The Cybersecurity Defenders Podcast

On this episode of The Cybersecurity Defenders Podcast we speak with Jacob Salassi, Co-Founder at stealth startup, about product security.Jacob brings over 10 years of experience in software engineering and cybersecurity to the table. Until four months ago, Jacob was a Security Architect at Snowflake, where he ensured every developer was wildly successful in owning security. Since then, he’s been diving into something new and exciting, working on a stealth startup. Before Snowflake, Jacob was busy bootstrapping application security programs in healthcare and engineering secure distributed systems for a hybrid-cloud security platform. He’s passionate about creating a development security experience that not only measurably reduces risk but also earns the love of engineers. In his own words, Jacob solves problems.Books mentioned in the podcast:Engineering Trustworthy Systems: Get Cybersecurity Design Right the First TimeSecurity Engineering: A Guide to Building Dependable Distributed SystemsMeasuring and Managing Information Risk: A FAIR Approach

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A heated dispute at DEF CON over the custom electronic badges this year turned physical, leading to an altercation between two attendees.The U.S. Department of Justice has charged Matthew Isaac Knoot, a 38-year-old Nashville resident, with multiple crimes for aiding North Korean IT workers in securing jobs with U.S. and U.K. companies.The FBI has dismantled the infrastructure of the Dispossessor ransomware group, also known as Radar, which had rapidly gained prominence since its inception in August 2023.A critical flaw in Proofpoint’s email filtering service was recently discovered, allowing cybercriminals to impersonate major brands and send phishing emails that bypassed Proofpoint’s security.A newly discovered security flaw affects AMD processors dating back to 2006. The vulnerability, which impacts CPUs from the Athlon 64 to the Ryzen 7000 series, allows attackers to exploit speculative execution to access sensitive data.

On this episode of The Cybersecurity Defenders Podcast we talk about cybersecurity product development with Vijay Pitchuman, Director of Product for Identity Management at Okta.

In this engaging discussion, the guests include the notorious GhostEmperor, a Chinese hacker group known for their advanced malware and evasion tactics, and experts from Jiangsu Bangning Science & Technology Co., the .top domain managers facing scrutiny over phishing issues. Topics cover the group's alarming resurgence, the implications of their sophisticated espionage techniques, and critical challenges in email security due to .top domains. The conversation also highlights Microsoft’s adjustments following security incidents and underscores the urgent need for enhanced cybersecurity measures.

Jamie Williams, a seasoned cybersecurity expert and former Senior Principal Cyber Operations Engineer at MITRE Corporation, dives deep into the world of threat intelligence. He discusses the evolving nature of cybersecurity challenges, stressing the importance of a behavioral mindset for threat detection. Jamie advocates for collaboration between offensive and defensive teams to enhance strategies. He also highlights the innovative use of memes in threat intelligence education, making complex concepts more accessible and engaging for all.

On this episode of The Cybersecurity Defenders Podcast we sit down with Lee Sult, Chief Investigator at Binalyze, and talk about incident response (IR).Lee is a seasoned cybersecurity expert and investigator with extensive experience in digital forensics and incident response. He is the Chief Investigator at Binalyze and has a strong track record at prestigious organizations like Trustwave-SpiderLabs and Palantir. Lee has supported the US Secret Service and managed complex cybersecurity incidents for Fortune 50 companies.As the co-founder and former CTO of Horangi Cyber Security, Singapore's first cybersecurity startup, Lee's leadership and collaboration skills have significantly impacted the region's cybersecurity landscape. Passionate about mentoring, Lee actively contributes to cybersecurity communities and supports up-and-coming entrepreneurs.

This podcast delves into cybersecurity topics such as the Blast-RADIUS vulnerability, silent Chrome extension installation techniques, AT&T data breach fallout, Kaspersky sanctions, and CrowdStrike's faulty update causing IT outages.

Join Zack Allen, a seasoned security leader, as he delves into threat detection, cloud security, and the importance of shift left security. Explore resources for deepening knowledge in threat detection, the expanding role of open source technology in cybersecurity, and predictions for the future of AI in SOCs.

On this episode of The Cybersecurity Defenders Podcast we speak with Gene Yu, Founder & CEO of Blackpanda.Gene has a diverse background, with early roles at Palantir's Asia office and Credit Suisse on Wall Street. He also served as a team leader in the US Army Special Forces, completing four combat tours in Iraq and the Southern Philippines. Gene is an active angel investor, renowned for leading the successful rescue of Evelyn Chang from Abu Sayyaf terrorists in 2013. He graduated with top honors in computer science from West Point and has attended Johns Hopkins University and Stanford's Executive Program.Gene’s book, about the incredible rescue of Evelyn Chang, can be purchased here.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Likely the biggest password leak ever: nearly 10 billion credentials exposed.Eldorado is a newly discovered ransomware-as-a-service operation targeting both Windows and Linux systems. OVHcloud has reported mitigating a record-breaking distributed denial-of-service attack that peaked at 840 million packets per second.Cisco has issued a warning about a critical remote code execution vulnerability named "regreSSHion," tracked as CVE-2024-6387, affecting OpenSSH on glibc-based Linux systems. In the first half of 2024, cryptocurrency thefts amounted to $1.4 billion, significantly driven by rising crypto prices and a few large-scale attacks.