Breaking Badness

In this engaging discussion, John DiMaggio, author of 'The Art of Ransomware', shares riveting tales from his experiences in cybersecurity investigations, shedding light on the world of espionage. Dimitri Alperovitch, founder of CrowdStrike, expands on the geopolitical complexities in cybersecurity, as outlined in his book 'World on the Brink'. They delve into the intricacies of cyber warfare, the rise of nation-state threats, and the importance of storytelling in cybersecurity literature to connect and inform professionals in the field.

In this special episode of Breaking Badness, we wrap up 2024 with a countdown of the top episodes, puns, and cybersecurity moments that defined the year. From the hoodiest hacks to the goodiest wins, Kali, Tim, and Taylor reflect on critical insights, industry-changing events, and listener favorites. Tune in for discussions about evolving OT security, DNS mishaps, ransomware trends, and expert predictions for 2025. Featuring special moments like our Hacker Summer Camp interviews and top cybersecurity guests, this episode is both insightful and entertaining.

In this special 2025 Predictions episode of Breaking Badness, host Kali Fencl joins cybersecurity experts Sean McNee, Tim Helming, and Daniel Schwalbe to discuss the future of cyber threats and defense. From ransomware evolution and AI-powered attacks to quantum computing and “synthetic identity fraud,” the group compares their insights with predictions generated by leading AI platforms like ChatGPT, Claude, Copilot, and Meta AI. Will 2025 be the year of AI-compromised models or industrial control system hacks? Are biometric security risks on the rise, and what’s next for ransomware gangs? Tune in for insights, banter, and some predictions you’ll want to track!

In this episode of Breaking Badness, we dive into two fascinating stories shaping the cybersecurity landscape. First, we unpack the case of Gabriel Koo and his surprising acquisition of the domain us-east-1.com, a domain closely tied to AWS’s naming conventions. What insights can this seemingly simple purchase reveal about DNS misconfigurations and AWS security practices? Next, we shift focus to DARPA's ambitious new project aimed at revolutionizing cybersecurity by breaking software into smaller, more secure compartments. With expert analysis and intriguing insights, we explore the intersection of DNS, innovation, and the future of cybersecurity.

In this episode of Breaking Badness, we delve into the cybersecurity trends shaping the holiday season. We unpack the 60% surge in scam domain registrations targeting holiday shoppers, discuss the tactics of TAG-112, a Chinese state-sponsored threat group, and analyze their use of compromised websites to deliver Cobalt Strike malware. Plus, we share actionable insights on mitigating these threats. Tune in for expert analysis, lighthearted banter, and a few cybersecurity holiday tips to keep you safe this season

In this episode of Breaking Badness, we dive into the critical challenges and innovations in healthcare cybersecurity with Ken Zalevsky, CEO of Vigilant Ops. From the vulnerabilities in medical devices to the revolutionary role of Software Bill of Materials (SBOMs), Ken shares his two decades of expertise in safeguarding patient safety and hospital systems against emerging threats. Tune in to learn about shifting cybersecurity left, the complexities of interconnected healthcare systems, and actionable strategies to combat ransomware and legacy vulnerabilities.

In this episode of Breaking Badness, we explore two fascinating cybersecurity stories. First, we delve into the unusual case of an ex-Disney employee who hacked menu systems, creating chaos in the happiest place on Earth. Next, we discuss Sophos' five-year-long battle with a determined group of attackers targeting their firewalls. Tune in as we break down the insider threat at Disney, the lessons learned from Sophos' transparency, and what it all means for the future of cybersecurity. Plus, don't miss our signature Gold, Guidance, and Grievances segment for unique insights and takeaways.

In this episode of the Breaking Badness Cybersecurity Podcast, Jason Haddix dives into his unique journey from red teaming and pentesting to leading security teams as a CISO in high-profile organizations, including a top gaming company. Jason unpacks the distinct challenges of securing a gaming company, where risks come not only from state actors but also from clout-seeking young hackers. He shares valuable insights on building scalable security programs, secrets management, and the importance of radical transparency in corporate security cultures. Tune in to hear why, in Jason's words, "gaming saved me from a misspent youth," and learn about his latest ventures into offensive security training and AI-driven security solutions.

Discover the chilling implications of Locate X, a smartphone tracking tool used by U.S. law enforcement without warrants. Explore ethical concerns about digital privacy in an age of surveillance. Learn about APT29's sophisticated phishing tactics targeting AWS services and military entities in Ukraine. The podcast also emphasizes the urgent need for stronger privacy protections and increased public awareness on surveillance capitalism. Join the conversation for expert insights and engaging reflections on these pressing issues.

In a captivating conversation, cybersecurity veteran The Gibson shares insights from his 25+ years in InfoSec. He reflects on his early coding days and the evolution of hacker ethics, as well as the impact of iconic groups like Loft and Cult of the Dead Cow. The Gibson discusses the complexities of threat intelligence, diving into how legal actions often clash with moral considerations. He also highlights the significance of privacy-focused projects like Veilid and the revitalization of hacker culture through community collaboration and innovative initiatives.