Explore every episode of the podcast Threat Talks - Your Gateway to Cybersecurity Insights
| Title | Pub. Date | Duration | |
|---|---|---|---|
| Patch Smarter, Not Harder | 28 Oct 2025 | 00:18:17 | |
Patch smarter, not harder.
Key Topics Covered · Why “patch everything immediately” fails; availability vs. security · Staged deployments and rollback safety for crown-jewel services · Zero Trust segmentation to reduce urgency and shrink attack surface · Priority signals that matter: asset criticality, exposure, KEV, CVSS Related ON2IT content & explicitly referenced resources | |||
| Public Key Infrastructure: The Foundation of Digital Trust | 21 Oct 2025 | 00:34:41 | |
How solid is your digital trust—or are you just hoping your PKI is secure? Additional Resources Guest & Host Links:
👕 Receive your Threat Talks T-shirt 🗺️ Explore the Hack's Route in Detail 🗺️ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| From Stealth to Wipers: Inside Russia’s APT 44 AKA Seashell Blizzard | The Cybersecurity Podcast | 19 Aug 2025 | 00:25:11 | |
Russia’s most notorious cyber unit—Seashell Blizzard (also known as Sandworm, APT 44 and Iron Viking)—has taken down shipping giants, Olympic systems, and Ukraine’s power grid. In this Threat Talks deep dive, Lieuwe Jan Koning, Yuri Wit (Red Team), and Rob Maas (Blue Team) reveal exactly how these attacks unfold, why they’re so hard to stop, and how Zero Trust can tip the balance back to defenders.
Key Topics Covered • Seashell Blizzard’s attack chain: from stealth reconnaissance to mass destruction. • NotPetya & global fallout: when a Ukraine-targeted attack crippled global shipping. • Defense strategies: hardening edge devices, segmentation, and EDR behavior detection. • Zero Trust in action: protecting critical assets before the breach happens. Related ON2IT Content & Referenced Resources Click here to view the episode transcript. 👕 Receive your Threat Talks T-shirt 🗺️ Explore the Hack's Route in Detail 🗺️ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Signal Gate: One Wrong Number Triggered the Largest U.S. Gov Data Leak | The Cybersecurity Podcast | 12 Aug 2025 | 00:13:45 | |
One mis-typed contact detonates Signal Gate, turning “secure” messaging into a classified-data leak.Host Lieuwe Jan Koning (Co-founder, ON2IT) and Thomas Manolis (Security Officer, AMS-IX) lay out the breach blow-by-blow—then drop the Zero Trust, Shadow IT and information-governance tactics every CISO needs before the next incident hits.High stakes, hard lessons—compressed into actionable steps you can brief to the board.Timestamps00:00 Cold-open: “wrong recipients” analogy00:37 What really happened in Signal Gate01:38 Mistake #1 – Choosing a consumer app over classified03:34 Mistake #2 – Human error: the mis-added journalist07:55 Shadow IT, usability & Secure Messaging Apps 09:10 Information Governance, audits and technical controls12:02 Zero Trust takeaways & action planKey Topics Covered• Anatomy of the Signal Gate breach & timeline• Why Shadow IT sabotages secure operations• Building airtight Information Governance for secure messaging apps• Operationalizing Zero Trust: least privilege, continuous verification, human-centric trainingRelated ON2IT Content & Referenced Resources• “Understanding Zero Trust – Lessons from Experts” whitepaper: https://on2it.net/resources/?• Zero Trust Readiness Assessment (PDF): https://on2it.net/wp-content/uploads/2022/05/Zero-Trust-Readiness-Assessment-EN-US.pdf• Threat Talks podcast hub: https://threat-talks.com/🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Splinternet Reality Check: Zero Trust Strategies for a Fragmenting Web | 06 Aug 2025 | 00:39:31 | |
ON2IT’s Lieuwe Jan Koning goes one-on-one with AMS-IX CEO Peter van Burgel to expose why the once-open internet is splintering into rival, firewalled regions. Discover the geopolitical forces fueling this cybersecurity trend. Learn the Zero Trust resilience moves CISOs must deploy to stay sovereign in the future of the internet.Key Topics Covered• Drivers behind the Splinternet & what they mean for CISOs• Scenario-planning methodology for threat forecasting• Aligning Zero Trust with data-localization mandates• Resilience vs. redundancy: how to build real business continuity• Earth-IX concept: keeping critical flows alive amid fragmentationRelated Content & Resources• ON2IT Zero Trust Framework → https://on2it.net/zero-trust/• AMS-IX MORE-IP Conference insights → https://www.ams-ix.net/ams• EU Digital Services Act overview → https://digital-strategy.ec.europa.eu/en🔔 Follow and Support our channel! 🔔► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Zero Trust Step 4B: How to Secure Admin Access | 29 Jul 2025 | 00:13:55 | |
Administrative accounts come with serious power – and serious power, comes with serious risk. | |||
| Mastering Step Four of Zero Trust: Policy Creation | 22 Jul 2025 | 00:25:46 | |
Now that you’ve defined your protect surfaces, mapped your transaction flows and built your Zero Trust architecture, it’s time for step four of Zero Trust: creating policy. In other words, it’s time to turn strategy into actual rules. | |||
| Blockchain in a Post-Quantum World | 15 Jul 2025 | 00:30:03 | |
What does quantum computing mean for blockchain? And how should platforms respond before Q-day becomes reality? In this episode of Threat Talks, ON2IT Field CTO Rob Maas is joined by Jeroen Scheerder, who leads ON2IT's post-quantum cryptography research group. They explore how quantum algorithms interact with current blockchain designs, what makes certain cryptocurrencies more flexible than others, and where we're already seeing movement toward future-ready solutions. ⛓ How does blockchain actually work again? 🔓 What makes classical encryption vulnerable to quantum algorithms? 🧠 Why can't you just “update” Bitcoin? From cryptographic design to real-world limitations, this episode is all about understanding the risks and opportunities in a post-quantum future. Shownotes Post-Quantum Threat to Encryption episode : https://youtu.be/rimW1XJNNLo | |||
| Windows Recall: Convenience or Catastrophe? | 08 Jul 2025 | 00:23:08 | |
Windows Recall is a new feature in Windows 11 that captures screenshots every few seconds and stores them in a local database. It’s designed to help users find what they’ve seen or done: but that convenience may come at a high cost. In this episode of Threat Talks, ON2IT Field CTO Rob Maas speaks with security expert Jeroen Scheerder about the real risks of Recall. They break down how the tool works, what data it captures, and why the built-in protections may not be enough. In this episode of Threat Talks: 🧠 How Recall works and what makes it so controversial 🔍 Why bolted-on security measures leave gaps 🎯 Which users and organizations are most exposed Tune in to hear why Windows Recall is raising red flags and what you need to know to protect your organization. | |||
| Agentic AI: Hype, Hope, or Real Risk? | 01 Jul 2025 | 00:42:42 | |
Andy Grotto (founder and director of the Program on Geopolitics, Technology and Governance at Stanford University) puts it plainly: there's a 5% chance that within the next 10 years, AI could rule over humans. That number might sound small, but it's enough to take seriously.
