Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 330
6 snips
Nov 24, 2025 A recent ransomware incident in Nevada highlights concerning detection and forensic challenges. The discussion reveals how AI is being tested by threat actors, raising alarms about automated lateral movement and internal vulnerabilities. The hosts emphasize the critical need for foundational security practices, reframing priorities amid AI hype. They also delve into the urgency of monitoring supply chain risks and remind listeners not to overlook basic threats like credential theft and phishing. The realities of CISO burnout spark a candid conversation on leadership accountability and budget constraints.
AI Snips
Chapters
Transcript
Episode notes
Spoofed Admin Tool Triggers State Breach
- Nevada's ransomware incident began when an employee downloaded a malicious counterfeit admin tool from search results.
- Jerry Bell calls the state's public report propaganda-heavy and criticizes its self-congratulatory tone.
Old Laptops, New Lessons
- Jerry and Andrew reminisce about salespeople filling laptops with porn causing hard-drive failures in the 1990s.
- Andrew Kallett uses the story to illustrate recurring, human-driven security problems.
Quarantine Isn't A Full Investigation
- Symantec quarantined the malicious file on June 26 but the backdoor had been active since mid-May.
- Jerry Bell and Andrew Kallett highlight missed investigation and monitoring opportunities during that six-week window.