In this episode Spencer and Brad review the M-Trends 2025 Report. M-Trends 2025 is Mandiant's annual report that shares frontline learnings from its global incident-response engagements—over 450 000 hours of investigations in 2024—providing sanitized, data-driven analysis of evolving attacker tactics, dwell times, industry and regional trends, and practical recommendations to help organizations improve their defenses.

M-Trends 2025: Data, Insights, and Recommendations From the Frontlines | Google Cloud Blog

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this replay, Spencer and Brad dive into lateral movement, discussing various techniques like RDP, RATs, Impacket tools, PsExec, PTH, PTT, and PowerShell Remoting. They explain how attackers use these methods to gain unauthorized access, evade detection, and enable malicious activities. They also discuss precursors to lateral movement and strategies to restrict it, such as least privilege access, network segmentation, and monitoring. The podcast emphasizes the importance of understanding lateral movement and implementing comprehensive security measures to mitigate these threats.

Resources

• https://www.reddit.com/r/cybersecurity/comments/1ellylu/what_lateral_attacks_have_you_been_seeing/
• The DFIR Report
• Lateral Movement, Tactic TA0008 - Enterprise | MITRE ATT&CK®

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Tyler and Brad discuss DMARC and how the latest version of the PCI framework requires phishing protection. You'll also learn about DMARC, DKIM, and SPF and how to elevate them to help protect your organization from attacks like Business Email Compromise (BEC).

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode of The Cyber Threat Perspective, we explore the strategic integration of deception technology like canaries and honeypots into your cybersecurity defenses. Discover how these tools allow you to detect threat actors earlier in their attack sequence, disrupt malicious activities, and mitigate potential damage to your organization. Join us for actionable insights and defensive advice to enhance your organization's security posture.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Threat reports can be goldmines for defenders — but only if we know how to extract and apply what matters. A good analysis can mean catching an attack early or missing it entirely. There's no shortage of threat intel out there. The real challenge is making sense of it without getting overwhelmed. In this episode we discuss:

• What makes up a threat report
• Goals of analyzing threat reports
• How to analyze the pieces that matter
• Actionable tips you can use today

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

In this episode, Brad and Sam discuss the most common security issues found on external penetration tests, how to find them yourself, and how to address them.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

This episode focuses on SaaS (Software as a Service) Supply Chain Attacks. We discuss what SaaS applications are most at risk, what the real danger of saas supply chain attacks are and most importantly how to defend and detect these attacks.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Dive into the quirky underworld of digital misdirection in this episode, where we explore the art of typosquatting. Discover how a simple mistyped URL can turn into a gateway for cyber trickery, as we break down the many forms of typosquatting—from subtle misspellings that mimic trusted sites to more elaborate schemes designed to deceive. Learn why these small errors are so effective in luring unsuspecting users and get insider tips on how to protect yourself from falling into these cleverly crafted traps. Whether you're a digital native or just curious about the hidden risks of the internet, this episode equips you with the knowledge and defenses you need to navigate online spaces with confidence.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com