Brutally Honest Security

Encrypt Everything Post & DFIR Firms You Can Trust

When it comes to cybersecurity, sugarcoating is not an option. Brutally Honest Security cuts through the noise with raw, unfiltered insights from Eric Taylor — a seasoned digital forensics and incident response (DFIR) expert known for his “no-holds-barred” style. Each episode dives straight into the heart of information security: 🔥 Ransomware updates & evolving trends 📧 Business Email Compromise (BEC) and phishing 🛠 Digital Forensics & Incident Response (DFIR) 🌑 Threat actor activity across the dark web 📢 Breaking cybersecurity headlines & data breaches 🛡 Latest CVEs, exploits, and real-world vulnerabilities 🎙 No script. No limits. If it matters in cyber, it’s fair game. Whether you’re a security professional, IT leader, breach counsel, or just someone trying to make sense of the headlines, Eric’s blunt breakdowns make complex cyber topics accessible and actionable. Expect frank discussions, real stories from the trenches, and zero fluff. If you’re tired of jargon and want the truth about today’s cyber threats, tune in to Brutally Honest Security. Its cybersecurity explained the way it should be direct, honest, and impossible to ignore. 👉 Subscribe now on YouTube, Spotify, Apple Podcasts, or wherever you get your podcasts. ============================= Follow Barricade Cyber Solutions: * Connect on LinkedIn: https://linkedin.com/company/barricadecyber [https://linkedin.com/company/barricadecyber] * Eric’s LinkedIn: https://linkedin.com/in/ransomware [https://linkedin.com/in/ransomware] * Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm [https://brutallyhonestsecurity.transistor.fm/] Visit https://barricadecyber.com [https://barricadecyber.com/] to learn about our mission to help businesses be safer tomorrow than they are today. © 2026 Barricade Cyber Solutions

Holiday Scam Season: Spot It, Share It, Stop It

This week on Brutally Honest Security, host Eric Taylor flags a timely and critical risk: the surge in holiday-season scams. As festive shopping, deliveries, and goodwill ramp up, so do scams targeting unsuspecting shoppers, families, and well-meaning gift-givers. Topics covered: 🎯 The most common holiday scams - from fake retail sites and spoofed delivery notices to phishing & smishing, fake charities, and “too-good-to-be-true” deals - help your friends and family to stay safe this holiday season! 🔎 How to vet a suspicious link, website, or message - explain what to look for to determine if it’s legit or a trap. Fake logos, odd URLs, spelling errors, or pressure to act fast? All red flags.  👥 Why you should share what you know - warning friends, family, and coworkers about scams can save someone from getting hooked. A little awareness can ripple far and wide. No script. No limits. If it matters in cyber, it’s fair game.  👉 Tune in every Monday to cut through the noise of the past week and walk away with the fixes and priorities that actually reduce risk. Follow Barricade Cyber Solutions: * Connect on LinkedIn: https://linkedin.com/company/barricadecyber [https://linkedin.com/company/barricadecyber] * Eric’s LinkedIn: https://linkedin.com/in/ransomware [https://linkedin.com/in/ransomware] * Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm [https://brutallyhonestsecurity.transistor.fm] Visit https://barricadecyber.com [https://barricadecyber.com] to learn about our mission to help businesses be safer tomorrow than they are today. © 2025 Barricade Cyber Solutions

Data Breach, Massive Fine & Failed Response: Lessons from Capita

In Episode 4 of Brutally Honest Security, host Eric Taylor takes aim at one of the most revealing cyber-incidents of the year: the Information Commissioner’s Office’s £14 million penalty against Capita plc and subsidiary CPSL following a breach that exposed 6.6 million individuals and almost one terabyte of data.   You’ll hear:  • How an infected file on a single device triggered an attacker from infiltration to lateral movement — and why a 58-hour delay in response turned a manageable intrusion into a massive data exfiltration event.    • The broader lesson for data processors and controllers: whether it’s pension data, staff records or client data — security posture and response speed matter.  • Why this isn’t just a UK story: global organizations processing millions of records must heed this kind of fallout, not as a rare event — but as a warning. No script. No limits. If it matters in cyber, it’s fair game. Tune in every Monday to cut through the noise of the past week and walk away with the fixes and priorities that actually reduce risk. 👉 Follow Barricade Cyber Solutions: - Connect on LinkedIn: https://linkedin.com/company/barricadecyber [https://linkedin.com/company/barricadecyber] - Eric's LinkedIn: https://linkedin.com/in/ransomware [https://linkedin.com/in/ransomware] - Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm [https://brutallyhonestsecurity.transistor.fm/] Visit https://barricadecyber.com [https://barricadecyber.com/] to learn about our mission to help businesses be safer tomorrow than they are today. © 2025 Barricade Cyber Solutions

