The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CrowdStrike is tracking a mass exploitation campaign leveraging a previously unknown vulnerability in Oracle E-business suite or EBS. A threat group, tracked as Storm-2603, has been observed using the open source Velociraptor DFIR tool as part of it’s post-exploitation toolkit in recent ransomware attacks.North Korean IT workers, operating under state direction, continue to infiltrate international tech companies using false identities and anonymizing infrastructure to secure jobs and route payments in cryptocurrency. Researchers from Anthropic, the UK AI Security Institute, and Alan Turing Institute have released the largest study to date on poisoning attacks during pre-training on large language models or LLMs.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Zane demonstrates deploying honeyfiles via Velociraptor and discuss deception techniques for early detection of compromise. Learn how decoy files can serve as tripwires for infostealers and adversaries in your environment. Watch on YouTube for better visuals.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in Redis, dubbed RediShell and tracked as CVE-2025-49844, affects all Redis versions and carries a maximum CVSS score of 10.0.Cisco has disclosed a critical zero-day vulnerability—CVE-2025-20352—affecting its widely deployed IOS and IOS XE software, confirming active exploitation in the wild.Researchers at NCC Group have found that voice cloning technology has reached a level where just five minutes of recorded audio is enough to generate convincing voice clones in real time.A China-linked cyber-espionage group, tracked as UNC5221, has been systematically targeting network infrastructure appliances that lack standard endpoint detection and response (EDR) support.Dutch authorities have arrested two 17-year-old boys suspected of being recruited by pro-Russian hackers to carry out surveillance activities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Matthew Chiodi, Chief Strategy Officer at Cerby and a seasoned cybersecurity expert, dives into the implications of autonomous AI on identity security. He distinguishes between generative and agentic AI, sharing insights into the challenges of managing disconnected applications and manual workflows. Matthew explains how Cerby's innovative tools automate password management and enhance security for non-federated apps, while also emphasizing the necessity for human oversight in agentic systems. He also sheds light on the hurdles organizations face regarding SCIM adoption and managing enterprise social accounts.

On this episode of The Cybersecurity Defenders Podcast we speak with Sarah Powazek about the Roadmap to Community Cyber Defense. Diving into the report, Sarah emphasizes the need for low-resource organizations and cyber experts to come together in a co-responsibility model for cyber defense. Learn more about the UC Berkeley Center for Long-Term Cybersecurity (CLTC).Get help or join the Cyber Resilience Corps here.Read the roadmap.Sarah leads flagship research on defending low-resource organizations like nonprofits, municipalities, and schools from cyber attacks. She serves as Co-Chair of the Cyber Resilience Corps and is also Senior Advisor for the Consortium of Cybersecurity Clinics, advocating for the expansion of clinical cyber education around the world. Sarah hosts the Cyber Civil Defense Summit, an annual mission-based gathering of cyber defenders to protect the nation’s most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Josh Liburdi, Principal Engineer of Security Operations at DoorDash, joins Maxime Lamothe-Brassard, LimaCharlie CEO / Founder, to talk about building the Strelka file scanning system.As a security engineer who works in security operations (prevention, detection, and response), Josh has more than a decade of industry experience and has worked at several diverse organizations, including Brex, Target, and CrowdStrike.He also presents at information security conferences (BSides NYC & SF, SANS, fwd:cloudsec), is a published author (Bluenomicon from Splunk, Huntpedia from Sqrrl), and is active in the open source security community with contributions to many projects, including Substation at Brex (creator), Strelka at Target (creator), and the Zeek network analysis framework.Join Defender Fridays, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals. Become part of the LimaCharlie Community. Learn more about LimaCharlie at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

David Burkett, a skilled Cloud Detection Engineer and Security Architect at Corelight, shares his extensive knowledge on hunting state-sponsored cyber threats, particularly focusing on recent CISA advisories regarding Chinese state actors. He discusses innovative techniques like using Zeek for detecting edge device exploitation, SSH fingerprinting, and tracking unusual traffic patterns. David also highlights the importance of correlating network telemetry with endpoint data to boost detection effectiveness and emphasizes the need for continuous learning and collaboration in the cybersecurity community.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.ESET Research has uncovered what it believes to be the first documented case of AI-powered ransomware, dubbed PromptLock.Multiple CrowdStrike-branded npm packages were recently discovered to be compromised, marking a new wave in the ongoing “Shai-Hulud” supply chain attack campaign.Researchers at AI security firm EdisonWatch have uncovered a new vulnerability in the ChatGPT calendar integration, revealing how it can be exploited to execute attacker-controlled commands.The most mature and globally distributed FileFix campaign observed to date is now active in the wild, according to researchers at Acronis.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

LimaCharlie CEO, Max Lamothe-Brassard welcome Cliff Janzen, CISO and VP of Security Services at Arctiq, for a special "Security Potpourri" session!What's on the menu?SOC operations and optimizationSecurity automation strategiesPenetration testing insightsAll through Cliff's expert lens and real-world experience. Join us for an insightful discussion on the current security landscape!Cliff is an experienced Vice President of Security with a demonstrated history of working in the computer and network security industry. Skilled in Security Architecture, Governance, Incident Management, Ethical Hacking, and Intrusion Detection. Currently working as CISO and VP of Security Services at Arctiq.