Breaking Badness

In this episode of Breaking Badness, we sit down with John Donovan of ZEDEDA to unpack the lighter and more profound sides of cybersecurity’s biggest gatherings. From RSA’s unexpected baby goats and vendor booth antics to BSides San Francisco’s community-driven keynote stage, John shares personal stories, industry insights, and valuable advice on how newcomers and veterans alike can navigate events like RSA, BSides, and DEF CON. You’ll hear how he "hacked" his way onto the main stage, what it means to wear a “No Purchasing Authority” pin, and why protecting your mom from scams might be more urgent than defending your enterprise.

In this episode of Breaking Badness, the crew investigates two escalating threats in the cybercrime ecosystem: the cleverly named phishing-as-a-service platform Morphing Meerkat, and the bulletproof hosting provider Proton66, a favorite among amateur cybercriminals. First, they dig into how Morphing Meerkat uses DNS-over-HTTPS (DoH) and clever phishing kits to evade detection. Then, they shift focus to Proton66, a Russian-based bulletproof host that shelters a new generation of low-skill attackers, including a threat actor known as "Coquettte" with ties to the Horrid Hacking group.

In this powerful continuation of our DFIR series, cybersecurity experts Daniel Schwalbe, David Bianco, Lesley Carhart, and Sarah Sabotka dissect the heart of effective incident response, containment, eradication, recovery, and lessons learned. Packed with firsthand war stories, sharp tactical advice, and honest debates, this episode is a must-listen for anyone building or refining their digital forensics and incident response capabilities. Tune in to learn why planning matters, what to do (and not do) during a breach, and how to make the adversary's job harder, one containment plan at a time.

In Part 1 of this special two-part panel, the Breaking Badness podcast gathers leading cybersecurity experts to explore the foundations of DFIR - Digital Forensics and Incident Response. Featuring Daniel Schwalbe (DomainTools), Lesley Carhart (Dragos), David Bianco (Splunk), and Sarah Sabotka (Proofpoint), the panel dives into what makes an effective incident response program, why preparation is often overlooked, and how to bring technical and human elements together during high-stakes security events.

In this episode of Breaking Badness, host Kali Fencl is joined by DomainTools' Daniel Schwabe and disinformation expert Scot Terban to uncover how modern Russian disinformation campaigns are using domain registrars, homoglyph attacks, and generative AI to mimic legitimate news outlets and manipulate public perception. From the eerie sophistication of Doppelganger operations to the exploitation of domain infrastructure, this episode sheds light on how truth is being weaponized in the digital era. We also explore how AI is accelerating the speed and scale of these attacks, and the limited levers defenders have to push back.

In this special DNS Masterclass episode of Breaking Badness, hosts Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce take a deep dive into the Domain Name System often dubbed the backbone and battleground of the internet. From its humble beginnings with host files to its critical role in modern security, the episode unpacks DNS’s evolution, vulnerabilities, and impact on InfoSec.

Explore the fascinating evolution of threat intelligence, from early days of basic rules to advanced AI analysis with graph technology. Discover how community collaboration enhances cybersecurity practices and speeds up threat detection. Learn about the impactful tools like AlphaHunt that empower both junior and seasoned analysts. The podcast sheds light on the importance of sharing knowledge and adapting to new threats, while also addressing the balance between risk management and corporate profits in cybersecurity.

In this episode of Breaking Badness, we dive into two major cybersecurity stories: the exploitation of a VPN vulnerability by Chinese APT 41 and the newly discovered “Wall Bleed” flaw in the Great Firewall of China. APT 41 has been using a critical VPN vulnerability to infiltrate operational technology (OT) organizations, targeting industries like aerospace and defense. Meanwhile, researchers have uncovered a flaw in China's DNS injection system, which inadvertently leaks internal data—an ironic twist for a government known for its strict internet censorship. Join us as we break down these exploits, their impact on cybersecurity, and what they reveal about modern cyber espionage. We also discuss best practices for securing VPNs, firewall vulnerabilities, and the ethical implications of studying censorship technologies.

Episode 202 of Breaking Badness takes a deep dive into two of the biggest cybersecurity stories of the year (so far): ● Black Basta’s Leaked Chats – A major data leak has exposed internal conversations from this notorious ransomware gang, revealing their internal struggles, ransom negotiations, and even workplace drama. ● Salt Typhoon’s Cyber Espionage – A sophisticated Chinese threat group has been caught infiltrating major U.S. telecommunications providers, raising serious concerns about national security.

In this episode of Breaking Badness, we sit down with Bruce and Heidi Potter, two of the masterminds behind ShmooCon, the legendary cybersecurity conference that ran for 20 years. They take us behind the scenes, from its hilarious bar-napkin origins to how they built a tight-knit hacker community that thrived for two decades.