The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we take a close look at Open Source Intelligence with Mishaal Khan, Cybersecurity Practice Lead at Mindsight.

Misshal is a jack of all trades and master of some! With a profound knack for thinking like the bad guys, Misshal harnesses his extensive knowledge—from the nitty-gritty of bits and bytes to intricate business processes. As a techie, Ethical Hacker, OSINT enthusiast, an...

In this episode of The Cybersecurity Defenders Podcast, we discuss the GRU-backed cyber unit Sandworm which was recently promoted to APT44 by Mandiant.

Sandworm is a notorious hacking group, believed to be linked to Russia's military intelligence agency, the GRU. Known for its destructive cyberattacks, Sandworm has targeted various sectors worldwide, including energy, media, and election systems. Their activities are marked by the u...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• eSentire's Threat Response Unit has observed FakeBat loader being distributed via FakeUpdates, ultimately leading to a LummaC2 infection via a custom-written PaykRunPE provided by the FakeBat Threat Actors.
• CISA is investigating a breach at business intelligence company Sisense and urged ...

In this episode of The Cybersecurity Defenders Podcast, we take a close look at Digital Forensics with Carlos Cajigas, CTO of Covert Bit.

Carlos is a seasoned Incident Response professional hailing from San Juan, Puerto Rico. Carlos's journey in the field began after dedicating over a decade to law enforcement, specializing as a Digital Forensics Detective and Examiner in West Palm Beach, Florida. His extensive experience spans cond...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

On March 29, 2024 defenders became aware that a backdoor was intentionally planted inside of XZ Utils an open source data compression utility available on many installations of Linux and other Unix-like operating systems. The threat actors behind this implant likely spent years on this oper...

In this episode of The Cybersecurity Defenders Podcast we have an in-depth talk about the cyber threat from China, with Adam Kozy and Daniel Velasquez.

Daniel started his career as a defender in the United States Marine Corps as an intelligence analyst where he served in Afghanistan - from there he went on to work with the Defense Intelligence Agency, Joint Special Operations Command and the CIA. After his service, he was a director...

In this episode of The Cybersecurity Defenders Podcast we speak with Salvador Mendoza, Director of Research and Development at Metabase Q, about the tokenization of payment systems.

Salvador is a prominent figure in the cybersecurity industry and holds the position of Director of Research and Development at Metabase Q. He is also an integral member of the Ocelot Offensive Security Team. His area of expertise lies in the intricate wo...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• Unit 42 have recently identified a wave of large-scale StrelaStealer campaigns impacting over 100 organizations across the EU and U.S.
• Researchers at Mandiant on Friday raised an alarm after discovering Russia’s APT29 hacking group targeting political parties in Germany, indicating a poss...

In this episode of The Cybersecurity Defenders Podcast we speak with Grace Chi, CoFounder & COO of Pulsedive Cyber Threat Intelligence about a report she published on cyber threat intelligence networking.

Cyber Threat Intelligence (CTI) is an evolving field, with an industry-wide consensus that teams cannot effectively operate in an intelligence silo. This sentiment is shared across all stakeholder segments – public, private, ve...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

Threat actors have been actively targeting vulnerable Connect Secure VPN appliances after the disclosure of CVE-2023-46805 and CVE-2023-21887.

Threat researchers recently observed an interesting variant of StopCrypt ransomware. The ransomware executes its malicious activities by utilizing mul...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• North Korean threat actors known as the Lazarus Group exploited a zero-day in the Windows AppLocker driver to gain kernel-level access and turn off security tools, allowing them to bypass noisy Bring Your Own Vulnerable Driver techniques.
• Researchers observed threat actors run the Angry I...

In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of John Hammond, Principal Security Researcher at Huntress, tell the story of the MOVEit cyberattack: the biggest data theft of 2023.

The MOVEit cyberbreach, was a far-reaching cyber attack that unfolded with significant implications worldwide. The breach initially came to light on June 3, when the Government of Nova Scotia disc...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• AhnLab Security Intelligence Center published an article exploring Nood RAT. Nood RAT is a variant of Gh0st RAT that works in Linux.
• GTPDOOR is the name of Linux-based malware that is intended to be deployed on systems in telco networks adjacent to the GRPS eXchange Network with the novel...

In this episode of The Cybersecurity Defenders Podcast, we take a close look at weaponizing ASCII escape sequences with Fredrik (STÖK) Alexandersson from Truesec.

Fredrik (STÖK) Alexandersson is a dynamic individual driven by a boundless curiosity and a passion for sharing knowledge. With over three decades of professional experience, he's hacked his way through realms ranging from computers and technology to marketing, fashion, com...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• Law enforcement from 10 countries - in a joint operation called ‘Operation Cronos’ - have disrupted the criminal operation of the LockBit ransomware group.
• FortiGuard has identified a grouping of malware droppers used to deliver various final-stage payloads through 2023 they are calling t...

In this episode of The Cybersecurity Defenders Podcast, we talk about cybersecurity issues as they relate to the space industry with Tim Fowler, Offensive Security Analyst at Black Hills Information Security.

Tim's unique blend of curiosity, determination, and passion for problem-solving make him stand out in the cybersecurity world. As a frequent speaker on topics ranging from Information Security to Open Source software, Tim's mis...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• ZScaler ThreatLabz are reporting on some recent campaigns, which started in February 2024, where they observed Pikabot reemerging with significant changes in its code base and structure.
• OpenAi is claiming that they have terminated accounts associated with state-affiliated threat actors.
• A...

In this episode of The Cybersecurity Defenders Podcast, we delve into an innovative, engineering-centered perspective on cybersecurity with Maxime Lamothe-Brassard, the Founder & CEO of LimaCharlie.

As part of the Canadian Intelligence apparatus, Maxime worked in positions ranging from development of cyber defence technologies, Counter Computer Network Exploitation, and Counter Intelligence. Maxime led the creation of an advance...

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• The spectacular headline announcing a DDOS attack that involved 3-million electric toothbrushes.
• A hardware attack to bypass TPM-based encryption which is used on most Microsoft Windows devices.
• CrowdStrike researchers have identified a HijackLoader sample that employs sophisticated evasio...