The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A new Bandook variant has been distributed via a PDF since this past October.Akami researchers have uncovered a new crypto-mining campaign that has been active since the start of 2023. The Centres for Medicare and Medicaid Services will reportedly set out the proposed requirements that include two-factor authentication and maintaining a vulnerability-fixing program.Two vulnerabilities were uncovered that impact the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites.

On this episode of The Cybersecurity Defenders Podcast we speak with Adnan Khan, Lead Security Engineer at Praetorian, about a supply chain attack that was successful in poisoning Gihub’s runner images.Adnan is an Offensive Security Engineer and Security Researcher with a strong development background and passion for CI/CD and supply chain security. Adnan’s research can be found here.The Github Attack TOolkit can be found here.And Adnan can be found on LinkedIn here.

On today's episode of The Cybersecurity Defenders Podcast, we chat with Gerald Auger, Chief Content Creator at Simply Cyber.Dr. Gerald Auger is deeply passionate about information security, holding a steadfast belief that there exists a bespoke information security program for every organization. This tailored approach, he contends, not only mitigates cybersecurity risks but also amplifies overall value, aligning harmoniously with the business mission. Through Coastal Information Security Group, Dr. Auger extends his consulting and advisory cybersecurity services to both large and small organizations. With a focus on guiding the implementation of robust information security programs, he strives to meet the unique needs of each client.Gerald Auger's, 'Build an Elastic SIEM lab' videoEric Capuano's, 'So you want to be a SOC Analyst?' Part 1 & Part 2You can find Gerald on the various social media platforms as linked below.YouTubeTwitterLinkedIn

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.An international group of law enforcement agencies has seized the dark web leak site of the notorious ransomware gang known as ALPHV, or BlackCat.IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections with a possible connection to DanaBot.Kaspersky published some new research in which they have identified a vulnerability in Apple System on a chip - or SOC - that has played a critical role in the attacks they saw in Operation Triangulation.NPM package “everything” downloads millions of packages and prevents all authors on npmjs.com from removing their packages.Russian hackers were inside the Ukrainian telecom giant Kyivstar's system from at least May last year and recently caused a destructive outage.And the Hacker History episodes, When the Lights Went Out in Ukraine Part 1 & Part 2.

On this episode of The Cybersecurity Defenders Podcast, we have a conversation with James McMurry, Founder and CEO of ThreatHunter.ai.James is a cybersecurity veteran (and a veteran) with a career that spans over 30 years. He's the problem-solver who sees complexity as a puzzle to unravel.His approach goes beyond buzzwords; James transforms innovation into reality by blending AI, machine learning, and a team of human threat hunters into an effective cybersecurity strategy. Beyond the office, James is a discerning whisk(e)y enthusiast, showcasing a refined taste that matches his coding finesse. He is also a philanthropist and the Founder of VETCON.James can be found on Twitter here.And on Instagram here.

On this episode of The Cybersecurity Defenders Podcast, we have a conversation with JP Bourget, Founder and President of Blue Cycle, who shares some hard-won lessons from his entrepreneurial journey.JP Bourget specializes in empowering Blue Teams and Security Operations Centers (SOCs) by implementing cutting-edge methodologies to enhance Cyber Maturity. His expertise spans automation, data engineering, API integration, and advocating security-as-code principles. Additionally, he holds the role of Entrepreneur in Residence (EIR) at Lytical Ventures.Previously, JP was the Founder and Chief Security Officer (CSO) of Syncurity, a company acquired by Swimlane and an early pioneer in the Security Orchestration, Automation, and Response (SOAR) landscape. Syncurity's flagship product, IR-Flow, revolutionized alert triage, allowing organizations to optimize their security efforts efficiently.Before co-founding Syncurity, JP honed his skills as the Network Security Manager at Arnold Magnetic Technologies, a prominent global manufacturing enterprise valued at $250 million.JP can be found on LinkedIn here.

Welcome to the Cybersecurity Defenders Podcast. My name is Christopher Luft, one of the founders of LimaCharlie and I am your host.This podcast is set up as a series of segments in and around cybersecurity - with a focus on the defensive side.Tune in for weekly intelligence reports and discussions, as well as deep-dives into major incidents like the MGM ransomware attack or the recent Okta breach with expert guests who can break down the events.I also get the privilege of interviewing many information security experts to share their unique stories. Hear from security analysts, detection engineers, CISOs, and other high-profile public figures. And my personal favourite, is a special segment called Hacker History where we narrate the true stories of infamous cybersecurity incidents with the help from those that were directly involved.The show is a constant work in progress and we would love for you to join us. We are always happy to hear from our listeners and encourage you to engage with us so that we can make this show the best it can be. So subscribe and follow along as we learn and grow together in this ever-evolving realm of cybersecurity.

A special episode of The Cybersecurity Defenders Podcast, where we look back at our conversations throughout 2023, and bring together all of the predictions for the future of cybersecurity.It is a fun episode, and we hope you enjoy listening to it. And a Happy New Year to all our listeners! Wishing you security and success in 2024.

In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Sonar Source are reporting on a few vulnerabilities they have found in pfSense.eSentire’s Threat Response Unit launched a multi-pronged offensive against the Gootloader Initial Access-as-a-Service Operation. ESET researchers documented a series of new OilRig downloaders, all relying on legitimate cloud service providers for command and control communications.The Black Lotus Labs team at Lumen Technologies is tracking a small or home office router botnet that forms a covert data transfer network for advanced threat actors. You can make a donation in support of ending domestic violence through Cybersecurity Cares.