Key topics: | |||
| Zero Trust Step Three: Build a Zero Trust Architecture | 23 Jun 2025 | 00:39:04 | |
It’s time to get practical. After identifying protect surfaces and mapping flows, the third step in Zero Trust is about designing the actual architecture.In this episode of Threat Talks, Lieuwe Jan and Rob Maas talk about segmentation, control selection, and why this is the most operational step in your Zero Trust journey.They cover:✅ Why segmentation is one of the most important Zero Trust measures🔒 How to choose and assign technical controls (and what matters most)📄 How frameworks like MITRE ATT&CK, ISO 27001, and the Cyber Kill Chain help map risks to controlsFrom translating compliance requirements into actionable controls to whiteboarding micro-perimeters and network segments, this is where the vision meets the real world.Shownotes:⁃ Zero Trust Step 1 episode: https://youtu.be/mC66i-tEEFs ⁃ Zero Trust Step 2 episode: https://youtu.be/wp0q9aZHuXc ⁃ Rick Howard episode on the Kill Chain https://www.youtube.com/watch: v=GC8z3W2OSwQ&t=1s ⁃ Outlook Web Access Deep Dive episode: https://www.youtube.com/watch?v=Bd5mhPiqT5Q 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Cybersecurity Without Borders | 17 Jun 2025 | 00:34:22 | |
From sovereign clouds to Zero Trust, and from cross-border investments to threat intelligence sharing, cooperation between the US and Europe is crucial, but still complex. With differing policies, fragmented markets, and varying strategies, the cyber world remains anything but unified.In this special episode of Threat Talks, Davis Hake (Senior Director for Cybersecurity at Venable) leads a discussion with Lisa Hill (Director of Investor Relations at Shield Capital), Chris Painter (the US’s first cyber ambassador and founder partner of the Cyber Policy Group), Lieuwe Jan Koning (CTO and co-founder of ON2IT cybersecurity) and Peter Brown (former EU official and diplomat). Together, they explore where collaboration is gaining ground and where major obstacles still stand. 🌐 How do the US and EU differ in their approach to Zero Trust and prevention?📊 What role does private sector investment play in advancing national security?🔁 Why is threat intelligence still so difficult to share effectively across borders?Tune in for a grounded conversation that connects regulation, strategy, and industry, and shows how both sides of the Atlantic are navigating today’s cyber challenges.🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Why Your Cyber Hygiene Matters? | 14 Oct 2025 | 00:21:53 | |
One unlocked phone can unravel the defenses of a billion-dollar enterprise—because in cybersecurity, small mistakes don’t stay small for long. Attackers can read notes, steal IDs, or impersonate you on WhatsApp. A reused password can launch a remote tool that looks completely legitimate. Rob Maas (Field CTO, ON2IT) and Luca Cipriano (Cyber Threat Intelligence Program Lead, ON2IT) reveal how poor cyber hygiene erodes trust, endangers partners, and weakens enterprise defenses.
What You’ll Learn (From Real-Life Example Discussions) • How a stolen phone quickly turns into identity theft, impersonation, and scams targeting your contacts. • A real SOC case: a contractor’s reused password allowed attackers to hide a remote access tool inside normal IT activity. • How OSINT and dark web data reveal how password reuse spreads risk across accounts. • Why shared tools like Google Docs can quietly multiply breaches when one user slips up. • Simple upgrades—MFA, password vaults, breach alerts, and secure devices—that cut your organization’s exposure fast. Click here to view the episode transcript. Guest and Host Links: If this helped, subscribe to Threat Talks. Share this episode with your partners and contractors—stronger cyber hygiene across your ecosystem protects everyone. 🔔 Follow and Support our channel! 🔔 👕 Receive your Threat Talks T-shirt 🗺️ Explore the Hack's Route in Detail 🗺️ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Will AI Replace Human Pentesters? | 10 Jun 2025 | 00:40:24 | |
AI vs. Human Pentesting: Who Wins?What happens when you try to automate something that’s part science, part art? In an industry rushing to adopt AI for everything from detection to response, the real question is: can a machine truly replace the craft of a human pentester?In this episode of Threat Talks, host Lieuwe Jan Koning is joined by Melanie Rieback, co-founder and CEO of Radically Open Security, and Luca Cipriano, a red teamer and threat intel specialist. Together, they dig into what makes great pentesting work.Melanie explains why her company donates 90% of profits to open source and operates with a not-for-profit model, and how that connects with their mission to support NGOs and civil society groups. Together, she and Luca share their hands-on experience with pentesting and why creativity, gut instinct, and lateral thinking are still crucial in ethical hacking.They discuss:🤖 Can AI outsmart human red teamers?🧠 What makes great hacking truly human?🔍 What’s still too complex for automation?From tool-assisted testing to old-school intuition, this conversation offers a grounded take on the reality of modern pentesting and what AI can’t do (yet).🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Rethinking OT: It's All Just Technology | 03 Jun 2025 | 00:49:12 | |
PLCs with default passwords. Devices searchable online. Siloed asset inventories. These OT challenges are common, but they’re also fixable. In this episode of Threat Talks, host Lieuwe Jan Koning sits down with Venable’s Caitlin Clarke and Schneider Electric’s Patrick Ford to discuss why the OT side of your business deserves the same focus and attention as IT. From default passwords to exposed PLCs, they show how these ‘tech risks’ span beyond just OT and IT. They discuss:✅ How to replace "default" thinking on OT security🌐 Spotting internet-facing assets before attackers do🔍 Using CISA’s Installed Base Initiative to locate orphaned tech🤝 Building joint response plans across IT, OT, and governmentOrganizations are getting ahead of risk by building live OT inventories, applying smart controls, and partnering with federal teams to strengthen critical infrastructure. Are you ready to join them?Additional Resources:► Securing critical infrastructure: https://www.se.com/ww/en/download/doc...🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: / @threattalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUE...► APPLE: https://podcasts.apple.com/us/podcast...👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Zero Trust Step 2: Map Transaction Flows | 27 May 2025 | 00:13:08 | |
Once you have defined a few protect surfaces (see: Step 1 of Zero Trust-video link below), the next step is to start mapping the transaction flows: how these protect surfaces communicate with one another.
