In this episode, Robby welcomes Dan Cleary, Co-founder and CEO of PromptHub, an organisation focused on enhancing LLM-based applications. He’s also one of the organisers behind the Prompt Engineering Conference, the world’s first event exclusively dedicated to prompt engineering, taking place in London on October 16th.

They discuss prompt engineering and management, what to expect from the upcoming conference, and what this emerging field means for enterprise AI and security.

Cleary also shares why centralised prompt management matters, how AI’s role in enterprise adoption is evolving, and what security professionals should explore to stay ahead.

Send us a text

Everyone’s talking about Agentic AI, but beyond the buzz, what’s actually happening on the ground? The mnemonic security podcast is continuing to dive into the world of Agentic AI in our latest episode, recorded live at Sikkerhetsfestivalen.

For this episode, Robby is joined by fellow podcaster (CloudFirst Podcast and KI til Kaffen) Marius Sandbu. They look at real-world implementations of agent-based systems, particularly what’s been done in Norway. And try to answer the question: are we ahead, behind, or just cautious?

They also discuss lessons learned from local projects, the current state of the global ecosystem, and what it really takes to make Agentic AI useful; diving into integration concepts like MCP and RAG, and how they’re being applied in practice.

Send us a text

Brian Singer, a PhD candidate at Carnegie Mellon University, joins Robby to talk about his research on creating autonomous attackers and defenders for networks. In their conversation, they discuss how Brian and his team made a system that uses LLMs to autonomously attack networks.

Singer and his team recently got a lot of attention after using this system to successfully recreate the Equifax cyber-attack from 2017, one of the largest data breaches in U.S. history, in a virtualised cloud environment. In turn, showing how LLMs can be taught to plan and execute sophisticated cyberattacks without a human involved.

They also talk about how LLMs are unlocking new capabilities for defenders, where he is seeing a lot of opportunity, and how he thinks security will be developing the next three to five years. 

Send us a text

Trust is one of the most powerful and dangerous currencies that we have. Whether it's a phishing email, a romance scam or a human trafficking operation, the criminals behind it exploit some of the same dynamics; mainly that trust can be earned by playing to our emotions.

This is particularity true when it comes to this episode’s topic; the global crime of "pig butchering". The scam involves luring victims into fake romantic relationships, convincing them to invest in cryptocurrency schemes, and then stealing their money through fake investment platforms. It’s worth to add that the term is a violent term for a violent crime, and that financial grooming might be more fitting description.

This week’s guest, Erin West, spent 26 years as a district attorney, and the last few years she’s been exclusively working on these kinds of scams. She’s been featured in the Wall Street Journal about her work, testified before Congress and started her own non-profit (Operation Shamrock) focusing on educating about and disrupting transnational organised crime.

Erin explains how Chinese organised crime uses high-tech methods, including cryptocurrency, to defraud victims of their life savings, the link to human trafficking, and the surprising scale of it all.

Send us a text

This episode, we’re joined by Ford Merrill, Senior Director of Research and Innovation at SEC Alliance, to discuss the evolution and sophistication of Phishing as a Service (PhaaS).

Merrill shares from his 11 years of experience working on security research in primarily the areas of phishing and DDoS botnets. In the episode, he talks about the shift from Russian to Chinese-speaking operators, who the developers of advanced kits like Darcula and Lighthouse are, and who actually uses them to impersonate brands for financial gain.

Merrill also outlines a complex ecosystem with supporting technologies and roles involving spammers, data brokers, and money launderers. He also shares what thinks needs to be done to respond this problem, and where he sees rays of hope already.

Related resources:

If you haven’t listened to our series on Darcula, a phishing-as-a-service operation targeting victims globally, check out episode 137 and 138 to hear Robby’s interview with mnemonic's security researchers Erlend Leiknes and Harrison Sand about the findings from their technical investigation into the phishing kit platform Magic Cat. And hear how this story progressed as Robby interviews investigative journalist Martin Gundersen from the Norwegian media agency NRK.

Send us a text

We´re back from Summer break! 

To kick things off, we’re excited to have Armin Buescher and Einar Oftedal from RSAC join Robby for a dive into the most talked-about topic at this year’s RSA Conference: the emergence of agentic AI.

Agentic AI, the way they define it, are agents that complete tasks acting on behalf of a user. Unlike the traditional LLM experience, where the agent is relying on human prompts, agentic AI is designed to plan, decide, and act on their own within set goals - instead of waiting for instructions.

