The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.NSFOCUS Research Labs about how the DarkCasino APT group has leveraged a recently disclosed WinRAR zero-day vulnerability.G DATA CyberDefense is reporting on a threat actor using the ZPAQ archive and .wav file extension to infect systems with Agent Tesla.A technical analysis of DarkGate Malware-as-a-Service which is widely available on various cybercrime forums by the RastaFarEye persona.The Micrososft Threat Intelligence team has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet involving a malicious variant of an application developed by CyberLink Corp.The Chinese hacker group “Chimera” broke into NXP - a Dutch chip maker - at the end of 2017 and had access to the manufacturer’s systems until the spring of 2020.To learn more about the community initiative to help end domestic violence please visit cybersecurity-cares.com

On this episode of The Cybersecurity Defenders Podcast we take a look into the cybercriminal underworld with Jon DiMaggio, Chief Security Strategist at Analyst1.Jon DiMaggio is the chief security strategist at Analyst1 and has over 15 years of experience hunting, researching, and writing about advanced cyber threats. As a specialist in enterprise ransomware attacks and nation-state intrusions, such as”Ransom Mafia:Analysis of the World’s first Ransomware Cartel”,“Nation State Ransomware” and a “History of REvil”. He has exposed the criminal cartels behind major ransomware attacks, aided law enforcement agencies in federal indictments of nation-state attacks, and discussed his work with The New York Times, Bloomberg, Fox, CNN, Reuters, and Wired. You can find Jon speaking about his research at conferences such as RSA. Additionally, in 2022, Jon authored the book “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” published by No Starch Press.You can buy “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” here.The Ransomware Diaries: Volume1 & Volume2Jon DiMaggio on LinkedInJon DiMaggio on Twitter

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.A look at a versatile piece of malware that gets categorised as proxy malware, a bot, a backdoor, and even as a RAT, known as SystemBC.The AhnLab Security Emergency response Center’s analysis team has published an article outlining their recent discovery that the Ddostf DDoS bot is being installed on vulnerable MySQL servers.The notorious ALPHV ransomware group has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack.A new Anti-Sandbox technique LummaC2 v4.0 stealer is using to avoid detonation if no human mouse activity is detected, along with some other techniques being employed such as Control Flow Flattening.And you can sign up to participate in the Defender Fridays series here. Join us as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

On this episode of The Cybersecurity Defenders Podcast, we talk with Chris Cochran, VP & Head of Marketing at AKA Identity, about brand and marketing for cybersecurity startups.Chris Cochran is an entrepreneur who combines a wealth of experience in technology and innate creativity that has proven to be invaluable to both brands and individuals who work with him. As the Co-Founder and CEO of Hacker Valley Media, Chris has a unique perspective on how to craft compelling narratives that engage, inform, and entertain technical audiences. His experience in technology allows him to bring a rare depth of knowledge to any creative project, and his ability to communicate complex ideas equally clearly and entertainingly makes for a powerful combination for reaching everyone, from students to entrepreneurs.As a US Marine veteran and former cybersecurity professional, Chris has been an intelligence analyst, incident responder, SOC analyst, threat intelligence leader, and security operations leader. On the creative side, Chris has been an award-winning podcaster, TV series showrunner, short film director, keynote speaker, event host, and writer. He is passionate about inspiring and empowering people to live out their personal and professional legend. With his unique combination of industry knowledge and creative skills, Chris can connect with audiences in an authentic and relatable way, inspiring trust and loyalty, which are crucial elements to building a successful brand, whether personal or corporate. He has created many award-winning shows, including Hacker Valley Studio and Technically Divided, alongside his co-founder Ron Eddings; he is a highly sought-after keynote speaker in technology and helps technology brands stand out from the rest through impactful storytelling.If you have a story to tell, an experience to create, or a community to reach, Chris can help.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Arstechnica is reporting that identity and authentication management provider Okta has been hit by another breach.Deep Instinct’s Threat Research team has identified a new campaign from the “MuddyWater” group. Google is warning of multiple threat actors sharing a public proof-of-concept exploit that leverages its Calendar service to host command-and-control infrastructure.BlackBerry Research and Intelligence Team has found a wiper variant that targets Windows systems being deployed by hacktivists in support of Hamas.

On this episode of The Cybersecurity Defenders Podcast, we talk with David Burkett, founder of Signalblur, about reimagining the cyber kill chain from a defenders perspective.David is a dedicated and highly experienced Cloud Detection Engineer and Security Architect, with a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers. His expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. David is proud to have been part of a security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. David is constantly seeking opportunities to grow and learn and is eager to connect with like-minded professionals in the cybersecurity domain.

The Cybersecurity Defender's host, Christopher Luft, along with special guest Eric Capuano, walk through the available details of the most recent Okta security breach that affected 1Password, BeyondTrust, and CloudFlare.On Friday, October 20th, Okta announced that it suffered an intrusion in its customer support system. The company confirmed that 'certain Okta customers' were affected and stated that it notified 'around 1 percent' of its 18,400 customers that they were impacted.

On this episode of The Cybersecurity Defenders Podcast, we share the second part of 'When the Lights Went Out in Ukraine.'If you haven’t already, I recommend going back now and listening to “When the Lights Went Out in Ukraine, Part 1.”Beginning on January 13th, 2022, a Russian APT installed wiper malware on the IT networks of government, NGO, and IT companies across Ukraine. The malicious program was designed to appear like ransomware, but contained no recovery feature – it simply destroyed any computer it wished. Just one day later, hackers from the intelligence service of Belarus – Russia’s close ally – took down 70 websites belonging to the Ukrainian government. This was tilling – laying down the foundation for an all-out ground attack. Plastered on the 70 downed websites was a message from the attackers: “be afraid,” they wrote, and expect the worst.”This episode was written by the talented Nathaniel Nelson, narrated by Christopher Luft, and produced by the team at LimaCharlie.And a special thank you to Robert Lipovsky for sharing his first-hand knowledge.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Sentinel One talking about emerging trends and evolving techniques for macOS malware in 2023BlackCat operators recently announced new updates to their tooling, including a utility called MunchkinOn October 16, Cisco released an advisory regarding a critical zero-day privilege escalation vulnerability in their IOS XE Web UI software.WithSecure Labs is reporting that Vietnamese cybercrime groups are using multiple different Malware as a Service infostealers and Remote Access Trojans to target the digital marketing sector.The FBI in Phoenix is warning the public of a new scam dubbed “The Phantom Hacker.”Google’s Threat Analysis Group has recently observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831.

Nas Bencherchali, Detection Engineer & Threat Researcher at Nextron Systems, talks about the LOLDrivers project collecting vulnerable and malicious drivers. They also discuss the Sigma community project for creating and sharing threat detection rules, and the future of cybersecurity and the importance of detection.