Understanding how data travels to, from and around protect surfaces is your next logical movie. Why? Because if you don’t know how your systems talk to each other, you can’t secure them.
In this episode of Threat Talks, host Lieuwe Jan Koning and Field CTO Rob Maas discuss how to identify communication paths between protect surfaces and why this visibility is critical for both risk containment and policy validation. They explore: ✅ How to identify communication paths ⛕The difference between inbound and outbound traffic (and why this matters) 🙋🏼♂️Why business owners and business context are essential Get all the details and insights on this second step of Zero Trust: mapping the transaction flows. Additional Resources: ► Zero Trust Step One: https://youtu.be/mC66i-tEEFs | |||
| The OT Attack Cyber Kill Chain | 20 May 2025 | 00:24:48 | |
Now that we know what a PLC, HMI and SCADA are (check out last week’s episode for a refresher if you need one!), we’re ready for part two of our OT deep dive: how does an OT attack work? In this Deep Dive, Rob Maas and Luca Cipriano break down just how complex an OT attack really is. From needing to stay hidden, to requiring access to very specific system settings and blueprints; setting up a successful OT attack (thankfully) is no easy task. But does that mean it’s easier to defend against them?Key topics:⚙️ How IT and OT attacks differ☠️ What the ICS cyber kill chain is🌎 How OT attacks can impact whole nationsJoin Rob and Luca for a discussion on the motivations behind OT attacks, how to bridge the gap between cybersecurity and engineering, and what we can do to prevent these high impact OT attacks. Additional Resources: ► Operational Technology for Dummies (Previous Episode): https://youtu.be/Pdp_OCf6npQ ► Inside Volt Typhoon: China’s Silent Cyber Threat: https://youtu.be/DSalzpj59RI ► Hack the Boat - cybersecurity on the high seas 🌊 - Threat Talks Cybersecurity Podcast: https://youtu.be/Xa0TJ3eRTCw | |||
| Operational Technology for Dummies | 13 May 2025 | 00:26:08 | |
From heating systems in Ukraine to petrochemical plant safety controls, Operational Technology (OT) systems are the hidden workhorses behind critical infrastructure: and they're wide open to cyber threats.
In this Deep Dive, Rob Maas sits down with Luca Cipriano to break down what OT is, why it’s different from IT, where the two overlap and how we can start securing both before it’s too late.
Key topics: ⚙️ What OT is (and isn’t) 📉 Why IT and OT often don’t speak the same language 🛠️ Real-life OT cyberattacks (hello, FrostyGoop and TRITON) Welcome to OT 101: explained in plain language, with a healthy dose of practicality. | |||
| OT’s Hidden Cyber Risks | 06 May 2025 | 00:31:40 | |
From ships and cities to hospitals and airports, Operational Technology (OT) keeps the world running. The problem? It was never designed with cybersecurity in mind.
In this episode of Threat Talks, host Karin Muller is joined by TC Hoot (VP of Contracts at TAC) and Luca Cipriano (Threat Intel Specialist at ON2IT) to explore how airports, hospitals, ports, and even water systems can be compromised.
Key topics they tackle: 🛳️ Why are modern ships, airports, hospitals and even cities targeted? 🛡️ What makes OT so hard to secure compared to IT? ✈ What do real-world OT threats look like and how can we defend against them?
If you’ve ever asked “how could a fish tank lead to a casino breach?” or “can someone actually hack an airport’s baggage system?” this one’s for you. | |||
| Zero Trust Starts Here | 29 Apr 2025 | 00:22:07 | |
Zero Trust is about more than just IP addresses and firewalls: it’s about understanding what truly matters to your business. In step one of Zero Trust: define your protect surface, we focus on how to prioritize what you want to protect, how to avoid common pitfalls, and how to kick off your Zero Trust journey from a solid, business-aligned foundation. In this episode of Threat Talks, host Lieuwe Jan Koning and Field CTO Rob Maas get down to the basics of step one of Zero Trust: defining the protect surface. They explore: ✅ Methods for defining protect surfaces ⛨ Establishing the relevance of each protect surface 📈 How to align your cybersecurity with business needs and goals In this second episode of a multi-part deep dive on Zero Trust, Lieuwe Jan and Rob clarify where to start with Zero Trust implementation, discuss the importance of business and board involvement and explain why starting small is key. | |||
| Zero Trust Demystified: What is Zero Trust Really About? | 22 Apr 2025 | 00:20:29 | |
Zero Trust is everywhere – but what does this actually mean? Is it a cybersecurity strategy, a set of tactics, a product you can buy, or just clever marketing? In this kickoff episode of this Zero Trust series, Lieuwe Jan Koning and Rob Maas explore what Zero Trust actually is, how to think about it strategically, and why it’s not just about identity or buying new tools. They discuss: ✅ Why Zero Trust isn’t a product, and what it actually is 🗺️ The five steps and four core principles of Zero Trust 🚧 Why business alignment – and not anything technical – is the hardest part of Zero Trust implementation They debunk the most common myths, from “Zero Trust is identity” to “just buy a firewall,” and explain what it takes to embed Zero Trust into business operations. A must-watch, whether you’re just curious, are just starting your Zero Trust journey or are already well underway. | |||
| Inside Volt Typhoon: China’s Silent Cyber Threat | 15 Apr 2025 | 00:34:02 | |
What happens when a cyber threat actor doesn’t want to make headlines? Volt Typhoon, a state-sponsored group tied to the People’s Republic of China, has been quietly infiltrating Western critical infrastructure, staying under the radar by avoiding malware, using native tools, and taking things slow.
