The Cybersecurity Defenders Podcast

On this episode of The Cybersecurity Defenders Podcast, we have a detailed conversation with James Potter, founder of DSE, about Active Directory.James boasts over two decades of expertise in Active Directory security, serving as a trusted consultant for major companies. His focus is on fortifying security measures and devising strategies to strengthen critical systems. He's collaborated with diverse teams, identifying vulnerabilities and implementing robust security measures while balancing cost, usability, and security for each client's specific needs.Beyond consultancy, James proudly leads a team at DSE, providing cutting-edge security solutions to global corporations. Actively engaging in the security community, he shares insights through conferences, publications, and forums, emphasizing continuous learning and innovation to counter evolving threats.His passion lies in aiding organizations to navigate the dynamic threat landscape, ensuring resilient security frameworks and efficient business objectives. Whether crafting secure Active Directory environments, conducting assessments, or delivering tailored training, James's dedication ensures exceptional results surpassing client expectations.James can be found on LinkedIn here: James Potter

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Unidentified governments are surveilling smartphone users via their apps' push notifications, as reported by a US senator on December 6th.Cyber.wtf reporting on an interesting piece of malware that turned out to be a RAT written in C#.Israel’s critical infrastructure is under threat from an Iranian proxy hacking group operating out of Lebanon.Hacker News is reporting on a critical Bluetooth security flaw that could be exploited by threat actors to take control of Android, Linux, MacOS and iOS devices.A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS.The Cybersecurity Cares Holiday Telethon is taking place on December 15th. More information can be found at cybersecurity-cares.com

Atomic Stealer, popular information stealer for MacOS, discussed along with the importance of educating Mac users about the threat. Okta's disclosure of threat actor activity related to the breach of its support case management system questioned. Targeting of managed file transfer applications by threat actors highlighted, emphasizing the importance of careful integration and securing access. Evolution of threat actors explored, discussing the use of Danabot to deploy Cactus ransomware and the importance of threat intelligence in tracking evolving threats.

On this episode of The Cybersecurity Defenders Podcast, we speak with Jack Rhysider, the creator of Darknet Diaries.Darknet Diaries is a captivating podcast that delves into the intriguing and often clandestine world of cybersecurity and hacking. Hosted by Jack Rhysider, each episode features gripping narratives that explore real-life cybercrime incidents, hacking escapades, security breaches, and the individuals involved. Rhysider skillfully combines storytelling with in-depth interviews, providing a unique and engaging perspective on the complex landscape of cybersecurity. The podcast not only highlights the darker aspects of the internet but also sheds light on the efforts of cybersecurity professionals, their challenges, and the measures taken to defend against cyber threats. With its compelling storytelling and insightful discussions, Darknet Diaries offers a fascinating glimpse into the ever-evolving world of digital security.Learn more about the show, purchase swag, and listen to episodes at https://darknetdiaries.com/You can find Jack Rhysider on Twitter/X here: @JackRhysider

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.NSFOCUS Research Labs about how the DarkCasino APT group has leveraged a recently disclosed WinRAR zero-day vulnerability.G DATA CyberDefense is reporting on a threat actor using the ZPAQ archive and .wav file extension to infect systems with Agent Tesla.A technical analysis of DarkGate Malware-as-a-Service which is widely available on various cybercrime forums by the RastaFarEye persona.The Micrososft Threat Intelligence team has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet involving a malicious variant of an application developed by CyberLink Corp.The Chinese hacker group “Chimera” broke into NXP - a Dutch chip maker - at the end of 2017 and had access to the manufacturer’s systems until the spring of 2020.To learn more about the community initiative to help end domestic violence please visit cybersecurity-cares.com

On this episode of The Cybersecurity Defenders Podcast we take a look into the cybercriminal underworld with Jon DiMaggio, Chief Security Strategist at Analyst1.Jon DiMaggio is the chief security strategist at Analyst1 and has over 15 years of experience hunting, researching, and writing about advanced cyber threats. As a specialist in enterprise ransomware attacks and nation-state intrusions, such as”Ransom Mafia:Analysis of the World’s first Ransomware Cartel”,“Nation State Ransomware” and a “History of REvil”. He has exposed the criminal cartels behind major ransomware attacks, aided law enforcement agencies in federal indictments of nation-state attacks, and discussed his work with The New York Times, Bloomberg, Fox, CNN, Reuters, and Wired. You can find Jon speaking about his research at conferences such as RSA. Additionally, in 2022, Jon authored the book “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” published by No Starch Press.You can buy “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” here.The Ransomware Diaries: Volume1 & Volume2Jon DiMaggio on LinkedInJon DiMaggio on Twitter

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A look at a versatile piece of malware that gets categorised as proxy malware, a bot, a backdoor, and even as a RAT, known as SystemBC.The AhnLab Security Emergency response Center’s analysis team has published an article outlining their recent discovery that the Ddostf DDoS bot is being installed on vulnerable MySQL servers.The notorious ALPHV ransomware group has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack.A new Anti-Sandbox technique LummaC2 v4.0 stealer is using to avoid detonation if no human mouse activity is detected, along with some other techniques being employed such as Control Flow Flattening.And you can sign up to participate in the Defender Fridays series here. Join us as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

On this episode of The Cybersecurity Defenders Podcast, we talk with Chris Cochran, VP & Head of Marketing at AKA Identity, about brand and marketing for cybersecurity startups.Chris Cochran is an entrepreneur who combines a wealth of experience in technology and innate creativity that has proven to be invaluable to both brands and individuals who work with him. As the Co-Founder and CEO of Hacker Valley Media, Chris has a unique perspective on how to craft compelling narratives that engage, inform, and entertain technical audiences. His experience in technology allows him to bring a rare depth of knowledge to any creative project, and his ability to communicate complex ideas equally clearly and entertainingly makes for a powerful combination for reaching everyone, from students to entrepreneurs.As a US Marine veteran and former cybersecurity professional, Chris has been an intelligence analyst, incident responder, SOC analyst, threat intelligence leader, and security operations leader. On the creative side, Chris has been an award-winning podcaster, TV series showrunner, short film director, keynote speaker, event host, and writer. He is passionate about inspiring and empowering people to live out their personal and professional legend. With his unique combination of industry knowledge and creative skills, Chris can connect with audiences in an authentic and relatable way, inspiring trust and loyalty, which are crucial elements to building a successful brand, whether personal or corporate. He has created many award-winning shows, including Hacker Valley Studio and Technically Divided, alongside his co-founder Ron Eddings; he is a highly sought-after keynote speaker in technology and helps technology brands stand out from the rest through impactful storytelling.If you have a story to tell, an experience to create, or a community to reach, Chris can help.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Arstechnica is reporting that identity and authentication management provider Okta has been hit by another breach.Deep Instinct’s Threat Research team has identified a new campaign from the “MuddyWater” group. Google is warning of multiple threat actors sharing a public proof-of-concept exploit that leverages its Calendar service to host command-and-control infrastructure.BlackBerry Research and Intelligence Team has found a wiper variant that targets Windows systems being deployed by hacktivists in support of Hamas.

On this episode of The Cybersecurity Defenders Podcast, we talk with David Burkett, founder of Signalblur, about reimagining the cyber kill chain from a defenders perspective.David is a dedicated and highly experienced Cloud Detection Engineer and Security Architect, with a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers. His expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. David is proud to have been part of a security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. David is constantly seeking opportunities to grow and learn and is eager to connect with like-minded professionals in the cybersecurity domain.