DiscoverThe Cyber Riddler
The Cyber Riddler
Claim Ownership

The Cyber Riddler

Author: Ahmad Almorabea

Subscribed: 13Played: 201
Share

Description

The Cyber Riddler is a podcast that discusses interesting topics in the field of information security. It explores different areas and situations in real-life cyber security engagements and activities. Episodes feature guests from different backgrounds such as hackers, security analysts, cyber security managers, bug bounty hobbyists and more. 

25 Episodes
Reverse
Zero-Day Exploits

Zero-Day Exploits

2024-06-0411:33

In this episode of The Cyber Riddler podcast, we venture into the shadowy world of zero-day exploits, one of the most well known threats in the cybersecurity world . Zero-day exploits represent vulnerabilities that can be targeted before they are even known to exist, making them a significant concern for both organizations and individuals. We explore the lifecycle of a zero-day exploit, from discovery and weaponization to delivery and exploitation. Through notable case studies, we illustrate ...
Threat Hunting

Threat Hunting

2024-03-2606:33

In this episode, delve into the world of cyber security through the lens of expert threat hunters. As they navigate the complex digital landscape, these skilled professionals employ advanced techniques and tools to investigate systems meticulously. Their mission: to unearth hidden implants and payloads that lurk undetected, posing significant risks. Through a combination of expertise, intuition, and cutting-edge technology, they reveal how they stay one step ahead of cyber threats, ensuring t...
Phishing World

Phishing World

2024-02-0608:14

In this episode of The Cyber Riddler, We dive into the cunning world of phishing scams, focusing on how Normal Users are reacting to these emails and how SOC (Security Operations Center) analysts can expertly analyze suspicious emails. We outline the essential tools and steps for dissecting emails, from examining sender addresses and email headers to scrutinizing links and attachments for malicious content. The episode also stresses the importance of staying updated on phishing trends, ...
HTTPS and TLS Tales

HTTPS and TLS Tales

2023-12-3010:23

Explore the world of web security in our latest episode, 'HTTPS and TLS Tales' deep into the mechanisms that differentiate HTTPS from HTTP, uncovering the layers of encryption, authentication, and data integrity that safeguard our online interactions. From the pivotal role of TLS to real-world cases of security breaches and the evolving landscape of cyber threats, this episode offers a comprehensive look at the technologies that keep the internet secure. Twitter: @almorabeaTwitter:...
Threat Intelligence

Threat Intelligence

2023-12-1007:13

In this episode, we'll dive deep into the world of Threat Intelligence, exploring its critical role in cybersecurity. From the basics of data collection to the challenges of information sharing, we'll cover it all. Discover how Threat Intelligence empowers organizations to detect and respond to cyber threats, and stay ahead of evolving tactics. Join us for a comprehensive discussion that sheds light on this essential aspect of modern cybersecurity.Twitter: @almorabeaTwitter: @CyberRiddlerWebs...
Lateral Movement

Lateral Movement

2023-11-2108:49

Dive into the shadowy world of lateral movement in cybersecurity. In this episode of The Cyber Riddler. Explore how attackers stealthily navigate networks post-breach, using techniques from credential exploitation to abusing legitimate tools. Featuring real-world scenarios, this episode unveils the strategies behind advanced persistent threats and red team tactics. Learn about essential defenses like network segmentation and vigilant monitoring. Tune in for an essential guide to underst...
Insider Threat

Insider Threat

2023-11-0708:07

In this episode of The Cyber Riddler, we dive deep into the shadowy world of insider threats. We unravel the complexities of individuals within an organization who pose a risk to its security from the inside. We'll explore real-life cases, dissect the motives behind insider attacks, and discuss the latest strategies and technologies to safeguard your company against this often underestimated dangerTwitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
The Lazarus Group