In this episode of Threat Talks, Lieuwe Jan Koning is joined by Rob Maas and Luca Cipriano to break down how these attackers operate and what their endgame might be.
💨 What makes “low and slow” attacks so hard to detect? 🔧 How do living-off-the-land tactics help attackers blend in? 📉 What motivations do threat actors like Volt Typhoon have?
Volt Typhoon isn’t just another cyber threat: it’s a sign that the game has changed. If you’re focused on national security, infrastructure, or advanced threat defense, you won’t want to miss this episode. | |||
| Cybercrime-as-a-Service: The Disney+ of the Dark Web | 08 Apr 2025 | 00:31:14 | |
Dark Markets are making cybercrime more accessible than ever. Malware, remote access tools, phishing kits, credit cards information: all of it is readily available, and oftentimes available as a service, if you just know where to look. Subscribing to these illicit services is now as easy as signing up for Disney+.
In this Deep Dive, host Rob Maas and special guest, cybersecurity researcher Michele Campobasso, discuss dark markets, and the rise of cybercrime-as-a-service.
Key questions answered in this Deep Dive: 🕶️ What are dark markets, and how do they work? 🔑 How do cybercriminals (or intrepid researchers) access these dark markets? 🎬 How is cybercrime becoming as accessible as a streaming service? ⚠️ What risks do businesses face from dark markets? 🔎 What role does threat intelligence plays in monitoring these markets?
With cybercrime as easy to access as a Netflix subscription, Rob and Michele explore how these underground marketplaces operate, how they’re changing the threat landscape, and what organizations can do to protect themselves. | |||
| Resilience Over Fragmentation: The Risk You Can’t Ignore | 07 Oct 2025 | 00:56:26 | |
The internet promised freedom. Now it monetizes you. The trade-off? Convenience for control. Real examples you’ll hear:
Related ON2IT Content & Referenced Resources • ON2IT: https://on2it.net/ • Threat Talks: https://threat-talks.com/ • AMS-IX: https://www.ams-ix.net/ams • Yivi (privacy-preserving authentication): https://yivi.app/ • PubHubs (privacy-first social platform): https://pubhubs.net/ • European alternatives (mentioned): http://european-alternative.eu/ • Privacy tools (mentioned): https://privacytools.io/ Guest and Host Links: If this helped you strengthen your Zero Trust policy, subscribe, like, and share. New episodes weekly. Follow Threat Talks on YouTube, Spotify, and Apple Podcasts. Click here to view the episode transcript. 👕 Receive your Threat Talks T-shirt 🗺️ Explore the Hack's Route in Detail 🗺️ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Inside the Dark Web Economy: $10 for Your Identity & Corporate Access? | 01 Apr 2025 | 00:37:57 | |
The Dark Web Economy: Hacks for $10? Would you pay $10 for access to a corporate system? Because someone on the dark web already has. In this episode of Threat Talks, host Lieuwe Jan Koning talks to cybersecurity researcher Michele Campobasso about the business of cybercrime. From ransomware services to stolen credentials, the dark web is thriving.
💰 How much is YOUR data worth on the dark web?
Cybercriminals operate like well-run businesses, offering hacking tools, stolen credentials, and even customer support. But if cybercrime is getting more sophisticated, what can individuals and businesses do to fight back? | |||
| Why Precision Time Matters in Cybersecurity | PTP vs NTP Explained | 25 Mar 2025 | 00:22:31 | |
⏳ What happens when time goeswrong?
Time synchronizationis an overlooked but essential part of cybersecurity. A few microseconds ofdrift can lead to failed transactions, inaccurate forensic logs, or evensecurity breaches.
In this episode of ThreatTalks, host Rob Maas (Field CTO, ON2IT) and guest Jan van Boesschoten(Innovation Manager, AMS-IX) discuss:
· How does time impact cybersecurity, and whathappens when it drifts? · Why is NTP no longer sufficient for high-speeddigital transactions? · How does Precision Time Protocol (PTP) providemicrosecond accuracy (and why does that matter)? · Could time manipulation be an attack vector,and how do organizations mitigate this risk?
From financialtransactions to forensic log analysis, knowing exactly when an eventoccurs can make or break an organization’s security posture. | |||
| Why SSL Decryption Matters | 18 Mar 2025 | 00:48:13 | |
Many organizations hesitate to implement SSL decryption due to concerns over complexity, privacy, and performance. However, the reality is that failing to decrypt means failing to see threats.In this Deep Dive, host Lieuwe Jan Koning and Rob Maas (Field CTO at ON2IT) explore why decrypting SSL traffic is critical for cybersecurity.
Rob Maas explains how decrypting SSL traffic allows security teams to detect and stop threats at an early stage, preventing malware downloads, phishing attempts, and web-based attacks before they reach endpoints. | |||
| Intrusion Kill Chain: Stop Playing Defense with Rick Howard | 11 Mar 2025 | 00:28:23 | |
Cybersecurity shouldn’t always be about playing defense – it can also be about disrupting attackers before they succeed. In this Deep Dive, host Lieuwe Jan Koning and cybersecurity expert Rick Howard break down the Intrusion Kill Chain and the strategic shift it introduced in the world of cybersecurity.
