The Cybersecurity Defenders Podcast

In this episode of the Cybersecurity Defenders Podcast, Matt Bromiley opens up the Adversary Toolbox to tell us all about RDP.We also sit down with Michael Laudenslager, VP of Cybersecurity at Churchill Mortgage and talk about security in the cloud.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

Unknown threat actors have been observed hiding malware execution behind a legitimate Windows support binary. S3 buckets are now encrypted by default. A powerful Android malware has been tuned to target banking applications. And it is the end of life for Windows Server 2008.We also sit down with Walter Haydock, Founder and CEO of StackAware. We learn about StackAware and their approach to vulnerability management, and also how Walter got his company off of the ground using low-code tooling. A fascinating conversation for anyone looking to start their own cybersecurity company.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of the Cybersecurity Defenders podcast, we recount some hacker history and tell the story of Shawn Carpenter; a rogue cybersecurity defender who singlehandedly identified a Chinese APT. It is a phenomenal story that exemplifies the grit and moral fortitude that the best defenders among us have. Titan Rain was a series of coordinated attacks on computer systems in the United States since 2003; they were known to have been ongoing for at least three years. The attacks originated in Guangdong, China. The activity is believed to be associated with a state-sponsored advanced persistent threat. It was given the designation Titan Rain by the federal government of the United States.Titan Rain hackers gained access to many United States defense contractor computer networks, which were targeted for their sensitive information, including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.This episode was written by Nathaniel Nelson, narrated by Christopher Luft and produced by the team at LimaCharlie.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

New vulnerability found in WooCommerece Gift Cards Premium Wordpress plugin with CVSS score of 9.8.Fin7 has developed an AI-powered automated attacking tool called Checkmarks. Checkmarks is designed to auto-attack ms exchange systems, perform post exploitation actions, and grab enough data to allow FIN7 to understand their victim.Raspberry Robin has a new feature. This version of Raspberry Robin has two payloads, one designed to be discovered if the malware believes it's being analyzed in a sandbox. This fake payload look legit including looking at the registry on start up to check for infection, pulling down an adware named 'browserassist'. This payload has shellcode and a PE file with the MZ magic bytes removed to hide its not a PE file.Plus an interview with Jason Chan, former VP of Information Security at Netflix  about how he helped build their security program from the ground up.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of the Cybersecurity Defenders Podcast, Matt Bromiley opens up the Adversary Toolbox to tell us all about WinRM + PowerShell Remoting.We also sit down with Zack Allen, Director of Security Detection & Research at Datadog, about managing uncertainty, some of his favorite tools, and building quality detections.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

The Simply Cyber Report for December 14, 2022.Go-based malware named Zerobot in the wild. Android malware dubbed "Zombinder" a Just-in-time Trojan style malware. Iranian based APT, has been pushing hard with remote administration tooling.A roundtable conversation with several Open Source cybersecurity founders. During the conversation we discuss the complexities of open-source as it relates to cybersecurity, the effects it has on the industry, funding models, what inspired these projects, how they came to be, how they are trying to grow, and any lessons - good or bad - they have learned along the way.The panelist include:Zach Wasserman from osqueryLennart Koopmann from Graylog, Inc.Peter Manev from SuricataAnd we acknowledge some heavy audio compression during the roundtable conversation. We will be employing some new recording technology for future group conversations.As always, we would love to hear from you. Questions, feedback and ideas can be directed to defenders@limacharlie.ioThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

As we get ready to say goodbye to 2022 the team at the Cybersecurity Defenders podcast thought it would be nice to review all the predictions for the future made by guests on this show so far.It is a fun episode and will be interesting to circle back on next year at the same time.In the show, we talk about Dr. Joseph Burt-Miller Jr's study hall group on Discord - here is the link for anybody interested in checking it out: https://discord.gg/Z8gaAvnS4mAs always, your feedback is always welcome. If you have any criticisms or ideas for the show, please don't hesitate to reach out to us at defenders@limacharlie.ioThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of the Cybersecurity Defenders Podcast, Dr. Gerald Auger takes us through the last couple of weeks in cybersecurity news via the Simply Cyber Report.We also sit down with Daniel Velasquez, founder of Ground Truth Connections.Daniel has had a very interesting career. He has been a drone pilot inside of a war zone, worked in signals intelligence, been a CIA Targeter and risen through the ranks at Mandiant. Daniel is now the CEO and Founder of Ground Truth Connections who are operating on the ground in Ukraine with a humanitarian mission.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode, we recount the story of Operation Flyhook - an FBI sting operation in 2000 that resulted in the arrest of two Russian hackers on American soil. It is quite the story and leaves us with some pretty heavy conclusions.This episode was written by Nathaniel Nelson, narrated by Christopher Luft, and produced by the team at LimaCharlie.Any questions or feedback can be directed to defenders@limacharlie.ioThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of the Cybersecurity Defenders Podcast, Dr. Gerald Auger takes us through the last couple of weeks in cybersecurity news via the Simply Cyber Report.We also sit down with David Burkett, co-author of Detectors as Code.David is an experienced Information Security Architect with a demonstrated history of working in the security industry in both Government and the Telecommunications / Service Provider Industries. He is skilled in Security Information and Event Management, Security Monitoring, Python, and Digital Forensics among other things.IN our talk with David about UAPs he references this video: Navy pilot describes encounter with UFOsThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.