Breaking Badness

In this special Black Hat edition of Breaking Badness, Part 2 of a 5 Part Series, we dive deep into the world of vulnerability management, cyber resilience, and supply chain security.

Our expert guests—Jacob Graves, Director of Solution Architecture at Gutsy, Theresa Lanowitz, Chief Evangelist at Level Blue, Pukar Hamal, CEO at SecurityPal, and Vinay Anand, Chief Product Officer at NetSPI discuss the increasing complexity of managing vulnerabilities, the critical importance of reducing mean time to detect (MTTD) and mean time to repair (MTTR),

and the emerging strategies for securing the supply chain against growing risks.

Learn how vulnerability management isn’t just a technical challenge but an organizational one, and explore the nuanced roles of the CIO, CTO, and CISO in maintaining a resilient cyber infrastructure.

In this special Black Hat edition of the Breaking Badness Cybersecurity Podcast, Part 1 of a 5 Part Series, we dive deep

into how artificial intelligence is transforming the cybersecurity landscape.

Our guests—Mark Wojtasiak (VP of Product at Vectra AI), Carl Froggett (CIO at Deep Instinct), Dan Fernandez

(Staff Product Manager at Chainguard), and Marcus Ludwig (CEO of Ticura)—join us to explore the evolution of Endpoint Detection and Response (EDR), the growing threats posed by generative AI, and the complexities of securing AI in supply chains. With AI becoming a tool for both attackers and defenders, this episode uncovers the ongoing "AI arms race" and highlights the urgent need for a more preventative approach to cybersecurity.

In this special research edition of Breaking Badness, hosts Kali Fencl, Tim Helming, Sean McNee, and guest Sasha Angus from Sylla Intel dive deep into the world of cybercriminal campaigns targeting retailers.

They explore how bad actors exploit the growing threat

landscape, discussing specific fraud tactics, infrastructure reuse, and ways organizations can defend themselves. From pandemic-driven scams to sophisticated brand impersonation

schemes, this episode offers valuable insights for both retailers and consumers navigating the complex world of e-commerce security.

Kali Fencl and Daniel Schwalbe sat down with Lesley Carhart, a

seasoned incident responder specializing in Operational Technology (OT) cybersecurity at Dragos, in person at BlackHat USA 2024.

Lesley shares their journey, from their unique

background in avionics and electronics to becoming a leading expert in the field. We explore the evolving landscape of OT cybersecurity, the challenges of protecting legacy systems, and the critical importance of building strong relationships between cybersecurity teams and operational engineers. Lesley also discusses the realities of incident response in industrial environments,

the misconceptions surrounding OT security, and the human-centric approach needed to tackle these complex issues. Tune in to learn about the delicate balance between innovation and safety in protecting the critical infrastructure that powers our world.

Kali Fencl, Daniel Schwalbe, and Tim Helming discuss Brian Krebs’ article on namespace collisions and the risks associated with new generic TLDs (gTLDs) along with facial recognition and privacy concerns at major sporting events

Kali Fencl, Daniel Schwalbe, and Malachi Walker discuss all things Hacker Summer Camp. What sessions were their favorites? How did they beat the heat? Listen to the episode and find out!

This week we compromised domains targeting DeFi protocols along with the JFrog research team's findings regarding a leaked access token with admin access to Python repositories

We're thrilled Tanya Janca (aka SheHacksPurple) joined us this week on the podcast! She and Kali Fencl discuss secure guardrails, Semgrep Academy, the process of writing two books, gardening, and so much more.

In this episode of the Breaking Badness Cybersecurity Podcast, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vulnerabilities impacting your phone's 5G connection along with the new owner of the popular Polyfill JS project injecting malware into more than 100,000 sites.

Jake Bernardes, Field CISO of Anecdotes, joins the Breaking Badness Cybersecurity Podcast in this week’s episode! We’re sharing Jake’s background and path within infosec along with what’s intriguing him about the industry currently, how conferences and in-person events can still play a role in community involvement, and we’ll touch briefly on American history.