Despite decades of talk about intelligence sharing, most information is still exchanged manually, often via spreadsheets. As Howard points out, a true global threat-sharing framework could give defenders the upper hand. Don’t miss this deep dive into adversary strategies and what they mean for the future of cybersecurity. 👕 Receive your Threat Talks T-shirt via https://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️ via https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Reboot of Strategy: Back to cybersecurity basics with Rick Howard | 04 Mar 2025 | 00:49:58 | |
I think, therefore I am, is René Descartes’first principle. But how does that relate to cybersecurity?
In this episode of Threat Talks, hostLieuwe Jan Koning is joined by Rick Howard – former Commander of the US Army’sComputer Emergency Response Team and former CSO of Palo Alto Networks – todiscuss the first principle of cybersecurity.
❓What’s the difference between cybersecurity strategy and tactics? ❓How come some random geezers are better at cybersecurity forecastingthan industry pros? ❓Is resilience the ultimate cybersecurity strategy? ❓Why does Rick Howard think Zero Trust is a passive strategy?
And for the book lovers amongst us – over500 cybersecurity books are published each year. Wanna know which are worthyour time?
Rick Howard’s Cybersecurity Canon has gotyou covered: https://icdt.osu.edu/about-cybersecurity-canon 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| The Rising Threat of Deepfakes - Threat Talks Cybersecurity Podcast | 25 Feb 2025 | 00:20:20 | |
🚨 Can you still trust what you see? 🚨 Deepfakes aren’t just for entertainment anymore: they’re now an increasingly powerful tool for cybercriminals. With AI advancing rapidly, attackers can clone voices, fake identities, and manipulate live video in real time. In this episode of Threat Talks, we explore how deepfake scams have already cost companies millions. From CEO voice fraud to bypassing identity checks, the risks are rising. 👥 How do deepfakes work? 👥 What makes them so dangerous? 👥 How can organizations protect themselves? Join host Rob Maas and ON2IT SOC analyst Yuri Wit as they break down the latest deepfake threats and what you can do to stay ahead. 👕 Receive your Threat Talks T-shirt https://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Post-Quantum Threat to Encryption: Are You Ready? - Threat Talks Cybersecurity Podcast | 18 Feb 2025 | 00:21:23 | |
Quantum computing promises unprecedented computational power, but it also threatens the encryption standards we trust today. In this episode of Threat Talks, Jeroen Scheerder from ON2IT delves into post-quantum cryptography and answers key questions:
🎯 Key Takeaways 🛡 Data minimization and post-quantum cryptographic algorithms are essential. 📈 Start planning your migration strategy now. 🚨 Don’t procrastinate – quantum computing is coming sooner than you think. 💻 More Resources: Visit Threat-Talks.com to stay informed on quantum computing and its impact on cybersecurity. 📢 Like, Subscribe & Share – Help us spread the word about preparing for the quantum age!=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/post-quantum-threat-to-encryption/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com/downloads/🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Breaking the Defenses: EDR Bypass - Threat Talks Cybersecurity Podcast | 11 Feb 2025 | 00:25:17 | |
🔒 Are endpoint protection solutions enough to safeguard your organization? In this episode of Threat Talks – The Deep Dive, Rob Maas hosts Luca Cipriano, ON2IT’s Cyber Threat Specialist, to uncover the truth. Learn✅ The differences between AVs, EDRs, and XDRs ✅ Common bypass techniques used by attackers ✅ Why defense-in-depth and Zero Trust are must-haves for any cybersecurity strategy 💡 Key Insights
📩 Have questions or thoughts? Reach out at team@threat-talks.com! 🎙️ Follow Threat Talks for weekly cybersecurity insights.=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/breaking-the-defenses-edr-bypass/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com/downloads/🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Inside the Hackers Mind with Tom van de Wiele - Threat Talks Cybersecurity Podcast | 04 Feb 2025 | 00:58:51 | |
Ever wondered what it’s like to see cybersecurity through a hacker’s eyes? In this episode of Threat Talks, Lieuwe Jan Koning talks with Tom van der Wiele, ethical hacker and founder of Hacker Minded, about how cybercriminals operate and how businesses can defend themselves. 📌 What You’ll Learn:
With over two decades of experience, Tom offers unique perspectives on staying one step ahead in the ever-evolving world of cybersecurity. 🎯 Don’t forget to like, share, and subscribe to stay informed on the latest cybersecurity insights. New episodes every Tuesday! === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt https://threat-talks.com/inside-the-hackers-mind/ 🗺️ Explore the Hack's Route in Detail 🗺️ https://threat-talks.com/downloads/ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Salt Typhoon: How Nine Telecom Providers were Compromised - Threat Talks Cybersecurity Podcast - Threat Talks Cybersecurity Podcast | 28 Jan 2025 | 00:29:53 | |
Salt Typhoon: Inside the Coordinated Breach of Nine Telecom Providers A sweeping cyberattack, known as Salt Typhoon, has exposed the vulnerabilities of nine major telcos, leaving sensitive communications and surveillance data in the hands of attackers. How did this happen, and what lessons can we learn? In this Threat Talks Deep Dive, host Lieuwe Jan Koning teams up with ON2IT’s Rob Maas (Field CTO) and Jeroen Scheerder (Security Researcher) to dissect every aspect of this high-profile breach. 🔍 What you’ll learn:
This episode dives into the attack’s technical anatomy, discusses its implications for both governments and private organizations, and explores how individuals can secure their communications in an era of increasing surveillance. Join us to understand how Salt Typhoon unfolded—and what it means for the future of telecom security. 🔔 Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt https://threat-talks.com/salt-typhoon-how-nine-telcos-were-compromised/ 🗺️ Explore the Hack's Route in Detail 🗺️ https://threat-talks.com/downloads/ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Zero Trust Step 5B: Maintain Controls | 30 Sep 2025 | 00:17:28 | |
Boards don’t buy dashboards—they buy assurance. Breaches are late-stage symptoms of drift: rules pile up, logs lose signal, cloud/Kubernetes outpace governance. Lieuwe Jan Koning (ON2IT Co-Founder) and Rob Maas (Field CTO) show how Zero Trust Step 5B (Maintain) proves your controls still work—today.
