The Cybersecurity Defenders Podcast

Josh Liburdi, Principal Engineer of Security Operations at DoorDash, joins Maxime Lamothe-Brassard, LimaCharlie CEO / Founder, to talk about building the Strelka file scanning system.As a security engineer who works in security operations (prevention, detection, and response), Josh has more than a decade of industry experience and has worked at several diverse organizations, including Brex, Target, and CrowdStrike.He also presents at information security conferences (BSides NYC & SF, SANS, fwd:cloudsec), is a published author (Bluenomicon from Splunk, Huntpedia from Sqrrl), and is active in the open source security community with contributions to many projects, including Substation at Brex (creator), Strelka at Target (creator), and the Zeek network analysis framework.Join Defender Fridays, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals. Become part of the LimaCharlie Community. Learn more about LimaCharlie at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Maxime Lamothe-Brassard, LimaCharlie CEO / Founder, and our Defender Fridays community sat down with David Burkett to discuss hunting Chinese State Actors with the Latest CISA Joint Advisory. As a dedicated and highly experienced Cloud Detection Engineer and Security Architect, David has the privilege of working at a Fortune 50 Company where he leverages his extensive background in cybersecurity to protect digital assets. With a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers. David’s expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. He is proud to have been part of a large overall security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. Their security operations center was recognized as being among the top 1% of cybersecurity programs for all cleared facilities. In addition to his hands-on experience, David has consulted for over 40 Fortune 500 Companies and Large Federal Organizations, helping them manage their SOAR platforms and playbooks. As a strong believer in knowledge sharing and collaboration, he is also an active contributor to the open-source detection security project known as Sigma. David is constantly seeking opportunities to grow and learn, and is eager to connect with like-minded professionals in the cybersecurity domain. Let's connect and build a safer digital world together. Join Defender Fridays, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals. Become part of the LimaCharlie Community.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.ESET Research has uncovered what it believes to be the first documented case of AI-powered ransomware, dubbed PromptLock.Multiple CrowdStrike-branded npm packages were recently discovered to be compromised, marking a new wave in the ongoing “Shai-Hulud” supply chain attack campaign.Researchers at AI security firm EdisonWatch have uncovered a new vulnerability in the ChatGPT calendar integration, revealing how it can be exploited to execute attacker-controlled commands.The most mature and globally distributed FileFix campaign observed to date is now active in the wild, according to researchers at Acronis.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

LimaCharlie CEO, Max Lamothe-Brassard welcome Cliff Janzen, CISO and VP of Security Services at Arctiq, for a special "Security Potpourri" session!What's on the menu?SOC operations and optimizationSecurity automation strategiesPenetration testing insightsAll through Cliff's expert lens and real-world experience. Join us for an insightful discussion on the current security landscape!Cliff is an experienced Vice President of Security with a demonstrated history of working in the computer and network security industry. Skilled in Security Architecture, Governance, Incident Management, Ethical Hacking, and Intrusion Detection. Currently working as CISO and VP of Security Services at Arctiq.

On this episode of the Cybersecurity Defenders Podcast we speak with Robert Boles, Founder / CEO of BLOKWORX.A veteran of the U.S. Marine Corps, Rob founded BLOKWORX in 2006 to further his passion for creating fast, secure networks. Since 1999 Rob was a core technical contributor and presenter on an Advanced IP Team, delivering bleeding edge WAN and Managed Security services to Small, Mid-level and Fortune 500 businesses around the world. The experience led him back to the same conclusion, regardless of size and resources, every company struggled with the same uncertainty – multiple vendors with infinite solutions, and no real clarity how to make it all “work.” Rob focused BLOKWORX on security, reliability, and positive user experience. He has built a team that leverages their expertise with extensive research and testing, alignment with vendors, partners, and clients, and the experience of 1000’s of nodes managed and monitored, all supported by a mature delivery model built on years of operational experience. Rob is an avid outdoorsman and his favorite place to be is in a raft or a kayak with his son Jack.Learn more at blokworx.com.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A high-profile phishing incident has resulted in the compromise of several widely-used JavaScript packages on npm, after a developer known as "Qix" inadvertently clicked a malicious link from a fake support email.Multiple undersea cable cuts in the Red Sea have led to degraded internet connectivity across the Middle East and South Asia, affecting key infrastructure and cloud services.North Korean-aligned threat actors operating under the Contagious Interview campaign have been systematically abusing cyber threat intelligence (CTI) platforms to monitor exposure of their own infrastructure and scout for new assets.Researchers from Ontinue have detailed a sophisticated phishing campaign leveraging the Salty2FA phishing kit - a framework that reflects how cybercriminal tooling is increasingly mimicking enterprise-grade software in terms of design, capability, and operational maturity.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Matt Bromiley breaks down how AI is transforming (and should be transforming) SOC workflows. Whether you're already using AI tools or wondering where to start, this is the conversation you don't want to miss. Matt is a security engineer at Prophet Security, refining Prophet AI to enhance automated alert triage, investigation, and response. His work ensures that customers can cut through the noise and focus on real threats - without getting bogged down by manual analysis. Learn more at prophetsecurity.aiMatt is a cybersecurity leader and educator with over 14 years of experience leading incident response efforts and advancing detection and response capabilities across enterprise environments. His career has spanned hands-on operations, high-pressure breach response, and the strategic development of scalable cybersecurity programs.Matt also serves as an instructor with the SANS institute, delivering advanced training in incident management and host- and network-based incident response. On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The Salt Typhoon cyber campaign, attributed to Chinese state-backed hackers, has been declared a national defense crisis by the FBI and allied intelligence agencies.A group identifying itself as “Scattered LapSus Hunters” has posted a threat on Telegram demanding that Google terminate two of its employees.A newly discovered WhatsApp vulnerability, now tracked as CVE-2025-55177, has triggered urgent security advisories, particularly for iPhone users.More than 1,000 developers were compromised in just over four hours on August 26 during an unprecedented, AI-assisted software supply chain attack targeting the npm ecosystem.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel’s io_uring interface to operate undetected by standard endpoint detection and response (EDR) systems.A cyberattack on the Netherlands’ Openbaar Ministerie (OM), the Public Prosecution Service, has unexpectedly disrupted speed enforcement across the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.