The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we speak with Sean Higgins, consultant, educator, and co-founder of the Herjavec Group.Sean Higgins is a coach, speaker, author, and consultant with a specialization in cybersecurity program evaluation. With over 35 years of experience in information technology, he has dedicated nearly three decades to the field of cybersecurity. From 2003 to 2022, Sean served as the CTO and Co-founder of Herjavec Group. In his Canadian Best Selling book, "Driven," Robert Herjavec described Sean as "the smartest guy I ever met," a recognition that deeply touched him.Today, organizations seek out Sean's expertise when they require guidance on resolving technical issues, evaluating technological solutions, or need assistance in shaping the direction of their company's security program. One of his notable strengths lies in helping Chief Information Security Officers (CISO) and senior management confidently evaluate and refine their security programs.Sean is astounded by the rapid evolution of technology over the years. His career commenced in 1986 when he was writing programs to count light bulbs at General Electric. A few years later, he was instrumental in establishing the first computer network for the North York Public Library in Ontario, an endeavor that predates the widespread internet we know today. During those early days of the ARPANET, Sean used it to send emails to friends still at Purdue University. He also holds the distinction of being the first expert witness in a Canadian court regarding a cybersecurity incident.Passionate about mentoring millennials in the tech industry to find balance between their professional and personal lives, Sean collaborates with various universities, including the University of York's Career Mentorship Program. Additionally, he is a member of the Case Alumni Association Scholarship Committee, where he has the honor of awarding millions of dollars in scholarships to junior and senior STEM students.Sean's coaching approach combines elements of traditional life coaching, entrepreneurial business experience, and his ability to read energy. He has received training from the Quantum Success Coaching Academy, Enwaken Coaching, and Enwaken Apprentice programs.Notably, Sean has self-published his first book on Amazon titled "Living Your Purposeful Life" and is currently working on his second book, "Balancing: How tech managers can avoid burnout, balance priorities, and come back to life," slated for release in January 2023.Residing on picturesque Vancouver Island, Sean enjoys exploring the island's beauty with his faithful Golden Retriever, Rosie. He is an avid mountain biker and has recently discovered a passion for pickleball. His love for college athletics, particularly college basketball, is evident, and he especially cherishes watching his alma mater, Purdue University, during March Madness. So, reaching him during that time might prove a challenge, as he's likely to be glued to the games.

On this episode of the Cybersecurity Defenders Podcast, a hosted panel discussion with industry leaders to explore what advantages the SecOps Cloud Platform confers for Managed Security Service Providers.The panel is moderated by LimaCharlie Co-founder, Christopher Luft. The panel participants are:Co-founder at Soteria, Paul IhmeCo-founder/CTO at Horangi Security, Lee SultWhat is the SecOps Cloud Platform?The SecOps Cloud Platform is a construct for delivering the core components needed to secure and monitor any given organization: things like, deploying endpoint capabilities through a single agent regardless of the technology, alerting and correlating from logs regardless of the source, automating analysis and response regardless of the environment.The SecOps Cloud Platform is:An environment where many solutions can exist, not as a collection of random tools, but as a series of cybersecurity solutions designed to interoperate in an un-opinionated way, from the ground up; where powerful systems can be put in place at incredible speeds.An environment fundamentally open through APIs, documentation, integrability, affordability; making it a neutral space for all cybersecurity professionals, whether they’re in enterprise, services or vendors to build appropriate solutions.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Intel471 are reporting on a campaign utilizing Bumblebee, a type of a loader that has increasingly been used by threat actors affiliated with ransomware.ESentire are reporting on several attacks conducted by the Russia-linked LockBit Gang.Permiso reporting on LUC-3 who overlaps with Scattered Spider.Cisco Talos has discovered a new malware family they have dubbed HTTPSnoop being deployed against telecommunication providers in the Middle East.  WeLiveSecurity have stumbled upon a previously unknown backdoor being deployed in the Middle East that they have named DeadGlyph. Unit42 have started investigating a series of espionage attacks targeting a government in Southeast Asia.LimaCharlie's Office Hours, where we break down some TTPs in-depth, take place every Friday at 9.00 AM PT / 12.00 PM ET. You can find more information here: limacharlie.io/office-hoursThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

On the special episode of The Cybersecurity Defenders Podcast we take a close look at the MGM cyberattack that took place in September 2023. On September 11 numerous MGM Resorts International properties in Las Vegas and throughout the United States were attacked by ransomware which shut down many aspects of its IT. Checking in and out, reservations, digital room keys, tickets, credit card systems, some slot machines, and even elevators at several MGM casino hotels became inoperative, forcing their staffs to use manual methods to serve their clientele, i.e. analog pen and paper. MGM filed a Form 8-K report with the SEC the next day. The relatively recent criminal hacking group Scattered Spider is believed to have used social engineering to bypass multi-factor authentication. The published statement by Scattered Spider can be found here. A list of APT groups/names can be found here.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