Related ON2IT Content & Referenced Resources • Threat Talks homepage: https://threat-talks.com/ • ON2IT Zero Trust: https://on2it.net/zero-trust/ Zero Trust Series Guest and Host Links: If this helped you strengthen your Zero Trust policy, subscribe, like, and share. New episodes weekly. Follow Threat Talks on YouTube, Spotify, and Apple Podcasts. Click here to view the episode transcript. 👕 Receive your Threat Talks T-shirt 🗺️ Explore the Hack's Route in Detail 🗺️ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| ONCD: The Cyber Catalyst with Davis Hake - Threat Talks Cybersecurity Podcast | 21 Jan 2025 | 00:45:23 | |
ONCD: The Cyber Catalyst with Davis Hake How can governments lead the charge in global cybersecurity efforts? In this compelling episode of Threat Talks, host Lieuwe Jan Koning sits down with returning guest Davis Hake, cybersecurity expert and advisor, to explore the critical role governments play in the cyber landscape. 👾 The ONCD’s mission and its role in U.S. cybersecurity. 👾 Lessons from the Biden administration’s approach to combating ransomware and cybercrime. 👾 Why global collaboration is key to countering modern threats. Watch now to uncover how governments and businesses can work together to secure the digital future. 🔔 Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/oncd-the-cyber-catalyst/ 🗺️ Explore 2024's Hack's Routes in Detail 🗺️ https://threat-talks.com/downloads/ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| The State of Cybersecurity in the European Union with Hans de Vries - Threat Talks | 13 Jan 2025 | 00:38:21 | |
The State of Cybersecurity in the European Union Cyber threats know no borders, and in the European Union, harmonizing cybersecurity efforts across 27 member states is no small feat. In this episode of Threat Talks, host Lieuwe Jan Koning speaks with Hans de Vries, Chief Cybersecurity and Operational Officer at ENISA, about the critical work being done to secure Europe’s digital future. 📌 Topics covered
🎥 Watch now to explore how Europe is building a safer digital environment for its citizens and businesses. 👉 Don’t forget to like, subscribe, and share to help us spread the word! | |||
| Cyber Outlook 2025 - One Year of Threat Talks | 07 Jan 2025 | 00:41:43 | |
2025: The Year of AI and Cybersecurity Evolution Kick off 2025 with the latest insights from Threat Talks! In this episode, host Lieuwe Jan Koning sits down with Peter van Burgel, CEO of AMS-IX, to discuss how AI and cybersecurity are reshaping the landscape this year. 🚀 What’s inside this episode? 🔹 A sneak peek into AI advancements: Could we see virtual CEOs? 🔹 The rise of Zero Trust supply chain strategies. 🔹 Navigating the skills gap in an evolving digital world. 🔹 AI in cybersecurity: Opportunities, risks, and where to focus. 🔹 Power consumption and sustainability in AI’s rapid growth. AMS-IX's role as a critical part of internet infrastructure and its cybersecurity responsibilities highlight the importance of collaboration and awareness in today’s complex geopolitical climate. Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt https://threat-talks.com/cyber-outlook-2025-one-year-of-threat-talks/ 🗺️ Explore all 2024's Hack's in Detail 🗺️ https://threat-talks.com/downloads/ 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| 2024: The Breaking Point - One Year of Threat Talks | 31 Dec 2024 | 00:47:03 | |
🎥 Threat Talks - One Year of Insights with Peter van Burgel, CEO of AMS-IX As 2024 comes to a close, we’re celebrating a year of transformative conversations with a special edition of Threat Talks! Join Lieuwe Jan Koning and Peter van Burgel, CEO of AMS-IX, as they reflect on the past year’s most significant developments in cybersecurity and the lessons learned. In this Threat Talk, we: 👾 Look back at the major trends and threats of 2024. 👾 Discuss how organizations adapted to an ever-changing security landscape. 👾 Highlight key moments from Threat Talks throughout the year. Whether you're a cybersecurity enthusiast, a tech professional, or simply curious about how to safeguard the digital future, this episode is packed with insights you won't want to miss! 🔔 Don’t forget to like, subscribe, and hit the notification bell to stay updated with future episodes of Threat Talks. 👉Best way to support the channel: give us a like! 🎧 Available on all major podcast platforms. ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/2024-the-breaking-point/ 🗺️ Explore all 2024's infographics 🗺️ https://threat-talks.com/downloads/ 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX | |||
| Dutch Law Enforcement Data Breach - Threat Talks Cybersecurity Podcast | 24 Dec 2024 | 00:19:55 | |
Imagine the names, job functions, email addresses and phone numbers of police officers, DAs, and even critical key witnesses being hacked and leaked to the public. This isn’t the opening to some spy novel – it’s what actually happened when the Dutch Law Enforcement suffered a serious data breach in September of this year. Initially reported as a breach ‘only’ involving personal data of 65.000 law enforcement employees, it later became clear that much more data was leaked - and not just data from law enforcement personnel. In this Deep Dive, host Lieuwe Jan Koning, Security Expert Jeroen Scheerder and Field CTO Rob Maas take an in-depth look at how this breach unfolded, the poor security track record of the software that was used and what the Dutch Law Enforcement could’ve done better when it comes to handling the publicity of a data breach. 👉Best way to support the channel: give us a like! 🎧 Available on all major podcast platforms. ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/prevent-pay-or-insure/ 🗺️ Explore the Hack's Route in Detail 🗺️ https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX | |||
| Conti Ransomware Attack on Costarican Government - Threat Talks Cybersecurity Podcast | 17 Dec 2024 | 00:21:55 | |
🌎 Conti Attack on Costa Rica: When Ransomware Halts a Nation 🌎 What happens when a ransomware group attacks an entire country? In this Threat Talk, we dive deep into the Conti ransomware attack that crippled the Costa Rican government. From healthcare systems shutting down to unpaid government salaries and even tax collection grinding to a halt—this unprecedented cyberattack became a national emergency with global implications. Join Lieuwe Jan Koning as he unpacks the timeline, impact, and lessons learned from this catastrophic event. Discover the vulnerabilities that allowed this to happen, the strategies used by Conti, and how governments and organizations worldwide can prepare for such sophisticated cyber threats. 💡 What You’ll Learn in This Episode
🔒 Who Should Watch?