Patch Tuesday Panic, Qilin’s Hybrid Strike & F5

Eric Taylor slices through the week’s noise in Brutally Honest Security — no spin, only sharp, actionable insight. This episode covers the crucial headlines every security pro should know: 🔧 Microsoft’s October Patch Tuesday: a record-scale release — 172 vulnerabilities patched, including multiple zero-days — and why patch prioritization matters now more than ever. https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-october-2025 [https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-october-2025]  🐙 Qilin’s hybrid attack: a new play combining Linux payloads and BYOVD exploitation that raises cross-platform risk for enterprises. https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html [https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html] Bonus story: https://www.infosecurity-magazine.com/news/qilin-ransomware-40-cases-monthly/ [https://www.infosecurity-magazine.com/news/qilin-ransomware-40-cases-monthly/] 🔐 F5 hack alarm: defenders warn the F5 compromise exposes broad supply-chain and infrastructure risk — and what your org should check first. https://www.reuters.com/sustainability/boards-policy-regulation/cyber-defenders-sound-alarm-f5-hack-exposes-broad-risks-2025-10-20 [https://www.reuters.com/sustainability/boards-policy-regulation/cyber-defenders-sound-alarm-f5-hack-exposes-broad-risks-2025-10-20] 📱 Smishing at scale: a global smishing triad tied to ~194,000 malicious domains — why SMS remains an ideal entry vector and how to blunt it. https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html [https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html] 🐛 MuddyWater & backdoors: a widespread campaign hitting MEA government entities with persistent backdoors — a reminder to watch telemetry and lateral-movement indicators. https://www.darkreading.com/cyberattacks-data-breaches/muddywater-100-gov-entites-mea-phoenix-backdoor  [https://www.darkreading.com/cyberattacks-data-breaches/muddywater-100-gov-entites-mea-phoenix-backdoor] 🧩 Plus: data leaks (Toys ’R’ Us Canada), quantum-preparedness calls for financial firms, and a new browser exploit that can plant persistent hidden commands in AI-powered browsing environments. https://www.securityweek.com/toys-r-us-canada-customer-information-leaked-online [https://www.securityweek.com/toys-r-us-canada-customer-information-leaked-online] EPSS Look Up Tool: https:epsslookuptool.com [https:epsslookuptool.com] Expect blunt breakdowns, practical remediation tips, and the decision-ready takeaways CISOs, incident responders, and security teams need to act now. No script. No limits. If it matters in cyber, it’s fair game. Tune in every Monday to cut through the noise of the past week and walk away with the fixes and priorities that actually reduce risk. 👉 Follow Barricade Cyber Solutions: - Connect on LinkedIn: https://linkedin.com/company/barricadecyber [https://linkedin.com/company/barricadecyber] - Eric's LinkedIn: https://linkedin.com/in/ransomware [https://linkedin.com/in/ransomware] - Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm [https://brutallyhonestsecurity.transistor.fm/] Visit https://barricadecyber.com [https://barricadecyber.com/] to learn about our mission to help businesses be safer tomorrow than they are today. © 2025 Barricade Cyber Solutions

CSRMC, LockBit 5.0 & Phishing Fallout

In this episode of Brutally Honest Security, Eric Taylor tears into the week’s most critical and pulse-raising cybersecurity developments — no fluff, just facts and blunt insight. Episode Headlines & Links: 👉 How the newly rebranded Department of War is replacing legacy frameworks with its Cybersecurity Risk Management Construct (CSRMC) - shifting to continuous, automated real-time defense. https://www.war.gov/News/Releases/Release/Article/4314411/department-of-war-announces-new-cybersecurity-risk-management-construct 💥 The return of LockBit 5.0, now targeting Windows, Linux, and ESXi — a cross-platform beast with heavy obfuscation and new tactics. https://www.trendmicro.com/en_us/research/25/i/lockbit-5-targets-windows-linux-esxi.html 💼 A major Jaguar Land Rover loan bailout following a cyber shutdown — what that says about risk in the private sector. https://www.bbc.com/news/articles/cgl15ykerlro 🃏 The latest Boyd Gaming Corp cybersecurity incident — lessons from how an incident unfolds in real business. https://www.board-cybersecurity.com/incidents/tracker/20250923-boyd-gaming-corp-cybersecurity-incident 🎯 Why phishing remains the leading cause of ransomware attacks in 2025 — and how that one vector keeps getting lethal. https://www.globenewswire.com/news-release/2025/09/23/3154612/0/en/Phishing-is-the-Leading-Cause-of-Ransomware-Attacks-in-2025-SpyCloud-Identity-Threat-Report-Finds.html No script. No limits. If it matters in cyber, it’s fair game. Tune in every Monday to cut through the noise of the past week, see how these cyber threats and incidents interlock, and walk away with decision-ready takeaways for your own security posture. 👉 Follow Barricade Cyber Solutions: - Connect on LinkedIn: https://linkedin.com/company/barricadecyber [https://linkedin.com/company/barricadecyber] - Eric's LinkedIn: https://linkedin.com/in/ransomware [https://linkedin.com/in/ransomware] - Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm [https://brutallyhonestsecurity.transistor.fm/] Visit https://barricadecyber.com [https://barricadecyber.com/] to learn about our mission to help businesses be safer tomorrow than they are today. © 2025 Barricade Cyber Solutions