Packet Protector
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Pr...
10
The Care and Feeding of Kerberos for Windows Environments
Today we’re going to learn about the care and feeding of a three-headed dog named Kerberos. Developed at MIT and released in 1989, Kerberos is a free, open source authentication protocol that uses cryptographic keys to protect identity data as it crosses a network. Today, Kerberos is the backbone of Windows authentication. We’ll dive into... Read more »
What Goes On Inside a Firewall?
On today’s show, we pop the lid off of a firewall (figuratively speaking) to understand what’s inside. We talk about how a packet moves through various packet-processing elements inside a firewall, how header analysis and de-encapsulation work, which hardware component has the biggest impact on performance, why stateful inspection still matters in an age of... Read more »
How and Why to Turn the Browser into a Universal Security Agent (Sponsored)
With the rise of cloud services and SaaS, the browser has become a primary productivity tool. It’s also a primary vector for malware, phishing, identity theft, data leaks, and other risks. On today’s sponsored episode with Palo Alto Networks, we dive into browser security. We discuss risks to the browser and how they differ from... Read more »
Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?
Everything old is new again in today’s Packet Protector news roundup, as a decade-old Telnet exploit resurfaces, and Microsoft unfolds its roadmap to phase out the ancient NTLM protocol. In other news, Google takes down a sprawling residential proxy network, the popular Notepad++ app takes steps to recover from a serious compromise, and a Polish... Read more »
OT and ICS - Where Digital and Physical Risks Meet
Operation Technology (OT) and Industrial Control Systems (ICS) are where the digital world meets the physical world. These systems, which are critical to the operation of nuclear power plants, manufacturing sites, municipal power and water plants, and more, are under increasing attack. On today’s Packet Protector we return to the OT/ICS realm to talk about... Read more »
Understanding OAuth and Reducing Authorization Risks
OAuth is a widely used authorization (not authentication) protocol that lets a resource owner grant access to a resource using access tokens. These tokens define access attributes, including scope and length of time. OAuth can be used to grant access to human and non-human entities (for example, AI agents). OAuth is increasingly being abused by... Read more »
Security Priorities for 2026 - A Roundtable Discussion
The start of a new year is a good time to assess what’s important. We’ve gathered some Packet Protector listeners to talk about their security priorities for 2026 in a roundtable discussion with hosts JJ and Drew. We talk about key risks for 2026, whether those risks have changed since last year, use cases for... Read more »
News Roundup--Old Gear Faces New Attacks, Cyber Trust Mark's Trust Issues, Alarms Howl for Kimwolf Botnet
Everything old is new again in this Packet Protector news roundup, from end-of-life D-Link routers facing active exploits (and no patch coming) to a five-year-old Fortinet vulnerability being freshly targeted by threat actors (despite a patch having been available for five years). We also dig into a clever, multi-stage attack against hotel operators that could... Read more »
News Roundup--Securing MCP, Hunting Backdoors, and Getting the Creeps From AI Kids' Toys
Our final news roundup for 2025 is a holiday sampler of tasty, chewy (and a few yucky) confections. We look at a years-long exploit campaign that used browser extensions to steal credentials, inject malicious content, and track behavior; tracks ongoing exploits using the React2Shell vulnerability; and debates whether a surveillance camera maker’s pledge to follow... Read more »
Why Native Controls Aren't Enough to Protect Your Cloud Workspaces (Sponsored)
Cloud-based workspaces such as Google Workspace are often the backbone of an organization. But they also face threats from spam and phishing, account takeovers, and illicit access to sensitive documents and files. On today’s Packet Protector we talk with sponsor Material Security about how it brings additional layers of protection to Google Workspace, including email... Read more »