🚀 Don’t miss this in-depth analysis of one of the most talked-about ransomware attacks in recent history! Subscribe now to Threat Talks for more cutting-edge discussions on cybersecurity, threat intelligence, and digital defense strategies. 👉 Support the channel: give us a like! 🎧 Available on all major podcast platforms. ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 | |||
| MGM Resorts ALPHV/BlackCat Ransomware Attack - Threat Talks Cybersecurity Podcast | 10 Dec 2024 | 00:29:18 | |
🎙 Threat Talks: Unpacking the MGM Resorts ALPHV/BlackCat Ransomware Attack 🕵️♂️ In this Threat Talk, we dive deep into a cybersecurity incident in 2023: the MGM Resorts ransomware attack by ALPHV/BlackCat and Scattered Spider. From sophisticated social engineering tactics to deploying a shadow identity provider for persistence, this attack demonstrates the capabilities of collaborating ransomware groups. Join cybersecurity experts Lieuwe Jan Koning, Luca Cipriano (Threat Intel Specialist), and Rob Maas (Field CTO) as they break down:
Key Insights
If you’re a cybersecurity professional or just curious about the latest in cyber threats, this episode is a must-watch. Stay informed, stay secure! 💻
👉 Support the channel: don’t forget to LIKE, COMMENT, and SUBSCRIBE :). 🎧 Available on all major podcast platforms. ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/prevent-pay-or-insure/ 🗺️ Explore the Hack's Route in Detail 🗺️ https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf | |||
| Prevent, Pay or Insure - Threat Talks Cybersecurity Podcast | 03 Dec 2024 | 00:58:25 | |
💰Prevent, Pay or Insure? 💰 Days before MGM’s computer systems were taken down in a cyberattack, fellow casino operator Caesars paid a $15 million ransom to attackers who infiltrated its systems. MGM chose not to pay and dealt with different costs because of it - did the two casino giants wind up paying similar amounts down the line? And what role does cybersecurity insurance play in these scenarios? In this episode of Threat Talks, host Lieuwe Jan Koning and special guest David Hake (co-founder of Resilience, professor of Cyber Risk Management at UC Berkeley and advisor at Venable LLP) discuss these cyberattacks on MGM and Caesars, exploring how organizations can better prepare for and respond to ransomware incidents. Dialing in to the conversation, Threat Intel Specialist Luca Cipriano offers a preview of our Deep Dives into three critical threats relevant to these attacks, providing valuable technical insights. The by now age-old dilemma remains: should companies pay ransom or refuse? But beyond that, how can they focus on prevention? And where does cybersecurity insurance fit into the equation? If businesses insure their personnel, facilities, and revenue, isn’t it time to also insure their cybersecurity? 🔔 Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/prevent-pay-or-insure/ 🗺️ Explore the Hack's Route in Detail 🗺️https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX | |||
| UNIX CUPS Remote Code Execution - The Fallacy of Default Trust - Threat Talks Cybersecurity Podcast | 26 Nov 2024 | 00:20:32 | |
"Hello! I'm a Printer! Please Let Me In!" “Hello! I’m a printer! Please let me enter, thank you!” – It may sound absurd, but this is how attackers can trick your Linux systems through the cups-browsed service..
In this latest Threat Talk, Lieuwe-Jan Koning reveals, with ON2IT’s Rob Maas and Luca Cipriano how a seemingly harmless printer can turn into a hacker’s gateway to your network.
With open ports and weak default configurations, your Linux environment could be more exposed than you think.
🔒 Tune in to learn how these vulnerabilities can be exploited and, more importantly, what steps you can take to secure your systems. Don’t wait until it’s too late!
📊 Bonus Resource: We’ve created an in-depth infographic breaking down these hacks in detailed illustrations—an invaluable tool for all security information professionals! https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf 🔔 Hit that subscribe button and show your support! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/ 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX #CUPS #cybersecurityexperts #printers #threattalks eatTalks #techsafety #securitymatters #threatintelligence #cybersecurityexperts #unix | |||
| XZ Utils Critical Backdoor (CVE- 2024-3094) - The Fallacy of Secure Open Source Code | 19 Nov 2024 | 00:29:36 | |
⏰ How much time would you spend on executing the perfect hack? ⏰ The user going by the name of ‘JIAT75’ spent almost three years infiltrating and contributing to a GitHub repo for one singular reason – access to release manager rights for the next XZ Utils update. In this episode of Threat Talks, host Lieuwe Jan Koning is joined by Thomas Manolis, Information Security Officer at AMS-IX, and Jeroen Scheerder, Security Specialist at ON2IT, to discuss this meticulously executed breach in the open-source community.
Using clever social engineering tactics, Jia Tan (JIAT75) built a credible reputation within said community, gaining trust and access to introduce malicious code undetected. The breach was only discovered by chance when Andres Freund, an engineer at Microsoft, traced unusual system latency back to XZ Utils and uncovered the backdoor.
What exactly happened? How lucky did we get with Freund discovering the backdoor? And how do we know that something like this hasn’t happened before? 🔔 Follow to Support our channel! 🔔 ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E 🗾 Explore the XZ Utils Critical Backdoor Details 🗾
Our exclusive infographic maps out the step-by-step tactics hackers use to exploit these vulnerabilities. Perfect for IT teams and Information Security Officers, it’s designed to help you stay one step ahead.