On this episode of The Cybersecurity Defenders Podcast, we speak with Chad Loeven, VP Business Development at OPSWAT. Chad Loeven is an experienced cybersecurity professional who leads OPSWAT's OEM technology licensing business and technology partners. OPSWAT technology helps secure over 150M endpoints by working with many of the world's largest technology vendors. They provide threat intelligence, malware analysis, vulnerability assessment, patch management, device compliance, and more.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Securonix Threat Labs are reporting that threat actors working as part of the DB#JAMMER attack campaigns are compromising exposed MSSQL databases using brute force attacks. AhnLab’s Security Emergency Response Center are reporting on threat actors using phishing emails to distribute some fileless malware.The researchers over at Group-IB have uncovered a covert business email compromise phishing campaign targeting Microsoft 365.NSFOCUS Security Labs captured a new APT34 phishing attack against enterprise targets that released a variant of the SideTwist Trojan to achieve long-term control of the victim host.Threat Analysis Group publicly disclosed a campaign from government-backed actors in North Korea who used 0-day exploits to target security researchers working on vulnerability research and development. The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

On this episode of The Cybersecurity Defenders Podcast, we speak with Matthew Fulmer, Director of Cyber Threat Intelligence at BLOKWORX.With over 9 years of experience in the cyber security field, Matthew is a passionate and driven leader who strives to protect organizations from evolving and emerging threats. He has a strong background in threat intelligence, malware analysis, offensive security, and customer success, and he holds a Six Sigma Green Belt certification. As the Director of Cyber Threat Intelligence at BLOKWORX, Matthew integrates with internal teams to provide them with the latest knowledge and insights on the threat landscape and the best practices to prevent and deflect attacks.In his previous role as the Manager of Cyber Intelligence Engineering at Deep Instinct, Matthew managed a growing team of cyber intelligence engineers who operated within the customer success organization. He was responsible for creating a new service offering, developing the professional skills of his team, analyzing threat vectors in various environments, communicating proactively with customers, creating technical articles and content, and assisting with security education. He also contributed to the malware analysis, the pre-load product, and the administrator certification course. Some of the skills that Matthew applied and enhanced in this role include network administration, information security, and technical support.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

A hosted panel discussion with industry leaders to explore what advantages the SecOps Cloud Platform confers for ecosystem builders.The panel is moderated by LimaCharlie's Head of Product, Matt Bromiley. The panel participants are:Senior Security Researcher at Thinkst, Casey SmithSecurity Evangelist at RunZero, Huxley BarbeeHead of Tines Labs, John TucknerWhat is the SecOps Cloud Platform?The SecOps Cloud Platform is a construct for delivering the core components needed to secure and monitor any given organization: things like, deploying endpoint capabilities through a single agent regardless of the technology, alerting and correlating from logs regardless of the source, automating analysis and response regardless of the environment.The SecOps Cloud Platform is:An environment where many solutions can exist, not as a collection of random tools, but as a series of cybersecurity solutions designed to interoperate in an un-opinionated way, from the ground up; where powerful systems can be put in place at incredible speeds.An environment fundamentally open through APIs, documentation, integrability, affordability; making it a neutral space for all cybersecurity professionals, whether they’re in enterprise, services or vendors to build appropriate solutions.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

On this episode of The Cybersecurity Defenders Podcast, we chat with Ross Haleliuk, Co-Lead of the Venture in Security Angel Syndicate, and Head of Product at LimaCharlie.Ross is a head of product at LimaCharlie - a startup that enables organisations to detect & respond to threats, automate processes, and future-proof their security operations. His areas of expertise include go-to-market and product strategy, B2B product-led growth, strategic positioning, product-market fit expansion, and growth. Outside of work, Ross is a startup advisor, angel investor, frequent contributor to TechCrunch, Forbes, and VentureBeat, and author of VentureinSecurity.netThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Cisco Talos reporting on both QuiteRAT and CollectionRAT from the Lazarus Group.JPCERT/CC has confirmed a new technique used in an attack that bypasses detection by embedding a malicious Word file into a PDF file. Telekom Security was recently made aware via trust groups about a new malware campaign involving DarkGate .The FBI and the Justice Department announced a multinational operation to disrupt and dismantle the malware and botnet known as Qakbot. The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.