Claim OwnershipThe Cybersecurity Defenders Podcast
Subscribed: 71Played: 994
Subscribe
© 2023 LimaCharlie
Description
An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.
244 Episodes
Reverse
Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community sit down with Jared Atkinson and dive into BloodHound.Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog at www.invoke-ir.com.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays
On this episode of the Cybersecurity Defenders Podcast we speak with Peter Ruta, Founder / CEO, Arcanna.ai.Peter is a Romanian-born entrepreneur and technology expert with over 13 years of experience in the industry. His interest in technology was sparked after following a military path, and he went on to secure key jobs in prominent tech companies such as Cisco. In 2015, Peter decided to pursue his passion for entrepreneurship and founded Siscale AI INC. He then went on to develop Arcanna AI, a product that leverages the latest advancements in artificial intelligence to deliver cutting-edge solutions to clients. Alongside his highly knowledgeable team, Peter has successfully grown Siscale AI into a thriving company with a strong reputation for innovation and excellence. Throughout his career, Peter has been recognized for his inquisitive, analytical mind and his ability to grasp complex situations quickly. He is known for his professionalism, results-oriented approach, and unwavering determination in the face of challenges. Peter is a natural leader who inspires his team to achieve their full potential and never loses sight of his goals.Learn more at https://www.arcanna.ai/
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.• Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers.• AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys.• At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as part of their malware arsenal.• Microsoft has released an in-depth technical analysis of PipeMagic, a modular backdoor linked to ransomware operations carried out by Storm-2460, a financially motivated threat group associated with RansomEXX.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Ezra Woods, Security Engineer at Grand Canyon Education, shares insights on current attack trends and practical defensive strategies you can use to protect your environment with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/• A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel’s eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1• Microsoft’s Microsoft Active Protections Program, or MAPP, is designed to shorten the time between vulnerability discovery and patch deployment by giving trusted security vendors early access to vulnerability details. https://nattothoughts.substack.com/p/when-privileged-access-falls-into• US law enforcement, in coordination with multiple international partners, has taken action against the BlackSuit ransomware group — also known as Royal — resulting in the seizure of four servers, nine domains, and approximately $1 million in cryptocurrency. https://www.darkreading.com/vulnerabilities-threats/blacksuit-ransomware-infrastructure-law-enforcementSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Christopher Luft, Co-Founder and CCO of LimaCharlie, and Dr. Mike Saylor, CEO of Blackswan Cybersecurity, sat down with the Defender Fridays community for Black Hat week wrap up and a deep dive building secure environments for IR.Dr. Mike Saylor is an accomplished, outcome-driven and solution-focused business professional and entrepreneur with 30+ years of Consulting, IT Audit & Risk, Cyber Security & Incident Response experience. Uniquely qualified as a leader with a solid knowledge of operations, strategy and management, Dr. Mike has enjoyed repeated success guiding highly skilled, cross functional teams in areas of intelligence, security, technology, and audit & compliance. Dr. Mike is an experienced public speaker, writer, and researcher on topics of technology, security, and cybercrime. He stays current with changes in the industry through professional affiliations and continuing professional development. Learn more about Blackswan Cybersecurity at blackswan-cybersecurity.comOn Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at limacharlie.io/defender-fridays
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.At Black Hat USA in Las Vegas, three security researchers demonstrated how Google's Gemini AI could be hijacked to take control of smart home devices using a novel form of indirect prompt injection.Two separate security teams - NeuralTrust and SPLX - have conducted red teaming evaluations of the newly released GPT-5, and both report serious deficiencies in the model’s security posture.Another Black Hat story, security researchers Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies presented a compelling case that hacking satellites is not only more cost-effective than deploying anti-satellite missiles, but alarmingly easy due to widespread software vulnerabilities.Our final Black Hat story, Cisco Talos researchers disclosed five critical vulnerabilities in Broadcom’s BCM5820X series chips, used in Dell’s ControlVault3 secure enclave hardware.CISA and FEMA have jointly announced over $100 million in cybersecurity grant funding for the 2025 fiscal year, targeting state, local, and tribal governments.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and Jeremy Snyder, Founder and CEO of FireTail.ai, sat down with the Defender Fridays community to discuss the hurdles of maintaining secure processes while adding AI to your workflow.Jeremy is the founder and CEO of FireTail.ai. Jeremy was an IT and cybersecurity practitioner for over 10 years before transitioning into product and sales roles in cloud security and cyber. Jeremy once went three days without seeing another human, but saw lots of reindeer. Another time, Jeremy was kicked off a train in central Sweden. Find out more at FireTail.ai.