👕 Get your own Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/
🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX === #ThreatTalks #ON2IT #Cybersecurity #Fallacies #CrowdStrike #SecurityMatters | |||
| Defend Against Hacktivist Groups like APT Handala | The Cyber Security Podcast | 23 Sep 2025 | 00:30:32 | |
Hacktivists don’t need zero-days to hurt you—they weaponize people. Host Lieuwe Jan Koning sits down with Yuri Wit (SOC analyst) and Rob Maas (Field CTO) to dissect APT Handala: how they hunt targets, deliver wipers, and brag about leaks. We map their moves to the Lockheed Martin Kill Chain and turn it into a Zero Trust defense playbook you can actually use—today.
Key Topics Covered • Handala’s playbook: people-centric recon, phishing kits, wipers, boast-and-leak ops. • Zero Trust counters: deny-by-default egress, newly-registered-domain blocks, hard EDR, passkeys. • SOC tells: DNS DGA spikes, encrypted C2 on common apps, “human error” as the biggest CVE. • Comms reality: when openness helps—and when strategic silence limits amplification. Additional Resources Click here to view the episode transcript. 👕 Receive your Threat Talks T-shirt 🕵️ Threat Talks is a podcast created in collaboration with ON2IT and AMS-IX. Each episode features leading cybersecurity experts sharing real-world insights on emerging threats, trends, and defense strategies — helping organizations stay secure in today’s rapidly evolving digital world. ON2IT website: https://on2it.net/ | |||
| CrowdStrike Auto-Update Disaster - Threat Talks Cybersecurity Podcast | 12 Nov 2024 | 00:22:33 | |
☠️ CrowdStrike: 8.5 million blue screens of death ☠️ Did you know that last July’s CrowdStrike outage led to closed airports, inaccessible bank accounts and hospitals that were only delivering emergency care that did not require any computers?
In this Threat Talk, Lieuwe Jan Koning is joined by Rob Maas and Jeroen Scheerder as they discuss the CrowdStrike outage and, more importantly, what could have been done to prevent such an impactful event from happening in the first place.
What exactly are the inherent risks of automatic updates? And can they be set up in such a way that what happened with CrowdStrike won’t happen again? 🔔 Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Get your own Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/ 🗾 Explore the CrowdStrike Outage's Details 🗾 https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX | |||
| Breaking the Illusion: Exposing Security Fallacies - Threat Talks Cybersecurity Podcast | 05 Nov 2024 | 00:53:32 | |
🔍 Breaking the Illusion: Confronting Cybersecurity’s Biggest Fallacies 🔍 Think you know the route a hacker might take? Think again! In this eye-opening Threat Talk, Lieuwe Jan Koning dives into the critical fallacies of cybersecurity with top experts Fleur van Leusden, CISO and host of CISO Praat, and Jeroen Scheerder. ✨ Fleur unpacks one of the industry’s biggest blind spots: the heavy reliance on user awareness as a defense mechanism. While user education has its place, she argues it’s not enough to withstand today’s sophisticated threats. Instead, Fleur and Jeroen explore the essential need for technical controls and resilient systems that go beyond awareness alone. 🔥 Rethink conventional strategies, dissect the recent CrowdStrike auto-update disaster, the XZ Utils backdoor (CVE-2024-3094), and a UNIX CUPS vulnerability 🖨️—revealing why proactive, layered defenses are the only way forward. Don’t miss this essential discussion on the true foundations of cybersecurity! 🛠️🔒 === 🗺️ Explore the Hack's Route in Detail 🗺️ Our exclusive infographic maps out the step-by-step tactics hackers. Perfect for IT teams and Information Security Officers. https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf 👕 Receive your Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/ #ThreatTalks #ON2IT #Cybersecurity #Fallacies #CrowdStrike #UNIXCUPS #XZUtils #SecurityMatters | |||
| Binance BNB Smartchain Attack - Deep Dive - Threat Talks Cybersecurity Podcast | 29 Oct 2024 | 00:26:02 | |
Imagine creating millions in cryptocurrency…without spending a cent. 💸 🔍 Explore the Binance BNB Chain Attack, where attackers used cross-chain bridges to create crypto assets out of thin air. 👾 Dive into the exploit’s details, from blockchain’s cryptographic structures to vulnerabilities in cross-chain transfers. With breakdowns of Merkle trees and validation flaws, this discussion reveals how even minor misconfigurations can lead to massive security gaps. 🔍 Curious about blockchain risks and crypto asset security? Want to gain insight into safeguarding assets in a digital-first world? >> Check this episode! === 📈 Download the infographic https://on2it.s3.amazonaws.com/Infographic-breaking-the-bank.pdf 👕 Request your own Threat Talks T-shirt https://threat-talks.com/breaking-the-bank/ 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX. | |||
| Hack the Boat Ballast System - Deep Dive - Threat Talks Cybersecurity Podcast | 22 Oct 2024 | 00:25:06 | |
𝐄𝐯𝐞𝐫 𝐛𝐞𝐞𝐧 𝐚𝐬𝐤𝐞𝐝 𝐭𝐨 𝐡𝐚𝐜𝐤 𝐚 𝐛𝐨𝐚𝐭? When Luca Cipriano and Jeroen Scheerder were given the challenge, they took an unexpected approach—step one: build the boat themselves. It was a scale model, but they made sure it closely mirrored a real boat’s systems. With help from Damen Shipyards engineers, they even included a working ballast system. Of course the next step was to hack said ballast system. In this Threat Talks episode, Lieuwe Jan Koning chats with Luca and Jeroen about building the boat, why they did it, the fun they had along the way and whether or not their plan worked. They also dive into how they hacked the ballast system and how such an attack could’ve been prevented. 𝐃𝐨𝐧’𝐭 𝐦𝐢𝐬𝐬 𝐨𝐮𝐭! 🔔 𝘚𝘶𝘣𝘴𝘤𝘳𝘪𝘣𝘦 🔔 and stay tuned for fascinating deep dives into the world of cybersecurity. === -- 🌎 -- threat-talks.com -- 📈 -- Threat Talks infographics -- 👕 -- Receive your own Threat Talks T-shirt 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX | |||