The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.North Korea’s state-backed Lazarus Group is believed to be responsible for the largest cryptocurrency heist ever recorded, stealing $1.5 billion from the Bybit exchange. The "BadPilot" hacking campaign has been linked to Russia's Sandworm threat group, a unit of the GRU known for cyber espionage and disruptive attacks. GreyNoise has observed active exploitation of CVE-2025-0108, a critical authentication bypass vulnerability in Palo Alto Networks’ PAN-OS. Security researcher Paul Butler has demonstrated a novel technique for smuggling arbitrary data using emojis, leveraging the way modern text encoding and rendering systems handle Unicode characters.Kitty Stealer is a newly identified malware targeting macOS systems, designed to steal sensitive user data such as credentials, browser cookies, and cryptocurrency wallets.SEKOIA researchers have uncovered a previously unknown IoT botnet named PolarEdge, which has been operating covertly for an extended period.

On this episode of The Cybersecurity Defenders Podcast we talk with John Vaina, AI Researcher and Red Teamer, about AI risk and safety.John is an expert in AI risk, safety, and security. John currently works as an AI red team operator, tackling some of the most complex challenges in the field. His work spans traditional cybersecurity concerns, such as identifying vulnerabilities in AI systems, to cutting-edge tasks like testing for emergent behaviors and conducting AI alignment and safety audits.John’s expertise includes evaluating ethical and bias risks, ensuring model robustness, and running adversarial attack simulations to uncover potential weaknesses. Beyond these technical aspects, he also addresses broader safety issues, including scenarios involving CBRNE threats and other high-stakes risks.John’s unique combination of technical skills, strategic thinking, and a focus on ethical considerations makes him a leading voice in ensuring that AI technologies are safe, secure, and aligned with human values.

Amanda Berlin, CEO of Mental Health Hackers and Senior Product Manager of Cybersecurity at Blumira, dives into the pressing issue of burnout in the tech industry. She shares her transformative journey from music to cybersecurity, emphasizing the critical intersection of mental health and high-pressure roles. The discussion uncovers vital strategies for managing stress, fostering better workplace culture, and supporting wellbeing through communication and community. With insights on upcoming conferences, Amanda champions a healthier future for cybersecurity professionals.

Deepak Dutt, Founder and CEO of Zighra, discusses the unique cybersecurity challenges facing the Arctic, emphasizing the need for adaptive security measures. He shares insights from his journey in technology, highlighting the lessons learned from his experience with identity theft. Deepak examines the historical decline of Nortel and its vulnerability to foreign threats, and he explores innovative solutions like privacy-driven behavioral biometrics. Finally, he addresses the geopolitical shifts in the Arctic, advocating for collaboration in advanced technologies to ensure regional security.

Delve into the intriguing world of network traffic tunneling, where attackers bypass security controls with techniques like DNS and HTTP/S tunneling. Explore the ominous BadPilot campaign linked to Russia's notorious Sandworm group. Discover the critical CVE-2025-0108 vulnerability, which exposes firewall security, and learn about an innovative emoji-based data smuggling technique. Plus, meet Kitty Stealer, a malware targeting macOS user data, showcasing the evolving landscape of cyber threats.

Raffaele Mautone, CEO of Judy Security, shares his extensive IT and cybersecurity experience, emphasizing the importance of Managed Security Service Providers (MSSPs) for SMBs. He discusses the unique challenges these businesses face amidst rising security threats. The conversation covers choosing technology partners, building trust within MSSP collaborations, and how AI is transforming cybersecurity solutions. Mautone highlights Judy Security’s mission to provide intuitive and affordable protections, ensuring that safeguarding data is accessible to all.

In this discussion, Matt Bromley, an expert cybersecurity analyst, shares enlightening insights on the latest cyber threats. He highlights a significant 35% drop in ransomware payments in 2024 and the arrest of a key member from the 8Base ransomware group. The XE Group is now employing advanced supply chain attacks, potentially surpassing the SolarWinds incident. Additionally, Bromley uncovers a concerning cyber-espionage campaign targeting governmental sectors in South Asia, showcasing the ever-evolving landscape of cyber threats.

On this episode of The Cybersecurity Defenders Podcast we talk about talent acquisition, training, and retention in the MSSP space with Paul Ihme, Cofounder & Managing Principle at Soteria.Paul is a cybersecurity professional with extensive experience in both federal and private sectors. He is the co-founder and managing principal of Soteria, a firm that provides tailored cybersecurity solutions and strategic advisory services to help businesses defend against cyber threats 24/7. Soteria specializes in managed detection and response, domain monitoring, and risk management for Microsoft 365 environments among other things. Prior to founding Soteria, Paul held key roles in cybersecurity, including Vice President of Active Network Defense at JPMorgan Chase and as a Cyber Warfare Operator in the U.S. Air Force. Today, we are going to be discussing what it takes to Build a Skilled Team and exploring his experience with Talent acquisition, training, and retention in the MSSP space.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Lumma Stealer, an information-stealing malware, has been observed using new evasion techniques to avoid detection.Researchers at CloudSEK have uncovered a trojanized version of the xWorm Remote Access Trojan (RAT) builder that is being secretly distributed among cybercriminals. A recent disclosure by security researcher Zach Latta highlights how the Washington State Department of Transportation (WSDOT) inadvertently exposed sensitive server credentials on its public website.A critical authentication bypass vulnerability (CVE-2024-21762) in Fortinet’s FortiOS has been actively exploited in the wild, allowing attackers to execute arbitrary code or gain unauthorized access to affected systems.

On this episode of The Cybersecurity Defenders Podcast we speak with Garret Grajek, CEO of YouAttest, about how MSSPs help clients meet regulatory requirements and what it means for the MSSP.Garret is a certified security leader with nearly 30 years of experience in information security. Garret is widely recognized as a visionary in identity, access, and authentication, holding 13 patents in areas such as x.509, mobile security, single sign-on (SSO), federation, and multi-factor technologies. Over the course of his career, he has contributed to major security projects for prominent commercial clients like Dish Networks, Office Depot, TicketMaster, and E*Trade, as well as public sector organizations including the U.S. Navy and the EPA.Garret began his career as a security programmer at Texas Instruments, IBM, and Tandem Computers, later advancing to key roles at RSA, Netegrity, and Cisco. He is also the founder and creator of SecureAuth IdP, a two-factor authentication and SSO platform. Known for his expertise in security architecture, product development, and leadership, Garret is a thought leader in modern IT architecture, including mobile deployments, cloud, hybrid environments, and advanced authentication technologies.