During their conversation with Robby, they cover what agentic AI means for different domains within cyber, how it is being utilised, and the challenges of implementing agentic AI.

They also talk about the importance of human oversight, why decision-makers need to stay educated, and the biggest buzzwords when it comes to agentic AI.

Send us a text

In this episode, we’ll explore what quantum computing might mean for the world of security in the future, and the concrete measures the banking sector is taking to prepare for it.

Robby is joined by Ulf Larsson, Security CTO at the SEB Group, a leading financial services group in the Nordics, to discuss the work he’s been doing on the potential impact quantum computing will have on his sector, what it can do with our ability to protect data, and preparing his bank to be quantum safe by 2030.

They discuss the concrete tasks security teams have in front of them already now, how banks are working together to secure the financial eco-system, and the ongoing development within this field by tech companies and consultancies. 

Send us a text

Magic Cat (part 1) with security researchers Erlend Leiknes and Harrison Sand 

Darcula is a phishing-as-a-service operation targeting victims globally. Over the past 1.5 years, mnemonic researchers and an international investigative reporting team have been looking into the technology, operations and individuals connected to this crime group.

In this episode, Robby speaks with mnemonic's Erlend Leiknes and Harrison Sand about the findings from their technical investigation, offering a rare look behind the scenes of this global phishing-as-a-service operation utilising the phishing kit Magic Cat.

The research unveils hundreds of thousands of victims spanning the globe, unique technical insight into the software enabling hundreds of criminal subscribers, and a glimpse into the flashy lifestyle of the operators.

This podcast was recorded in April, but on May 4th, Norwegian media agency NRK, together with French Le Monde and German BR released the first of their multi-part global investigation into the prominent people behind the phishing operation. The investigation brings them to Thailand, where they attempt to confront Darcula, and learn more about the inner workings of the scam central.

Listen to Part 2 to hear how this story progresses as Robby interviews investigative journalist Martin Gundersen from NRK.

- mnemonic's technical blog about Magic Cat: https://www.mnemonic.io/resources/blog/exposing-darcula-a-rare-look-behind-the-scenes-of-a-global-phishing-as-a-service-operation/

- Inside the Scam Network at NRK: https://www.nrk.no/dokumentar/xl/inside-the-scam-network-1.17399135

- The Hunt for Darcula at NRK: https://www.nrk.no/dokumentar/xl/the-hunt-for-darcula-1.17399157 

Send us a text

Magic Cat (part 2) with investigative journalist Martin Gundersen

This is the second part of our series about our investigation into Darcula, a phishing-as-a-service operation targeting victims globally, and the phishing kit platform Magic Cat. Over a period of 1,5 years, mnemonic researchers and an international investigative reporting team from the Norwegian media agency NRK, together with French Le Monde and German BR, looked into the technology, operations and individuals connected to this scam network.

The findings offer a rare look behind the scenes of this global phishing-as-a-service operation utilising Magic Cat. The research unveils hundreds of thousands of victims spanning the globe, unique technical insight into the software enabling hundreds of criminal subscribers, and a glimpse into the flashy lifestyle of the operators.

In this episode, Robby talks with Martin Gundersen from NRK about how they worked on this investigation, and what happened when they traveled to Thailand to confront the people behind the scam network.

If you haven’t listened to Part 1 of this series yet, check out episode 137 to hear Robby’s interview with mnemonic's security researchers Erlend Leiknes and Harrison Sand about the findings from their technical investigation into Magic Cat.

• mnemonic's technical blog about Magic Cat: https://www.mnemonic.io/resources/blog/exposing-darcula-a-rare-look-behind-the-scenes-of-a-global-phishing-as-a-service-operation/
• Inside the Scam Network at NRK: https://www.nrk.no/dokumentar/xl/inside-the-scam-network-1.17399135
• The Hunt for Darcula at NRK: https://www.nrk.no/dokumentar/xl/the-hunt-for-darcula-1.17399157

Send us a text

We are all negotiating, in one way or another, every single day.

In this episode, we’re joined by someone that has not only mastered the skill of negotiation, she’s traveling worldwide doing negotiating training, particularity for technology companies; Tine Anneberg, Founder & CEO of CREOSUM Create Impact – part of the SMARTnership Negotiation Organization.

Tine and Robby talk about the benefits of taking a collaborative approach to negotiations, the value of trust, and why curiosity is the most important thing to bring with you in a negotiation.

Tine also shares what she’s observed to be the biggest pitfalls, how technology and AI is changing her industry, and how she is using her negotiation background to view the current geopolitical climate.

Send us a text