The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A look at a versatile piece of malware that gets categorised as proxy malware, a bot, a backdoor, and even as a RAT, known as SystemBC.The AhnLab Security Emergency response Center’s analysis team has published an article outlining their recent discovery that the Ddostf DDoS bot is being installed on vulnerable MySQL servers.The notorious ALPHV ransomware group has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack.A new Anti-Sandbox technique LummaC2 v4.0 stealer is using to avoid detonation if no human mouse activity is detected, along with some other techniques being employed such as Control Flow Flattening.And you can sign up to participate in the Defender Fridays series here. Join us as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

On this episode of The Cybersecurity Defenders Podcast, we talk with Chris Cochran, VP & Head of Marketing at AKA Identity, about brand and marketing for cybersecurity startups.Chris Cochran is an entrepreneur who combines a wealth of experience in technology and innate creativity that has proven to be invaluable to both brands and individuals who work with him. As the Co-Founder and CEO of Hacker Valley Media, Chris has a unique perspective on how to craft compelling narratives that engage, inform, and entertain technical audiences. His experience in technology allows him to bring a rare depth of knowledge to any creative project, and his ability to communicate complex ideas equally clearly and entertainingly makes for a powerful combination for reaching everyone, from students to entrepreneurs.As a US Marine veteran and former cybersecurity professional, Chris has been an intelligence analyst, incident responder, SOC analyst, threat intelligence leader, and security operations leader. On the creative side, Chris has been an award-winning podcaster, TV series showrunner, short film director, keynote speaker, event host, and writer. He is passionate about inspiring and empowering people to live out their personal and professional legend. With his unique combination of industry knowledge and creative skills, Chris can connect with audiences in an authentic and relatable way, inspiring trust and loyalty, which are crucial elements to building a successful brand, whether personal or corporate. He has created many award-winning shows, including Hacker Valley Studio and Technically Divided, alongside his co-founder Ron Eddings; he is a highly sought-after keynote speaker in technology and helps technology brands stand out from the rest through impactful storytelling.If you have a story to tell, an experience to create, or a community to reach, Chris can help.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Arstechnica is reporting that identity and authentication management provider Okta has been hit by another breach.Deep Instinct’s Threat Research team has identified a new campaign from the “MuddyWater” group. Google is warning of multiple threat actors sharing a public proof-of-concept exploit that leverages its Calendar service to host command-and-control infrastructure.BlackBerry Research and Intelligence Team has found a wiper variant that targets Windows systems being deployed by hacktivists in support of Hamas.

On this episode of The Cybersecurity Defenders Podcast, we talk with David Burkett, founder of Signalblur, about reimagining the cyber kill chain from a defenders perspective.David is a dedicated and highly experienced Cloud Detection Engineer and Security Architect, with a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers. His expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. David is proud to have been part of a security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. David is constantly seeking opportunities to grow and learn and is eager to connect with like-minded professionals in the cybersecurity domain.

The Cybersecurity Defender's host, Christopher Luft, along with special guest Eric Capuano, walk through the available details of the most recent Okta security breach that affected 1Password, BeyondTrust, and CloudFlare.On Friday, October 20th, Okta announced that it suffered an intrusion in its customer support system. The company confirmed that 'certain Okta customers' were affected and stated that it notified 'around 1 percent' of its 18,400 customers that they were impacted.

On this episode of The Cybersecurity Defenders Podcast, we share the second part of 'When the Lights Went Out in Ukraine.'If you haven’t already, I recommend going back now and listening to “When the Lights Went Out in Ukraine, Part 1.”Beginning on January 13th, 2022, a Russian APT installed wiper malware on the IT networks of government, NGO, and IT companies across Ukraine. The malicious program was designed to appear like ransomware, but contained no recovery feature – it simply destroyed any computer it wished. Just one day later, hackers from the intelligence service of Belarus – Russia’s close ally – took down 70 websites belonging to the Ukrainian government. This was tilling – laying down the foundation for an all-out ground attack. Plastered on the 70 downed websites was a message from the attackers: “be afraid,” they wrote, and expect the worst.”This episode was written by the talented Nathaniel Nelson, narrated by Christopher Luft, and produced by the team at LimaCharlie.And a special thank you to Robert Lipovsky for sharing his first-hand knowledge.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Sentinel One talking about emerging trends and evolving techniques for macOS malware in 2023BlackCat operators recently announced new updates to their tooling, including a utility called MunchkinOn October 16, Cisco released an advisory regarding a critical zero-day privilege escalation vulnerability in their IOS XE Web UI software.WithSecure Labs is reporting that Vietnamese cybercrime groups are using multiple different Malware as a Service infostealers and Remote Access Trojans to target the digital marketing sector.The FBI in Phoenix is warning the public of a new scam dubbed “The Phantom Hacker.”Google’s Threat Analysis Group has recently observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831.