The Lazarus Group

2023-09-2006:58

In this episode we've talked about The Lazarus Group, Which is a cybercrime group made up of an unknown number of individuals run by the government of North Korea. We've discussed about their latest campaign where they targeted security researchers. and how they did the same act in the past. hope you like the episode.Twitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
In this episode we've covered the basics of malware analysis. Things that malware authors want to hide in their malware. How they want to make it hard for malware analysts to do their job. Our guest today has an extensive experience in malware analysis. He publishes many videos on malware reverse engineering on his channel and he is very knowledgeable when it comes to this field.Full Interview below:https://youtu.be/HuHATqK850sBlog Post: https://thecyberriddler.com/blog/malware-analysis-...
In this episode we've talked about kernel drivers, We covered a variety of different topics like how to load a driver, signing process, HVCI and others, and we closed with Intel CET and Shadow stack. Yarden has a very great experience when it comes to windows internals topics, her work mainly in the defending side, she previously worked at SentinelOne and CrowdStrike and currently she is a senior security researcher at Trail of Bits, I hope you enjoy the episode.Full Interview below:https://y...
Dive into cybersecurity's captivating world with our latest episode on Vulnerability Research! Discover the secrets of ethical hackers, uncover different vulnerabilities, and explore responsible disclosure processes. Get insider tips and tricks to level up your cybersecurity knowledge. Our guest Kevin is a renowned cybersecurity specialist and ethical hacker with years of experience and a keen eye for security flaws. Full Interview below:https://youtu.be/YURVs70d4ikOther Links:Blog...
This Week's episode is about Windows Internals in depth, we've talked about things from an offensive and defensive perspective. Things like Hooks, Kernel callbacks, how security companies are using them and how Red Teamers are leveraging them as well. We've talked about many other concepts such as user space mode and kernel space mode, Patch Guard and many others. This episode is part of The Cyber Riddler podcast, Check out the other episodes on any of your favorite podcast apps. Just search ...
In this episode we talked about Digital forensics and Incident response aka DFIR, how to get started, and how crucial it is to deal with incidents. We also talked about various topics including memory dump and analysis, ransomeware and stories from the past about interesting incidents. This episode was starring Paula Januszkiewicz, CQURE CEO.Who's Paula?https://thecyberriddler.com/person/paula-januszkiewiczFind the full description on the blog post available in the podcast website below:https...
DNS - Attacks

DNS - Attacks

2023-06-1006:15

This week's episode talks about DNS in general and DNS attacks, we barely scratched the surface. DNS is playing a major role in our network communication and hackers take advantage of DNS attacks for their own gain. Twitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
LoLBins or Living Off The Land Binaries are binaries within the operating system it doesn't matter if it's a windows or unix based system. these binaries are heavily utilized by hackers to avoid detections, in this episode we will be diving into the world of LoLBins and we will discover how hackers are using them. Twitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
Browser Exploitation

Browser Exploitation

2023-04-1606:40

In this episode we scratched the surface of browser exploitation methods and we went through different techniques used by the attackers to gain access to your device. We also went through different old CVEs that have been used in the past. We hope you enjoy the episode. Twitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
In this episode we talked about cryptography in general and then we dived into the world of ransomware starting from when ransomware approximately started and then we talked about ransomware tactic and delivery mechanisms , evasion techniques and then we talked about the zeppelin ransomware and how lance and his team were able to recover and reconstruct the keys by doing some RSA factorization and other interested techniques. the episode have a video too you can see the full episode on ...
Today's episode is about Pseudo Random Number Generators and how we can achieve Randomization. We also explain how applications can suffer big time when they don't have random values generated in their crypto systemsTwitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
Today's episode is about Pseudo Random Number Generators and how we can achieve Randomization. We also explain how applications can suffer big time when they don't have random values generated in their crypto systemsTwitter: @almorabeaTwitter: @CyberRiddlerWebsite: https://thecyberriddler.com
Exploit code are amazing, But sometimes the technique behind itis what makes it shiny, In this episode I want you to look at exploitcodes from different perspective. not just finding vulnerabilities for the sake of finding vulnerabilities. always change your mindset whenyou do R&D from finding one vulnerability to finding one technique that works for majority of vulnerabilities Reference: Why You Shouldn’t Trust NTDLL from Kernel Image Load Callbackshttps://www.sentinelone.com/labs/case-s...
loading
Comments