CISSP Domain-7: Security Operations
01 Oct 2025
Contributed by Lukas
The podcast discussions details critical aspects of maintaining an organisation's security posture and operational resilience. The discussion cove...
CISSP Domain-6: Security Assessment and Testing
30 Sep 2025
Contributed by Lukas
This discussion in the podcast provides an extensive overview of security assessments, testing, and audits, detailing the processes necessary to evalu...
Australian Privacy Principles: Deep Dive for InfoSec Professionals
29 Sep 2025
Contributed by Lukas
The podcast dicussion provides an extensive analysis of the Australian Privacy Principles (APPs), which constitute the core legal framework for data p...
CISSP Domain-5: Identity and Access Management (IAM)
28 Sep 2025
Contributed by Lukas
The dicussion in this podcast provides an extensive overview of Identity and Access Management (IAM) concepts, focusing on the critical phases of iden...
ISO 27005: A Strategic Deep Dive into Information Security Risk Management
27 Sep 2025
Contributed by Lukas
The discussion in this podcast provides an extensive comparative analysis of two leading information security risk management methodologies: the ISO/I...
CISSP Domain-4: Communication and Network Security
27 Sep 2025
Contributed by Lukas
The discussion in this podcast provides an extensive overview of networking fundamentals and secure communication channels, primarily focusing on the ...
CISSP Domain-3: Architectures, Cryptography, and Physical Security.
27 Sep 2025
Contributed by Lukas
The podcast disucssion offers an expansive overview of various information technology (IT) and operational technology (OT) concepts, covering system a...
CISSP Domain-2: Asset Security
27 Sep 2025
Contributed by Lukas
The discussion in this podcast provides a comprehensive overview of asset and data security, focusing heavily on information as an organisation's ...
CISSP Domain-1: Security, Risk, and Compliance Management
27 Sep 2025
Contributed by Lukas
In this podcast we discuss a comprehensive overview of cybersecurity governance, risk management, and compliance within an organizational context. It ...
AWS GuardDuty: Threat Hunting Beyond Alerts, Architecture and Incidents
25 Sep 2025
Contributed by Lukas
The discussion in this podcast provides a comprehensive analysis of Amazon GuardDuty, an intelligent, fully managed threat detection service within th...
XSS, CSRF, and SSRF Analysis: Web Application Forgeries.
24 Sep 2025
Contributed by Lukas
The podcast discussion provides an extensive analysis of three major web application security flaws: Cross-Site Scripting (XSS), Cross-Site Request Fo...
AWS Security Incident Lessons: Customer Failure Archetypes
20 Sep 2025
Contributed by Lukas
The discussion in this podcast provides a detailed analysis of significant security incidents involving Amazon Web Services (AWS) and consistently con...
AWS IAM: Architecture, Security, and Incident Analysis
19 Sep 2025
Contributed by Lukas
The discussion in this podcast provides an extensive overview of AWS Identity and Access Management (IAM), describing it as the foundational service g...
NIST Privacy Framework: Enterprise Risk Management for the Digital Age
19 Sep 2025
Contributed by Lukas
This podcast discussion is about NIST Privacy Framework which is a voluntary, risk-based tool designed to assist organisations in managing the complex...
AWS Container Security, Architecture and Incident Response
19 Sep 2025
Contributed by Lukas
The discussion in this podcast offers a comprehensive expert analysis of container security on Amazon Web Services (AWS), focusing on the architecture...
NIST Risk Management Framework: Cybersecurity's Gold Standard
18 Sep 2025
Contributed by Lukas
The discussion in this podcast comprehensively outlines the NIST Risk Management Framework (RMF), presenting it as the definitive gold standard for cy...
Uber 2022 Data Breach: How an 18 Year Old Hacker Exploited Human Nature
18 Sep 2025
Contributed by Lukas
The discussion in this podcast analyzes the Uber 2022 data breach, detailing how a multi-vector attack exploited both technical vulnerabilities and hu...
NIST Cybersecurity Framework: A Guide to Digital Resilience
17 Sep 2025
Contributed by Lukas
The discussion in this podcast offers a comprehensive analysis of the NIST Cybersecurity Framework (CSF), detailing its evolution from a critical infr...
IPv6 on AWS: Architecture, Benefits, and Security
16 Sep 2025
Contributed by Lukas
The discussion on this podcast offers a comprehensive overview of IPv6 implementation on AWS, detailing its strategic importance and practical applica...
Quantum Supremacy: Reshaping the Future
16 Sep 2025
Contributed by Lukas
This podcast discusses around Michio Kaku's 2023 book, "Quantum Supremacy," which explores the revolutionary potential of quantum computing. Kaku's wo...
Digital Forensics: Unmasking the secret world of digital ghost
15 Sep 2025
Contributed by Lukas
In this podcast we explore the multifaceted field of digital forensics, detailing the tools, techniques, and ethical considerations involved in uncove...
AWS API Gateway: Architecture, Use Cases, and Security
14 Sep 2025
Contributed by Lukas
The dicussion in this podcast offers a comprehensive analysis of AWS API Gateway, outlining its architecture, various use cases, and robust security f...
Deep Dive: Mobile Apps and Unpacking Its Hidden Security
14 Sep 2025
Contributed by Lukas
The dicussion in this podcast offers a comprehensive overview of mobile application security, exploring its foundational architecture, prevalent threa...
