The Cybersecurity Defenders Podcast

Dennis Chow, a seasoned cybersecurity leader, explores automating security detection engineering. Topics include detection as code, DevOps principles, modular signatures, tracking KPIs for ROI, career development, and future industry trends.

On this episode of The Cybersecurity Defenders Podcast, we talk AI-powered cybersecurity with Rodrigo Loureiro, CEO of Cyber Connective Corporation.Rodrigo's extensive experience includes roles as a global Chief Information Officer where he managed a $215M IT budget and oversaw a team of 1800 people, ensuring world-class infrastructure services around the clock.In addition to his executive roles, Rodrigo is a bestselling author of 'Game On - Leaders Who Last', where he explores the necessity of adaptability and open-mindedness in leadership, particularly within the technology sector. He is also an Operational Partner at the Executive Enterprise Venture Fund, focusing on innovative cybersecurity and AI investments. A recognized keynote speaker and expert in aligning technology with business strategy, Rodrigo’s insights are invaluable to anyone interested in the future of tech and leadership.

Experienced cybersecurity practitioners, Mike Pedrick and Adriano Carvalho, discuss the ongoing CDK Global cybersecurity incident affecting 15,000 auto dealerships. They delve into the cyberattack's impact on dealership operations, challenges faced, and the importance of security measures. The podcast also covers the evolving automotive industry landscape, cybersecurity risks like the Black Suit threat group, and compliance with FTC safeguards for data protection.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.SigmaHQ has introduced Sigma Correlations to enhance its rule-based detection capabilities, allowing for more sophisticated event correlation across multiple Sigma rules.Tyler Buchanan, a 22-year-old from the UK and alleged leader of the Scattered Spider hacking group, was arrested in Spain.Microsoft has issued an urgent update for all supported versions of Windows to address a critical Wi-Fi vulnerability, CVE-2024-30078.Three individuals— Yousef Selassie, Ugochukwu Emmanuel Nwosu, and David Gil—have been charged with operating Empire Market, a dark web marketplace that facilitated over $430 million in illegal transactions.In September 2022, Mandiant began investigating several intrusions conducted by UNC3886, a China-linked cyber espionage group, after discovering malware in ESXi hypervisors.

On this episode of The Cybersecurity Defenders Podcast, we speak with Gerard Johansen, Principal Security Solutions Specialist at Red Canary.Gerard is a seasoned expert in the field of cybersecurity. Gerard holds the prestigious Certified Information System Security Professional - or CISSP. His extensive career includes serving as a Special Deputy United States Marshal for the FBI's Connecticut Computer Crimes Task Force and working as a Certification and Accreditation Analyst for a federal inter-agency unit. Gerard has conducted numerous technical and non-technical vulnerability assessments for both financial and government organizations, demonstrating his deep expertise in digital forensics and incident response.With a wealth of experience in risk assessment, cyber threat intelligence, and penetration testing, Gerard is frequently sought after for his knowledge in corporate counterintelligence, threat emulation, and cloud security challenges. He has developed and maintained crucial industry relationships through ongoing professional development and is a trusted resource for information security seminars and training programs.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Mandiant has linked a series of data breaches affecting hundreds of Snowflake instances to the use of infostealer malware, primarily targeting non-Snowflake systems to harvest credentials.Authorities have ramped up something they are calling Operation Endgame which is an effort to capture a fellow that goes by the handle "Odd," the alleged mastermind behind the Emotet botnet.McAfee has identified a fake Bahrain government Android app masquerading as the Labour Market Regulatory Authority app, and is designed to steal personal data for financial fraud.A technical deep-dive on Operation Crimson Palace performed by Sophos X-ops: the operation exposes a sophisticated cyberespionage campaign targeting a Southeast Asian government, attributed to Chinese state interests.

Jeremy Snyder, Founder and CEO at FireTail.io, discusses API security and the importance of safeguarding data privacy. Topics include the risks of API attacks, common vulnerabilities, tools like Vac and Nuclei, innovative security approaches, integrating security measures in development, and the impact of AI on API security.

Chris Brenton, COO at Active Countermeasures, discusses network threat hunting, behavior analytics, indicators of compromise, and the evolution of technology in cybersecurity. He emphasizes the importance of training and enhancing knowledge within the cybersecurity community.

Alexander Byrne, Director of Corporate IT Compliance at Thrive, shares his vast experience in creating information security strategies for diverse industries. He discusses the evolving landscape of cybersecurity compliance, particularly in finance and healthcare, and the impact of new data privacy laws like the California Consumer Privacy Act. Byrne emphasizes the need for mature security programs and a balanced, risk-based approach to compliance. He also predicts a transformative future for cybersecurity driven by AI and the challenges posed by quantum computing.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Researchers have identified a new malware, called"GhostEngine," which targets vulnerable drivers to disable endpoint detection and response solutions. MITRE has released some more details on how Chinese state-sponsored hackers recently exploited VMware systems within MITRE's NERVE environment for persistence and evasion.The FBI has once again seized control of BreachForums, a notorious site known for trading stolen data, marking the second such action within a year.Information on MSSN CTRL, the security automation and engineering conference, can be found here.