Risky Business

Kevin Poulsen, once a notorious 1990s phone phreaker turned security journalist. Jeff Moss, founder of DEF CON and Black Hat who shaped hacker gatherings. They reminisce about the 1990s hacking golden age. Stories cover early DIY culture, physical break‑ins and radio contest schemes. Conversations trace DEF CON’s accidental birth and how curiosity turned into crime and later careers.

Ed Wu, founder of Dropzone and builder of an AI SOC platform. He discusses Dropzone’s automated AI analysts and prebuilt 'huntpacks'. Conversation covers AI-driven threat hunting, how automation surfaces weird and security-relevant artifacts, and using models to accelerate vulnerability discovery.

Russel Van Tuyl, VP of Services at SpecterOps and red teaming expert behind BloodHound, discusses AI red teaming and testing whole systems. He covers chatbots, RAG integrations, prompt injection risks, non-determinism and logging, explosion of machine identities, AI agents breaking least privilege, and using attack-path tooling across hybrid stacks.

Braden Rogers, Chief Customer Officer at Island, helps companies govern employee use of AI while preventing data leaks. He discusses browser-based DLP, tenancy challenges with AI providers, and routing the right model to the right user. Short, sharp takes on preventing sensitive data from being pasted into chatbots and balancing executive access with data safety.

A fast-paced dive into recent cyber attacks, from an Intune-based wiper hitting medical device firm systems to supply-chain tricks using invisible Unicode payloads. They unpack a vendor accidentally leaking a wildcard SSL key and debate AI agents acting like insider threats. Other highlights include Instagram dropping E2EE DMs, Moscow’s mobile internet controls, and wild hardware hacks on consoles and forensic tools.

Daniel Schell, Airlock Digital co-founder and CTO, builds deep endpoint controls. David Cottingham, co-founder and chief product officer, drives deny-by-default execution control. They discuss AI's role in allowlisting and why deterministic, customer-scoped automation beats LLMs for recommendations. They cover autotrust, assembly reflection, hardening UIs, and making allowlisting operationally practical.

Toni de la Fuente, founder and CEO of Prowler, a cloud security scanner creator. He discusses Prowler’s enterprise features while keeping it open source. Conversation touches on the Karuna iOS exploit toolkit and its clever JS-to-payload chaining. They also cover exploit signing bypasses and the role of unusual tool choices and LLMs in modern malware development.

Sydney Maroney, Head of threat hunting at Nebulock and creator of an open-source Agentic Threat Hunting Framework, discusses AI-driven threat hunting and her framework. She covers agent design, session memory and documentation. She explains how AI speeds hunts while stressing verification and shows where to find the framework on GitHub.

Brian Dye, CEO of Corelight, explains network detection and AI for defenders. James Wilson, security analyst, provides technical context on AI risks. Adam Boileau, security practitioner, gives hands-on analysis of incidents and tooling. They cover AI-augmented mass Fortinet compromises, model distillation accusations, AI agents causing outages and mailbox deletions, exploit-selling prosecutions, and legacy-product breaches.

Josh Devon, co-founder of Sondera and cybersecurity builder, explains the “lethal trifecta” of AI risks. He talks about private data exposure, untrusted content, and agents communicating externally. Short, punchy takes on behavioral controls, policy-as-code harnesses, adversarial testing, and deploying protections across enterprise environments.