OWASP API Security Top-10(2023): Essential Deep Dive
14 Sep 2025
Contributed by Lukas
The podcast dicussion introduces the OWASP API Security Top 10 (2023) list, which identifies the most critical security risks facing APIs today, highl...
Vulnerability Management and Scoring Systems
13 Sep 2025
Contributed by Lukas
In this podcast we discuss vulnerability management, a crucial cybersecurity practice involving the identification, assessment, prioritisation, resolu...
Lattice-Based Post-Quantum Cryptography: A Comprehensive Guide
13 Sep 2025
Contributed by Lukas
The podcast collectively offers a comprehensive overview of lattice-based post-quantum cryptography (PQC), detailing its fundamental principles and pr...
Session Cookies: The Digital Passport to Your Online Life
13 Sep 2025
Contributed by Lukas
The discussion in this Podcast comprehensively discuss session cookies, explaining their fundamental role in maintaining user state across stateless H...
Microservices Unpacked: Architecture, Principles, Security, and Strategic Implications
13 Sep 2025
Contributed by Lukas
The discussion in this podcast offers a comprehensive analysis of microservices architecture, contrasting it with traditional monolithic systems. It e...
APIs & Gateways: The Invisible Digital Backbone
13 Sep 2025
Contributed by Lukas
The discussion in this podcast offers an in-depth analysis of Application Programming Interfaces (APIs) and API gateways, outlining their architectura...
OWASP Top-10 A02 Cryptographic Failures: The Encryption Exploit
13 Sep 2025
Contributed by Lukas
The Podcast, "Cryptographic Failures: A Comprehensive Guide," presents an in-depth exploration of vulnerabilities stemming from improper or ...
Passkeys: Passwordless future and its hidden traps
12 Sep 2025
Contributed by Lukas
This Podcast comprehensively discusses passkeys as a cutting-edge, passwordless authentication method built on public-key cryptography. It explains th...
OSI Layer-7 Application Layer Incident Response
12 Sep 2025
Contributed by Lukas
The podcast discussion comprehensively explores the Application Layer (OSI Layer-7), focusing on incident response strategies. It examines various pro...
OSI Layer-6 Presentation Layer: Incident Response
12 Sep 2025
Contributed by Lukas
The discussion in this podcast outlines a comprehensive incident response playbook specifically for the OSI Presentation Layer (Layer 6), a critical c...
Heartbleed CVE-2014-0160: The invisible flaw that bled the internet dry
12 Sep 2025
Contributed by Lukas
The dicussion in this podcast offers a comprehensive overview of the Heartbleed bug, a critical security flaw identified as CVE-2014-0160. This vulner...
AI Powered OSINT
12 Sep 2025
Contributed by Lukas
The dicussion in this podcast explores how artificial intelligence (AI) is revolutionising open-source intelligence (OSINT), which is derived from pub...
The Invisibe Web: Your Public Digital Footprint
12 Sep 2025
Contributed by Lukas
The dicussion in this podcast critically examines the pervasive myth of digital anonymity, arguing that individuals' online presence is a fragment...
OSINT(Open Source Intelligence): Threats & Digital Self-Defense
12 Sep 2025
Contributed by Lukas
Discussion in this podcast explores the concept of Open Source Intelligence (OSINT), defining it as the systematic collection and analysis of publicly...
Public Key Infrastructure(PKI): Invisible Architect of Digital Trust
12 Sep 2025
Contributed by Lukas
This podcast discusses the critical concept of digital trust and its implementation within enterprises, highlighting the challenges organisations face...
IPsec Deep Dive: Security, Vulnerabilities, and Quantum Evolution
12 Sep 2025
Contributed by Lukas
This podcast offer a comprehensive examination of the Internet Protocol Security (IPsec) suite, detailing its role in securing network-layer communica...
S/MIME, PGP, and GPG: Securing Digital Communication for True Privacy
10 Sep 2025
Contributed by Lukas
In this podcast discussion explores email encryption technologies, primarily PGP (Pretty Good Privacy), GPG (GNU Privacy Guard), and S/MIME (Secure/Mu...
Injection Vulnerabilities: A Comprehensive Guide
09 Sep 2025
Contributed by Lukas
This podcast "Injection Vulnerabilities: A Comprehensive Guide," offers an extensive examination of injection vulnerabilities, which are a critical cy...
OSI Presentation Layer: Security, Exploits, and Defenses
08 Sep 2025
Contributed by Lukas
The podcast discussion offers a comprehensive overview of cybersecurity threats across the Open Systems Interconnection (OSI) model's various laye...
Invisible Frontline: Decoding OSI Layer-7 Application Layer Incident Response
08 Sep 2025
Contributed by Lukas
The discussion in this podcast outlines a strategic framework for responding to cybersecurity incidents that specifically target the application layer...
OSI Application Layer 7 Security: Exploits and Defense
08 Sep 2025
Contributed by Lukas
The podcast offers an extensive overview of the Open Systems Interconnection (OSI) Application Layer (Layer 7), explaining its role as the interface b...
Open Source Intelligence(OSINT): Real-World Applications and Case Studies
08 Sep 2025
Contributed by Lukas
This podcast discusses the growing threat of cybercrime and the critical role of Open-Source Intelligence (OSINT) in both perpetrating and defending a...
Advanced Persistant Threat(APT): Who are they? What do they want?
08 Sep 2025
Contributed by Lukas
This podcast offers a humorous yet comprehensive guide to Advanced Persistent Threats (APTs), defining them as highly sophisticated and persistent cyb...