Threat Vector by Palo Alto Networks

Cyber attackers are increasingly targeting the very tools developers trust—integrated development environments (IDEs), low-code platforms, and public code repositories. In this episode of Threat Vector, host David Moulton speaks with Daniel Frank and Tom Fakterman from Palo Alto Networks' threat research team. They uncover how nation-state actors and cybercriminals are using trusted development tools like Visual Studio Code to run malware, exfiltrate data, and stay undetected. Listeners will learn about real-world APT campaigns, why dev tools are high-value targets, and how organizations can secure their software supply chain without slowing down developers. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com⁠

Nathaniel Quist, a leader in Cloud Threat Intelligence at Palo Alto Networks, dives into a staggering cloud extortion campaign that revealed over 90,000 credentials. He explains how a minor misconfiguration opened the floodgates and emphasizes the weaknesses in identity management. Automation's dual role as both a boon and a risk in cloud security is discussed, along with the critical need for collaboration between cybersecurity teams and cloud providers. Quist also shares strategies for building a robust cloud posture and enhancing threat detection.

In this episode of Threat Vector, host David Moulton sits down with Tyler Shields, Principal Analyst at ESG, entrepreneur, and cybersecurity marketing expert, to discuss the fine line between thought leadership and echo chambers in the industry. Tyler breaks down what true thought leadership looks like, how marketing can cut through the noise, and why a bathtub analogy might change the way you think about brand awareness. We also analyze the marketing tactics of successful brands like Dollar Shave Club and the Savannah Bananas to see what cybersecurity can learn from their playbook. Finally, we explore the future of cybersecurity marketing, discussing how companies can stand out, build trust, and create authentic engagement in a competitive landscape. Join us for this insightful discussion on how security professionals can move beyond repetitive narratives and foster real, impactful thought leadership. Join the conversation on our social media channels: Website:⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠ ⁠http://paloaltonetworks.com⁠

Lisa Plaggemier, Executive Director of the National Cybersecurity Alliance, shares her expertise blending psychology and marketing to inspire change in cybersecurity. She discusses how emotions and storytelling can reshape cybersecurity habits, highlighting alarming trends like password reuse. Lisa also unveils misunderstandings about AI risks in the workplace, calling for better employee training. Emphasizing the need for secure-by-design approaches, she highlights that facts alone won't shift behaviors, urging innovation through relatable narratives.

Arjun Bhatnagar, Co-founder and CEO of Cloaked, shares his expertise on protecting personal privacy in a digital world. He discusses why safeguarding your online data is more urgent than ever, especially in a hyper-connected environment. Arjun dives into how digital footprints can lead to identity theft and financial loss, and emphasizes the importance of strong cybersecurity habits. He also provides practical tips for navigating public Wi-Fi safely and managing app permissions, making it clear that understanding personal data is essential for everyone.

Kirsten Davies, a cybersecurity strategist, joins guest host Ofer Ben-Noon to dig into the crucial topic of browser security. They discuss how browsers now handle 85% of work, making them key targets for cyber threats. The duo highlights the dangers of phishing and session hijacking, while emphasizing the importance of Zero Trust principles. They also explore how AI can proactively identify security anomalies. Listeners gain practical insights on enhancing cybersecurity without sacrificing user experience.

Sam Ainscow, Group Chief Security Officer at Hill & Smith PLC, brings over 20 years of cybersecurity expertise. He shares insights on the vital role of cyber resilience and risk assessment while advocating for realistic training and post-incident reviews. The conversation delves into the nuances of tailored security awareness programs and the potential pitfalls of open-source software risks. Ainscow emphasizes proactive strategies to bolster defenses and navigate the complexities of supply chain vulnerabilities in today's digital landscape.

Tanya Shastri, SVP of Product Management at Palo Alto Networks, and Navneet Singh, VP of Marketing - Network Security, delve into the world of secure AI. They discuss the balance between innovation and security while using generative AI in businesses. Key topics include the risks of shadow AI, the importance of visibility and governance, and the challenges of securing AI in enterprise settings. The duo emphasizes a 'secure by design' approach and advocates for robust frameworks to ensure data privacy and security alongside rapid AI integration.

Recorded Live at the Canopy Hotel during the RSAC Conference in San Francisco, David Moulton speaks with Noelle Russell, CEO of the AI Leadership Institute and a leading voice in responsible AI. Drawing from her new book Scaling Responsible AI, Noelle explains why early-stage AI projects must move beyond hype to operational maturity—addressing accuracy, fairness, and security as foundational pillars. Together, they explore how generative AI models introduce new risks, how red teaming helps organizations prepare, and how to embed responsible practices into AI systems. From the Show: OpenAI Preparedness Framework Anthropic Responsible Scaling Policy Scaling Responsible AI: From Enthusiasm to Execution Hear more from Wendi Whitmore on Threat Vector: ⁠Episode 5: From Nation States to Cybercriminals⁠ Join the conversation on our social media channels: Website:⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠ Threat Research:⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠ ⁠⁠⁠⁠@paloaltonetworks⁠⁠ Twitter:⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠ ⁠http://paloaltonetworks.com⁠

In this episode of Threat Vector, host David Moulton talks with Wendi Whitmore, Chief Security Intelligence Officer at Palo Alto Networks, about the increasing scale of China-linked cyber threats and the vulnerabilities in outdated OT environments.  Wendi shares critical insights on how nation-state threats have evolved, why AI must be part of modern defense strategies, and the importance of real-time intelligence sharing. They also dive into scenario planning as a key to resilience. If you want to know how cybersecurity leaders are preparing for the next wave of threats, this episode is a must-listen. From the show: ASEAN Entities in the Spotlight: Chinese APT Group Targeting Preparing for a Secure Paris 2024 Unit 42 Predicts the Year of Disruption and Other Top Threats in 2025 FBI talks about how China is testing AI in cyberattacks Hear more from Wendi Whitmore on Threat Vector: Episode 5: From Nation States to Cybercriminals Join the conversation on our social media channels: Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠ YouTube:⁠ ⁠⁠@paloaltonetworks⁠ Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com⁠