Nas Bencherchali, Detection Engineer & Threat Researcher at Nextron Systems, talks about the LOLDrivers project collecting vulnerable and malicious drivers. They also discuss the Sigma community project for creating and sharing threat detection rules, and the future of cybersecurity and the importance of detection.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A joint advisory that was published by the NSA, the FBI and CISA, along with, the Japan National Police Agency and the Japan National Center of Incident Readiness and Strategy for Cybersecurity.ESET researchers have uncovered a Lazarus attack against an aerospace company in Spain.Unit 42 at Palo Alto are reporting that the CL0P ransomware group recently began using torrents to distribute victim data after a rather notorious campaign stealing data from thousands of companies.Checkmarx is reporting on a persistent open-source supply chain attacker targeting the Python ecosystem who has been active and evolving since April 2023.Arstechnica is reporting the discovery of thousands of Androids devices infected with malware right out of the box.Github Security Lab, in coordination with Ilya Lipnitskiy, has disclosed a 0-day memory corruption vulnerability in libcue, noted as CVE-2023-43641. Checkmarx reporting on a targeted campaign that unfolded via Pypi, targeting developers utilizing Alibaba cloud services, AWS, and Telegram.

In this episode of The Cybersecurity Defenders Podcast, we speak with Sean Higgins, consultant, educator, and co-founder of the Herjavec Group.Sean Higgins is a coach, speaker, author, and consultant with a specialization in cybersecurity program evaluation. With over 35 years of experience in information technology, he has dedicated nearly three decades to the field of cybersecurity. From 2003 to 2022, Sean served as the CTO and Co-founder of Herjavec Group. In his Canadian Best Selling book, "Driven," Robert Herjavec described Sean as "the smartest guy I ever met," a recognition that deeply touched him.Today, organizations seek out Sean's expertise when they require guidance on resolving technical issues, evaluating technological solutions, or need assistance in shaping the direction of their company's security program. One of his notable strengths lies in helping Chief Information Security Officers (CISO) and senior management confidently evaluate and refine their security programs.Sean is astounded by the rapid evolution of technology over the years. His career commenced in 1986 when he was writing programs to count light bulbs at General Electric. A few years later, he was instrumental in establishing the first computer network for the North York Public Library in Ontario, an endeavor that predates the widespread internet we know today. During those early days of the ARPANET, Sean used it to send emails to friends still at Purdue University. He also holds the distinction of being the first expert witness in a Canadian court regarding a cybersecurity incident.Passionate about mentoring millennials in the tech industry to find balance between their professional and personal lives, Sean collaborates with various universities, including the University of York's Career Mentorship Program. Additionally, he is a member of the Case Alumni Association Scholarship Committee, where he has the honor of awarding millions of dollars in scholarships to junior and senior STEM students.Sean's coaching approach combines elements of traditional life coaching, entrepreneurial business experience, and his ability to read energy. He has received training from the Quantum Success Coaching Academy, Enwaken Coaching, and Enwaken Apprentice programs.Notably, Sean has self-published his first book on Amazon titled "Living Your Purposeful Life" and is currently working on his second book, "Balancing: How tech managers can avoid burnout, balance priorities, and come back to life," slated for release in January 2023.Residing on picturesque Vancouver Island, Sean enjoys exploring the island's beauty with his faithful Golden Retriever, Rosie. He is an avid mountain biker and has recently discovered a passion for pickleball. His love for college athletics, particularly college basketball, is evident, and he especially cherishes watching his alma mater, Purdue University, during March Madness. So, reaching him during that time might prove a challenge, as he's likely to be glued to the games.