The Cybersecurity Defenders Podcast

On today's episode of the Cybersecurity Defenders Podcast, we speak with Jen VanAntwerp, the Founder of Sober in Cyber.Jen is a cybersecurity marketing professional and the founder of Sober in Cyber, a nonprofit on a mission to provide alcohol-free events and community-building opportunities for sober and sober-curious individuals working in infosec. Jen is passionate about breaking the stigma of addiction recovery and is profoundly driven to increase the number of professional networking events that don’t revolve around alcohol. She is also the founder of JVAN Consulting, where she provides marketing consultation services to cybersecurity startups.Sober in Cyber Discord can be found here.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of the LimaCharlie community.The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant operational challenges as budget constraints force it to scale back key cybersecurity programs.Scammers are taking a new approach to extortion by mailing physical ransom letters to victims, claiming to be the operators of the BianLian ransomware group.A newly identified advanced persistent threat (APT) group, dubbed "Crafty Camel," has been targeting aviation operational technology (OT) systems using a sophisticated technique involving polyglot files. A new malvertising campaign is leveraging deceptive online ads to distribute information-stealing malware hosted on GitHub, highlighting an ongoing evolution in cybercriminal tactics.Security researchers have disclosed details of multiple vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems that could be exploited to facilitate attacks on industrial environments.

On this episode of The Cybersecurity Defenders Podcast we speak with Andrew Cook, CTO of Recon InfoSec, about lessons learned scaling Managed Security Operations.

On this episode of The Cybersecurity Defenders Podcast we speak with Philippe Humeau, CEO of CrowdSec, about Multimodal Offensive Artificial Intelligence (MOAI).Philippe is a cybersecurity expert and seasoned entrepreneur with a deep passion for enhancing global internet security. He is the founder and CEO of CrowdSec, an innovative open-source platform that harnesses the power of community-driven threat intelligence to protect systems worldwide. Philippe's work focuses on collaborative approaches to cybersecurity, ensuring that organizations can stay ahead of evolving threats by pooling collective knowledge and resources. With years of experience building solutions that address complex security challenges, Philippe has made a significant impact on the field.Before founding CrowdSec, Philippe successfully launched and led several companies within the cybersecurity space, further cementing his reputation as a thought leader and innovator. His journey reflects a commitment to addressing the most pressing challenges in the digital age, from fostering safer internet ecosystems to empowering businesses with the tools they need to defend against cyberattacks. Philippe is also an advocate for open-source technology and community-driven solutions, underscoring his belief that collaboration is key to combating global threats.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.North Korea’s state-backed Lazarus Group is believed to be responsible for the largest cryptocurrency heist ever recorded, stealing $1.5 billion from the Bybit exchange. The "BadPilot" hacking campaign has been linked to Russia's Sandworm threat group, a unit of the GRU known for cyber espionage and disruptive attacks. GreyNoise has observed active exploitation of CVE-2025-0108, a critical authentication bypass vulnerability in Palo Alto Networks’ PAN-OS. Security researcher Paul Butler has demonstrated a novel technique for smuggling arbitrary data using emojis, leveraging the way modern text encoding and rendering systems handle Unicode characters.Kitty Stealer is a newly identified malware targeting macOS systems, designed to steal sensitive user data such as credentials, browser cookies, and cryptocurrency wallets.SEKOIA researchers have uncovered a previously unknown IoT botnet named PolarEdge, which has been operating covertly for an extended period.

On this episode of The Cybersecurity Defenders Podcast we talk with John Vaina, AI Researcher and Red Teamer, about AI risk and safety.John is an expert in AI risk, safety, and security. John currently works as an AI red team operator, tackling some of the most complex challenges in the field. His work spans traditional cybersecurity concerns, such as identifying vulnerabilities in AI systems, to cutting-edge tasks like testing for emergent behaviors and conducting AI alignment and safety audits.John’s expertise includes evaluating ethical and bias risks, ensuring model robustness, and running adversarial attack simulations to uncover potential weaknesses. Beyond these technical aspects, he also addresses broader safety issues, including scenarios involving CBRNE threats and other high-stakes risks.John’s unique combination of technical skills, strategic thinking, and a focus on ethical considerations makes him a leading voice in ensuring that AI technologies are safe, secure, and aligned with human values.

Amanda Berlin, CEO of Mental Health Hackers and Senior Product Manager of Cybersecurity at Blumira, dives into the pressing issue of burnout in the tech industry. She shares her transformative journey from music to cybersecurity, emphasizing the critical intersection of mental health and high-pressure roles. The discussion uncovers vital strategies for managing stress, fostering better workplace culture, and supporting wellbeing through communication and community. With insights on upcoming conferences, Amanda champions a healthier future for cybersecurity professionals.

Deepak Dutt, Founder and CEO of Zighra, discusses the unique cybersecurity challenges facing the Arctic, emphasizing the need for adaptive security measures. He shares insights from his journey in technology, highlighting the lessons learned from his experience with identity theft. Deepak examines the historical decline of Nortel and its vulnerability to foreign threats, and he explores innovative solutions like privacy-driven behavioral biometrics. Finally, he addresses the geopolitical shifts in the Arctic, advocating for collaboration in advanced technologies to ensure regional security.

Delve into the intriguing world of network traffic tunneling, where attackers bypass security controls with techniques like DNS and HTTP/S tunneling. Explore the ominous BadPilot campaign linked to Russia's notorious Sandworm group. Discover the critical CVE-2025-0108 vulnerability, which exposes firewall security, and learn about an innovative emoji-based data smuggling technique. Plus, meet Kitty Stealer, a malware targeting macOS user data, showcasing the evolving landscape of cyber threats.

Raffaele Mautone, CEO of Judy Security, shares his extensive IT and cybersecurity experience, emphasizing the importance of Managed Security Service Providers (MSSPs) for SMBs. He discusses the unique challenges these businesses face amidst rising security threats. The conversation covers choosing technology partners, building trust within MSSP collaborations, and how AI is transforming cybersecurity solutions. Mautone highlights Judy Security’s mission to provide intuitive and affordable protections, ensuring that safeguarding data is accessible to all.