Security Cocktail Hour

Sharon Isaaci and David Warshavski spent careers on the offensive side of cybersecurity — breaking into organizations, finding zero-days, and cleaning up after the breaches that followed at Sygnia, Israel's premier incident response firm. After hundreds of engagements, they kept finding the same thing on both sides of the wire: breaches happen not because vulnerabilities go undetected, but because they go unmanaged.

Vulnerab...

What happens when your security perimeter extends to Mars—and MFA isn't an option?

In this episode of the Security Cocktail Hour, we sit down with Renee Wynn, former CIO of NASA, to explore what cybersecurity looks like when traditional frameworks simply don't apply.

Renee Wynn managed IT for some of humanity's most critical infrastructure: Mars rovers, the James Webb Space Telescope, the International Space Stati...

In part 2 of our discussion, John Strand tells us how the cybersecurity industry has turned stagnant, with a lack of innovation and an investment model that isn't going to turn that around any time soon. We explore why venture capital funding hasn't led to the breakthrough products the industry needs, and what's holding back real innovation. John also highlights the leaders in the security industry who are actively givi...

John Strand isn't interested in fixing the broken security education system—he's tearing it down and rebuilding it. In Part 1 of this two-part conversation, the founder of Black Hills Information Security explains why scholarships don't solve the real problem, how American universities are losing ground to European programs, and the unexpected places where he's finding the next generation of security talent.

What...

Keeping your Flipper Zero's firmware updated is critical for security and performance—but the update process isn't always smooth. In this episode, we'll walk you through every step of updating your Flipper Zero firmware, including how to work through a snag you might encounter.

Whether you're a security professional, pentester, or hardware enthusiast, regular firmware maintenance is essential for keeping your too...

Curious about the Flipper Zero, one of the most talked-about `gadgets` out there? We give you a quick look as we unbox a new one.

This is a companion to one of our earliest episodes, where we talked about the ethics and proper use of hacking tools. https://youtu.be/BVca3X8wE_c

📧 Subscribe to Our Newsletter: Get exclusive cybersecurity insights, episode updates, and career tips delivered to your inbox.

👉 https://securitycockt...

Job scams are getting scary good. We're talking AI deepfakes, fake recruiters, and cryptocurrency traps that are fooling even tech-savvy professionals. In this Security Cocktail Hour holiday special, Joe and Adam break down four of the most dangerous job scams hitting people right now—because nothing says "Happy Holidays" quite like protecting yourself from scammers, right?

If you're job hunting (or know someone wh...

Scammers stay busy during the holidays. From recognizing fake gift card requests to safe phone payments for teens, we're bringing back the best cyber security tips from last year's holiday episode, as a warmup for a new episode focusing on the latest job scams coming next week.

00:00 Introduction to the Holiday Episode

00:31 Phone malware and app privacy

06:41 EZPass Alerts and Package Delivery

08:56 Sexploitation

12:07 ...

In this episode of the Security Cocktail Hour, guest Jatin Mannepalli introduces co-hosts Joe Patti and Adam Roth the high-speed, high stakes world of high frequency trading (HFT) and its many security challenges. The conversation delves into the intricacies of high frequency trading, the stress of incident response, and the importance of redundancy in connectivity. They discuss the evolution of data transmission methods, the chall...

Join Security Cocktail Hour hosts Joe Patti and Adam Roth for an in-depth conversation with Myke Lyons, Chief Information Security Officer at Cribl, about AI in cybersecurity operations. Discover how modern CISOs are actually using LLMs and AI tools in their daily work, handling the data explosion (28% CAGR growth in logs), and transforming security operations with smarter telemetry management. Myke shares practical AI adoption str...

Everyone's using AI, including ransomware gangs. Podcast guest Karin Lagziel, Director Cybersecurity at consulting firm Sygnia, gives us the news and her cyber defense strategies for fighting back: With more AI, as well as a focus on fundamentals.

In this episode:

🔹 The first AI-powered ransomware "Prompt Lock" discovered in the wild
🔹 How Chinese hackers created "Villager" - the AI version of Cobalt Strike
🔹 Why traditi...

Forbes 30 Under 30 cybersecurity expert Yevheniia Broshevan discusses crypto security challenges, bug bounty programs, and the reality that 95% of Bitcoin has been mined while 11-18% is lost forever.

🔥 What You'll Learn:

• The concerning trend in crypto losses hitting $3 billion this year alone
• How bug bounties in Web3 can reach up to $10 million for critical vulnerabilities
• How operational security failures cause more crypt...

Ever wondered what that mysterious "WiFi Pineapple" device from hacker movies actually does? Today we're unboxing the Hak5 WiFi Pineapple Mark 7 - the real penetration testing tool that's been featured in countless TV shows and movies!

🔥 What We Cover:

• Complete unboxing of the WiFi Pineapple Mark 7
• How hackers use this for man-in-the-middle attack
• Why you should be worried about fake WiFi hotspots
• Real-world scenarios where this co...

Back in Episode 54 we talked about vacation cybersecurity, including the dangers of hotel WiFi and public networks. Today we're unboxing the travel router that could save your digital life while traveling (or at least save you a lot of grief).

🚨 Why You NEED This:

Hotel WiFi is a hacker's playground. From man-in-the-middle attacks to data theft, public networks are incredibly dangerous. This tiny device creates your own secu...

It takes an advanced degree to understand the psychology behind why users hate security controls, so we got someone with two: Dr. Nikki Robinson, DSc Cybersecurity, PhD Human Factors. Nikki joins us to break down the real reasons security implementations fail—and how to fix them.

What You'll Learn:

🔹Why vulnerability scoring goes wrong (hint: it's not the tech)

🔹How to get 99% patching rates through automation

🔹The psychology behind...

Why would a hacker at the top of his game who found dozens of zero-days switch to defense? The answer is a lot more complicated than you think. In this fascinating episode, we sit down with Cody Pierce, co-founder and CEO of Neon Cyber and former Zero Day Initiative researcher. Cody gives us an insider view into the exploit marketplace, and tells us why he went from offense to defense.

🎯 WHAT YOU'LL DISCOVER:

✅ The REAL difference b...

Join us for a special episode of the Security Cocktail Hour as co-hosts Joe Patti and Adam Roth sit down with cybersecurity legend Paul Asadoorian—founder of Security Weekly and Principal Security Evangelist at Eclypsium. With more than two decades of experience, Paul brings his unique mix of deep technical knowledge and podcasting charisma to discuss firmware vulnerabilities, supply chain risks, and the overlooked attack surfaces ...

Got big travel plans this summer? Remember to pack some protection against cyber threats. In this episode of the Security Cocktail Hour podcast, hosts Joe Patti and Adam Roth break down the real cybersecurity threats you face when using hotel Wi-Fi, airport chargers, and public networks—and what you can do to stay safe.

Learn about:

• Why public Wi-Fi is more dangerous than you think

• The truth about VPNs—and what they don’t protect

•...

In this episode of Security Cocktail Hour, we go deep into the high-stakes world of modern cyber incident response (IR) with Lisa Landau and Tim Shipp of ThreatLight—two top-tier experts redefining how breaches are handled today.

Discover how IR has evolved—and why the old playbook no longer works.

What you’ll learn:

• Why speed is everything in breach response

• Why incident response isn’t about flying on-site anymore

• How top teams m...