The Cybersecurity Defenders Podcast

On this episode of The Cybersecurity Defenders Podcast we speak with Andrew Cook, CTO of Recon InfoSec, about lessons learned scaling Managed Security Operations.

On this episode of The Cybersecurity Defenders Podcast we speak with Philippe Humeau, CEO of CrowdSec, about Multimodal Offensive Artificial Intelligence (MOAI).Philippe is a cybersecurity expert and seasoned entrepreneur with a deep passion for enhancing global internet security. He is the founder and CEO of CrowdSec, an innovative open-source platform that harnesses the power of community-driven threat intelligence to protect systems worldwide. Philippe's work focuses on collaborative approaches to cybersecurity, ensuring that organizations can stay ahead of evolving threats by pooling collective knowledge and resources. With years of experience building solutions that address complex security challenges, Philippe has made a significant impact on the field.Before founding CrowdSec, Philippe successfully launched and led several companies within the cybersecurity space, further cementing his reputation as a thought leader and innovator. His journey reflects a commitment to addressing the most pressing challenges in the digital age, from fostering safer internet ecosystems to empowering businesses with the tools they need to defend against cyberattacks. Philippe is also an advocate for open-source technology and community-driven solutions, underscoring his belief that collaboration is key to combating global threats.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.North Korea’s state-backed Lazarus Group is believed to be responsible for the largest cryptocurrency heist ever recorded, stealing $1.5 billion from the Bybit exchange. The "BadPilot" hacking campaign has been linked to Russia's Sandworm threat group, a unit of the GRU known for cyber espionage and disruptive attacks. GreyNoise has observed active exploitation of CVE-2025-0108, a critical authentication bypass vulnerability in Palo Alto Networks’ PAN-OS. Security researcher Paul Butler has demonstrated a novel technique for smuggling arbitrary data using emojis, leveraging the way modern text encoding and rendering systems handle Unicode characters.Kitty Stealer is a newly identified malware targeting macOS systems, designed to steal sensitive user data such as credentials, browser cookies, and cryptocurrency wallets.SEKOIA researchers have uncovered a previously unknown IoT botnet named PolarEdge, which has been operating covertly for an extended period.

On this episode of The Cybersecurity Defenders Podcast we talk with John Vaina, AI Researcher and Red Teamer, about AI risk and safety.John is an expert in AI risk, safety, and security. John currently works as an AI red team operator, tackling some of the most complex challenges in the field. His work spans traditional cybersecurity concerns, such as identifying vulnerabilities in AI systems, to cutting-edge tasks like testing for emergent behaviors and conducting AI alignment and safety audits.John’s expertise includes evaluating ethical and bias risks, ensuring model robustness, and running adversarial attack simulations to uncover potential weaknesses. Beyond these technical aspects, he also addresses broader safety issues, including scenarios involving CBRNE threats and other high-stakes risks.John’s unique combination of technical skills, strategic thinking, and a focus on ethical considerations makes him a leading voice in ensuring that AI technologies are safe, secure, and aligned with human values.

Amanda Berlin, CEO of Mental Health Hackers and Senior Product Manager of Cybersecurity at Blumira, dives into the pressing issue of burnout in the tech industry. She shares her transformative journey from music to cybersecurity, emphasizing the critical intersection of mental health and high-pressure roles. The discussion uncovers vital strategies for managing stress, fostering better workplace culture, and supporting wellbeing through communication and community. With insights on upcoming conferences, Amanda champions a healthier future for cybersecurity professionals.

Deepak Dutt, Founder and CEO of Zighra, discusses the unique cybersecurity challenges facing the Arctic, emphasizing the need for adaptive security measures. He shares insights from his journey in technology, highlighting the lessons learned from his experience with identity theft. Deepak examines the historical decline of Nortel and its vulnerability to foreign threats, and he explores innovative solutions like privacy-driven behavioral biometrics. Finally, he addresses the geopolitical shifts in the Arctic, advocating for collaboration in advanced technologies to ensure regional security.

Delve into the intriguing world of network traffic tunneling, where attackers bypass security controls with techniques like DNS and HTTP/S tunneling. Explore the ominous BadPilot campaign linked to Russia's notorious Sandworm group. Discover the critical CVE-2025-0108 vulnerability, which exposes firewall security, and learn about an innovative emoji-based data smuggling technique. Plus, meet Kitty Stealer, a malware targeting macOS user data, showcasing the evolving landscape of cyber threats.

Raffaele Mautone, CEO of Judy Security, shares his extensive IT and cybersecurity experience, emphasizing the importance of Managed Security Service Providers (MSSPs) for SMBs. He discusses the unique challenges these businesses face amidst rising security threats. The conversation covers choosing technology partners, building trust within MSSP collaborations, and how AI is transforming cybersecurity solutions. Mautone highlights Judy Security’s mission to provide intuitive and affordable protections, ensuring that safeguarding data is accessible to all.

In this discussion, Matt Bromley, an expert cybersecurity analyst, shares enlightening insights on the latest cyber threats. He highlights a significant 35% drop in ransomware payments in 2024 and the arrest of a key member from the 8Base ransomware group. The XE Group is now employing advanced supply chain attacks, potentially surpassing the SolarWinds incident. Additionally, Bromley uncovers a concerning cyber-espionage campaign targeting governmental sectors in South Asia, showcasing the ever-evolving landscape of cyber threats.

On this episode of The Cybersecurity Defenders Podcast we talk about talent acquisition, training, and retention in the MSSP space with Paul Ihme, Cofounder & Managing Principle at Soteria.Paul is a cybersecurity professional with extensive experience in both federal and private sectors. He is the co-founder and managing principal of Soteria, a firm that provides tailored cybersecurity solutions and strategic advisory services to help businesses defend against cyber threats 24/7. Soteria specializes in managed detection and response, domain monitoring, and risk management for Microsoft 365 environments among other things. Prior to founding Soteria, Paul held key roles in cybersecurity, including Vice President of Active Network Defense at JPMorgan Chase and as a Cyber Warfare Operator in the U.S. Air Force. Today, we are going to be discussing what it takes to Build a Skilled Team and exploring his experience with Talent acquisition, training, and retention in the MSSP space.