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at limacharlie.io/defender-fridays.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.More than 90 state and local government organizations have been targeted in a recent wave of cyberattacks exploiting a vulnerability in Microsoft SharePoint, according to the Center for Internet Security (CIS).Traditional cyber attack methodologies - exploiting endpoints, moving laterally, escalating privileges - are increasingly outdated as enterprise IT shifts toward SaaS and browser-based access.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-2533 - a high-severity Cross-Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF print management software - to its Known Exploited Vulnerabilities (KEV) catalog.Researchers at Nozomi Networks have disclosed over a dozen security flaws in Tridium’s Niagara Framework, a vendor-agnostic building management platform used in sectors ranging from industrial automation to energy and smart infrastructure.Between April 2024 and April 2025, ransomware attacks on the oil and gas industry increased by an unprecedented 935%, according to new research from cybersecurity firm Zscaler.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A critical new SharePoint vulnerability is under mass exploitation, with attackers targeting on-premises SharePoint Server deployments to exfiltrate sensitive data, including authentication tokens.And then directly related to the first story, Microsoft has now confirmed that at least three China-linked threat actors—Linen Typhoon, Violet Typhoon, and Storm-2603—were actively exploiting CVE-2025-49706 and CVE-2025-49704 a day before the company issued patches on July 8.The UK government announced on July 22, 2025, that it plans to make ransomware payments illegal for public sector bodies and operators of critical national infrastructure (CNI).In-browser cryptocurrency mining, often called crypto jacking, originally gained notoriety in 2017 when Coinhive introduced JavaScript-based mining for Monero.
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Cisco has disclosed a critical vulnerability—tracked as CVE-2025-20337 with a perfect score of 10—affecting its Identity Services Engine (ISE) and the ISE Passive Identity Connector (ISE-PIC). A recently updated version of the malware-as-a-service (MaaS) loader Matanbuchus is being deployed in active spear-phishing campaigns that are ultimately aimed at high-value ransomware infections.Cambodia has announced the arrest of over 1,000 individuals this week as part of a nationwide crackdown on cybercrime networks operating within its borders.A threat actor linked to the Abyss ransomware campaign, tracked as UNC6148 by Google’s Threat Intelligence Group (GTIG), appears to be exploiting a zero-day vulnerability in SonicWall’s end-of-life Secure Mobile Access (SMA) 100 series devices.
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Kai West, a 25-year-old British national, has been indicted by the U.S. Attorney’s Office for the Southern District of New York for allegedly operating under the online alias “IntelBroker.” Hunters International, a ransomware group that surfaced in 2023 and is believed to have originated from the now-defunct Hive ransomware operation, has announced it is ceasing all activity.Hackers in Brazil managed to steal nearly $140 million USD from six banks by exploiting insider access at a financial technology firm called C&M, which provides connectivity services to financial institutions and the Brazilian Central Bank. Several critical vulnerabilities in Ruckus Networks' management products remain unpatched, leaving large-scale WiFi environments at risk of complete compromise.Microsoft has released security updates addressing 130 vulnerabilities across its product line as part of its July 2025 Patch Tuesday.
1Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience.You can sign up to join us for the live sessions at limacharlie.io/defender-fridays
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Two critical local privilege escalation vulnerabilities in the Sudo utility—CVE-2025-32462 and CVE-2025-32463—have been disclosed by the Stratascale Cyber Research Unit.Google Chrome and Mozilla Firefox are both facing distinct, serious threats this week—Chrome from a zero-day vulnerability under active exploitation and Firefox from a campaign of malicious browser extensions targeting cryptocurrency users.The Medusa ransomware group, active since late 2021, has maintained a consistent and aggressive operational tempo into 2025. Cloudflare has rolled out a significant change to how websites handle AI crawlers, positioning itself as the first internet infrastructure provider to block AI-driven scraping by default.
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience.You can sign up to join us for the live sessions at limacharlie.io/defender-fridays
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A new malware strain known as OtterCookie, developed by the North Korean APT group Lazarus, has been dissected in a detailed technical analysis by offensive security expert Mauro Eldritch. Attackers are currently exploiting a critical vulnerability in the Langflow platform — an open-source Python-based web app used to build AI workflows and agents — to deliver a new botnet called Flodrix.A new campaign from an emerging threat group named Water Curse is targeting the software supply chain by leveraging GitHub repositories that masquerade as legitimate security tools. The threat actor known as Scattered Spider, also tracked as UNC3944 by Google and Mandiant, has apparently shifted its operational focus from the retail sector to the US insurance industry, according to a new alert from Google’s Threat Intelligence Group.
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience.You can sign up to join us for the live sessions at limacharlie.io/defender-fridays
Comments
Download from Google Play
Download from App Store
United States