In this episode of the Defensive Security Podcast, we discuss the anticipated rise of Mac malware, the economic implications of new top-level domains (TLDs) for phishing, innovative phishing techniques using corrupt documents, and the risks associated with open-source software. We also explore the concept of risk homeostasis in cybersecurity, examining how users’ perceptions of security can influence their behavior and risk-taking. The conversation emphasizes the importance of education, robust security measures, and the need for a deeper understanding of complex systems in the face of evolving threats.

If you would like to support this podcast, please consider donating here: https://www.patreon.com/defensivesec

<iframe title="Defensive Security Podcast Episode 288" width="604" height="340" src="https://www.youtube.com/embed/-pqdyRWEtPA?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>

Links:

• https://appleinsider.com/articles/24/12/04/what-a-new-threat-report-says-about-mac-malware-in-2024


• https://krebsonsecurity.com/2024/12/why-phishers-love-new-tlds-like-shop-top-and-xyz/


• https://www.bleepingcomputer.com/news/security/novel-phishing-campaign-uses-corrupted-word-documents-to-evade-security/


• https://www.bleepingcomputer.com/news/security/ultralytics-ai-model-hijacked-to-infect-thousands-with-cryptominer/ and https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection