The Cybersecurity Defenders Podcast

On this episode of The Cybersecurity Defenders Podcast, we unpack the hacker mindset with Ken Westin, Senior Solutions Engineer at LimaCharlie.Ken is a seasoned thought leader in cybersecurity who has spent years analyzing and understanding the intricacies of cyber threats and the methods behind them. Ken has a unique ability to identify emerging trends in the industry and for figuring out how businesses can protect themselves before they fall victim to attacks. Previous to his current role, Ken was the Field CISO at Panther, where he developed workshops and delivered them around the world. His career also includes significant contributions at Cybereason, Elastic, and Splunk, where he drove security growth, developed innovative tools, and shaped industry conversations on cybersecurity. Ken has been a key spokesperson in the industry, frequently quoted in the media and featured at major conferences like Black Hat and DEF CON.Ken recently joined the team at LimaCharlie as a Senior Solutions Engineer, with the intent to use his deep expertise to help organizations build robust security strategies.Ken's reading list:“Daemon” - Daniel Suarez“Cryptonomicon” - Neal Stephenson“The Myth of Normal” - Gabor Maté“Threats: What Every Engineer Should Learn From Star Wars” - Adam Shostack“The Mitrokhin Archive” Christopher Andrew & Vasili Mitrokhin“The Road” - Cormac McCarthyThe song at the end of the podcast:Decrypted Savant - Mercator Misconceptions

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework.The Black Lotus Labs team at Lumen Technologies have uncovered a group of hackers linked to the Chinese government which have exploited a previously unknown software vulnerability to target U.S. internet service providers.Earlier in August, a North Korean hacking group exploited a previously unknown bug in Chrome-based browsers, aiming to steal cryptocurrency, which was reported by Microsoft in a recent update.The Dutch Data Protection Authority, or Dutch DPA, has hit Clearview AI with a €30.5 million fine—about $33.7 million—for illegally collecting data using facial recognition, including photos of Dutch citizens.Energy giant Halliburton has confirmed that its systems were hacked, and intruders were able to steal information following a cyberattack last week.

On this episode of The Cybersecurity Defenders Podcast, we speak with George Gerchow, Head of Trust at MongoDB, about the current narrative surrounding AI in cybersecurity. George challenges the dominant focus on AI as a threat and instead highlights its potential as a powerful ally in defending against sophisticated cyberattacks. We explore how AI-driven defense strategies are reshaping the landscape of proactive threat detection and automated response mechanisms, offering a fresh perspective on balancing security innovation with risk management.George is an experienced executive who has played a key role in guiding highly regulated organizations as they establish and develop agile security, privacy, and compliance programs in fast-paced environments. George’s strong focus on relationships and customer engagement shines through in every interaction, both within his teams and with external clients. He is adept at implementing risk-based security programs that align with overall business objectives, effectively balancing risk reduction with cost management. During his six years at Sumo Logic, George was integral to the team's success in taking the company public and achieving FedRAMP Authorization. Currently, he serves as the Head of Trust at MongoDB, where he continues to drive excellence in security and compliance.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Starting in October, all Microsoft Azure customers will be required to have multi-factor authentication (MFA) enabled on their accounts.Documents from a lawsuit revealed that over 2.9 billion records are vulnerable after a massive hack of the Florida-based National Public Data network.Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote Code Execution - or RCE - vulnerability within the Windows TCP/IP stack. Ransomware victims have paid $459,800,000 to cybercriminals in the first half of 2024, setting the stage for a new record this year if ransom payments continue at this level.

On this episode of The Cybersecurity Defenders Podcast we speak with Jacob Salassi, Co-Founder at stealth startup, about product security.Jacob brings over 10 years of experience in software engineering and cybersecurity to the table. Until four months ago, Jacob was a Security Architect at Snowflake, where he ensured every developer was wildly successful in owning security. Since then, he’s been diving into something new and exciting, working on a stealth startup. Before Snowflake, Jacob was busy bootstrapping application security programs in healthcare and engineering secure distributed systems for a hybrid-cloud security platform. He’s passionate about creating a development security experience that not only measurably reduces risk but also earns the love of engineers. In his own words, Jacob solves problems.Books mentioned in the podcast:Engineering Trustworthy Systems: Get Cybersecurity Design Right the First TimeSecurity Engineering: A Guide to Building Dependable Distributed SystemsMeasuring and Managing Information Risk: A FAIR Approach

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A heated dispute at DEF CON over the custom electronic badges this year turned physical, leading to an altercation between two attendees.The U.S. Department of Justice has charged Matthew Isaac Knoot, a 38-year-old Nashville resident, with multiple crimes for aiding North Korean IT workers in securing jobs with U.S. and U.K. companies.The FBI has dismantled the infrastructure of the Dispossessor ransomware group, also known as Radar, which had rapidly gained prominence since its inception in August 2023.A critical flaw in Proofpoint’s email filtering service was recently discovered, allowing cybercriminals to impersonate major brands and send phishing emails that bypassed Proofpoint’s security.A newly discovered security flaw affects AMD processors dating back to 2006. The vulnerability, which impacts CPUs from the Athlon 64 to the Ryzen 7000 series, allows attackers to exploit speculative execution to access sensitive data.

On this episode of The Cybersecurity Defenders Podcast we talk about cybersecurity product development with Vijay Pitchuman, Director of Product for Identity Management at Okta.

In this engaging discussion, the guests include the notorious GhostEmperor, a Chinese hacker group known for their advanced malware and evasion tactics, and experts from Jiangsu Bangning Science & Technology Co., the .top domain managers facing scrutiny over phishing issues. Topics cover the group's alarming resurgence, the implications of their sophisticated espionage techniques, and critical challenges in email security due to .top domains. The conversation also highlights Microsoft’s adjustments following security incidents and underscores the urgent need for enhanced cybersecurity measures.

Jamie Williams, a seasoned cybersecurity expert and former Senior Principal Cyber Operations Engineer at MITRE Corporation, dives deep into the world of threat intelligence. He discusses the evolving nature of cybersecurity challenges, stressing the importance of a behavioral mindset for threat detection. Jamie advocates for collaboration between offensive and defensive teams to enhance strategies. He also highlights the innovative use of memes in threat intelligence education, making complex concepts more accessible and engaging for all.

On this episode of The Cybersecurity Defenders Podcast we sit down with Lee Sult, Chief Investigator at Binalyze, and talk about incident response (IR).Lee is a seasoned cybersecurity expert and investigator with extensive experience in digital forensics and incident response. He is the Chief Investigator at Binalyze and has a strong track record at prestigious organizations like Trustwave-SpiderLabs and Palantir. Lee has supported the US Secret Service and managed complex cybersecurity incidents for Fortune 50 companies.As the co-founder and former CTO of Horangi Cyber Security, Singapore's first cybersecurity startup, Lee's leadership and collaboration skills have significantly impacted the region's cybersecurity landscape. Passionate about mentoring, Lee actively contributes to cybersecurity communities and supports up-and-coming entrepreneurs.