The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Apple’s release of macOS 15, or Sequoia, has caused significant disruptions for several security tools and software vendors, including CrowdStrike, SentinelOne, Microsoft, and others.Attackers are exploiting GitHub notifications for phishing by sending legitimate-looking alerts with malicious URLs.Truffle Security's research exposes a significant issue in GitHub’s handling of deleted and private repository data via Cross Fork Object Reference (CFOR).AhnLab’s report details Supershell, a malware targeting Linux SSH servers via brute-force attacks.Since 2022, Mandiant has tracked DPRK IT workers infiltrating global organizations by posing as non-North Koreans to fund the regime's weapons programs and evade sanctions.In August 2024, Telegram CEO Pavel Durov was arrested in France, facing charges for allowing criminal activities to proliferate on the platform, including the distribution of illegal content such as child sexual abuse material.

On this episode of The Cybersecurity Defenders Podcast we talk about some of the common pitfalls faced by founders with Andrew Plato, Founder & CEO of Zenaciti.Andrew is an experienced CEO, founder, author, and cybersecurity expert. In 1995, Andrew founded Anitian, one of the earliest cybersecurity companies on record, where he pioneered innovations in intrusion detection, endpoint security, and cloud security. He led the development of a revolutionary automated platform for secure cloud environments, and under his leadership, Anitian formed strategic partnerships with major tech companies like AWS, Microsoft, and Trend Micro before he exited the company in 2022. Andrew also leads Zenaciti, providing business and security intelligence, and recently founded Screenopolis, focusing on media analysis. He is also the author of The Founder’s User Manual: Practical Strategies for the Startup Leader.

Joshua Neil, a cybersecurity veteran with over 20 years of expertise, dives into the realm of low noise threat detection. He emphasizes that traditional perimeter defenses are inadequate against sophisticated attacks. The discussion revolves around the evolution of machine learning in threat detection, the balance between true and false positives, and the innovative use of graph theory to analyze network security. Neil also highlights the growing role of automation and the looming risks of autonomous threats to essential infrastructure.

Fortibitch, a cybersecurity participant, discusses the latest threats in the field, including a new Linux malware named Hadooken targeting Oracle WebLogic servers. The malware not only deploys cryptominers but also facilitates DDoS attacks. The Void Banshee threat group is highlighted in relation to a zero-day vulnerability reclassified by Microsoft, raising concerns over security practices. Additionally, CloudImposer addresses the risks of cloud-based data breaches, leaving listeners with important insights on staying ahead of evolving cyber threats.

On this episode of The Cybersecurity Defenders Podcast we take a look at quantum cryptography with David Carvalho, CEO & Chief Scientist at Naoris Protocol.David is the founder, CEO, and Chief Scientist of Naoris Protocol, a decentralized cybersecurity mesh. David is an accomplished leader and innovator who advises nation-states and highly regulated sectors on critical issues such as cyber espionage, cyber warfare, and cyber terrorism. He is deeply involved in blockchain-based projects, digital currencies, and cybersecurity innovations. With over 20 years of experience in the field, David has worked as a Chief Information Security Officer in multi-billion-dollar companies and brings a forward-thinking approach to risk mitigation, automation, AI, and next-gen cybersecurity. He continues to advise a wide range of organizations, from startups to national-level projects, on transformative strategies for the future.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.The Specula C2 framework represents a sophisticated attack method that transforms Microsoft Outlook into a command-and-control system by exploiting its Home Page feature. Attackers exploit browser notifications in Chromium-based browsers by tricking users through CAPTCHA-like prompts to enable notifications.The Biden administration has launched an initiative aimed at addressing the growing cybersecurity talent shortage, which has reached critical levels. Mustang Panda, a Chinese state-backed cyber-espionage group, has adapted its tactics by launching a USB-based attack campaign that leverages a worm for self-propagation across air-gapped networks.

On this episode of The Cybersecurity Defenders Podcast, we unpack the hacker mindset with Ken Westin, Senior Solutions Engineer at LimaCharlie.Ken is a seasoned thought leader in cybersecurity who has spent years analyzing and understanding the intricacies of cyber threats and the methods behind them. Ken has a unique ability to identify emerging trends in the industry and for figuring out how businesses can protect themselves before they fall victim to attacks. Previous to his current role, Ken was the Field CISO at Panther, where he developed workshops and delivered them around the world. His career also includes significant contributions at Cybereason, Elastic, and Splunk, where he drove security growth, developed innovative tools, and shaped industry conversations on cybersecurity. Ken has been a key spokesperson in the industry, frequently quoted in the media and featured at major conferences like Black Hat and DEF CON.Ken recently joined the team at LimaCharlie as a Senior Solutions Engineer, with the intent to use his deep expertise to help organizations build robust security strategies.Ken's reading list:“Daemon” - Daniel Suarez“Cryptonomicon” - Neal Stephenson“The Myth of Normal” - Gabor Maté“Threats: What Every Engineer Should Learn From Star Wars” - Adam Shostack“The Mitrokhin Archive” Christopher Andrew & Vasili Mitrokhin“The Road” - Cormac McCarthyThe song at the end of the podcast:Decrypted Savant - Mercator Misconceptions

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework.The Black Lotus Labs team at Lumen Technologies have uncovered a group of hackers linked to the Chinese government which have exploited a previously unknown software vulnerability to target U.S. internet service providers.Earlier in August, a North Korean hacking group exploited a previously unknown bug in Chrome-based browsers, aiming to steal cryptocurrency, which was reported by Microsoft in a recent update.The Dutch Data Protection Authority, or Dutch DPA, has hit Clearview AI with a €30.5 million fine—about $33.7 million—for illegally collecting data using facial recognition, including photos of Dutch citizens.Energy giant Halliburton has confirmed that its systems were hacked, and intruders were able to steal information following a cyberattack last week.

On this episode of The Cybersecurity Defenders Podcast, we speak with George Gerchow, Head of Trust at MongoDB, about the current narrative surrounding AI in cybersecurity. George challenges the dominant focus on AI as a threat and instead highlights its potential as a powerful ally in defending against sophisticated cyberattacks. We explore how AI-driven defense strategies are reshaping the landscape of proactive threat detection and automated response mechanisms, offering a fresh perspective on balancing security innovation with risk management.George is an experienced executive who has played a key role in guiding highly regulated organizations as they establish and develop agile security, privacy, and compliance programs in fast-paced environments. George’s strong focus on relationships and customer engagement shines through in every interaction, both within his teams and with external clients. He is adept at implementing risk-based security programs that align with overall business objectives, effectively balancing risk reduction with cost management. During his six years at Sumo Logic, George was integral to the team's success in taking the company public and achieving FedRAMP Authorization. Currently, he serves as the Head of Trust at MongoDB, where he continues to drive excellence in security and compliance.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Starting in October, all Microsoft Azure customers will be required to have multi-factor authentication (MFA) enabled on their accounts.Documents from a lawsuit revealed that over 2.9 billion records are vulnerable after a massive hack of the Florida-based National Public Data network.Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote Code Execution - or RCE - vulnerability within the Windows TCP/IP stack. Ransomware victims have paid $459,800,000 to cybercriminals in the first half of 2024, setting the stage for a new record this year if ransom payments continue at this level.