The Cybersecurity Defenders Podcast

On this episode of The Cybersecurity Defenders Podcast we talk about some of the common pitfalls faced by founders with Andrew Plato, Founder & CEO of Zenaciti.

Andrew is an experienced CEO, founder, author, and cybersecurity expert. In 1995, Andrew founded Anitian, one of the earliest cybersecurity companies on record, where he pioneered innovations in intrusion detection, endpoint security, and cloud security. He led the development of a revolutionary automated platform for secure cloud environments, and under his leadership, Anitian formed strategic partnerships with major tech companies like AWS, Microsoft, and Trend Micro before he exited the company in 2022. Andrew also leads Zenaciti, providing business and security intelligence, and recently founded Screenopolis, focusing on media analysis. He is also the author of The Founder’s User Manual: Practical Strategies for the Startup Leader.

On this episode of The Cybersecurity Defenders Podcast we talk about low noise threat detection with Joshua Neil, Founder at Alpha Level.

Josh is a seasoned expert with over 20 years of experience in developing data-driven solutions to security challenges faced by both the U.S. Government and industry at large. With a deep understanding of enterprise security, they are focused on the fact that perimeter defenses alone aren't enough to prevent attackers from breaching systems. They emphasize the importance of visibility into enterprise behavior, the need for statistical methods in attack detection, and the interconnected nature of attacks across multiple endpoints. Their work revolves around quantifying security-relevant rare events and leveraging context to support analysts in distinguishing true breaches from false positives.

Statistical Inference by George Casella and Roger Berger

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• Fortinet responded by confirming that the breach involved unauthorized access to files on a third-party cloud-based shared drive, affecting a small portion of customer data.
• Hackers are targeting Oracle WebLogic servers with a new Linux malware named "Hadooken," which is designed to deploy a cryptominer and facilitate distributed denial-of-service (DDoS) attacks.
• Microsoft has reclassified a previously patched bug, CVE-2024-43461, as a zero-day vulnerability actively exploited by the "Void Banshee" threat group.
• Security researchers from Tenable revealed a critical remote code execution vulnerability in Google Cloud Platform that could have allowed attackers to run malicious code on millions of Google’s servers.

On this episode of The Cybersecurity Defenders Podcast we take a look at quantum cryptography with David Carvalho, CEO & Chief Scientist at Naoris Protocol.

David is the founder, CEO, and Chief Scientist of Naoris Protocol, a decentralized cybersecurity mesh. David is an accomplished leader and innovator who advises nation-states and highly regulated sectors on critical issues such as cyber espionage, cyber warfare, and cyber terrorism. He is deeply involved in blockchain-based projects, digital currencies, and cybersecurity innovations. With over 20 years of experience in the field, David has worked as a Chief Information Security Officer in multi-billion-dollar companies and brings a forward-thinking approach to risk mitigation, automation, AI, and next-gen cybersecurity. He continues to advise a wide range of organizations, from startups to national-level projects, on transformative strategies for the future.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• The Specula C2 framework represents a sophisticated attack method that transforms Microsoft Outlook into a command-and-control system by exploiting its Home Page feature.
• Attackers exploit browser notifications in Chromium-based browsers by tricking users through CAPTCHA-like prompts to enable notifications.
• The Biden administration has launched an initiative aimed at addressing the growing cybersecurity talent shortage, which has reached critical levels.
• Mustang Panda, a Chinese state-backed cyber-espionage group, has adapted its tactics by launching a USB-based attack campaign that leverages a worm for self-propagation across air-gapped networks.

On this episode of The Cybersecurity Defenders Podcast, we unpack the hacker mindset with Ken Westin, Senior Solutions Engineer at LimaCharlie.

Ken is a seasoned thought leader in cybersecurity who has spent years analyzing and understanding the intricacies of cyber threats and the methods behind them. Ken has a unique ability to identify emerging trends in the industry and for figuring out how businesses can protect themselves before they fall victim to attacks.

Previous to his current role, Ken was the Field CISO at Panther, where he developed workshops and delivered them around the world. His career also includes significant contributions at Cybereason, Elastic, and Splunk, where he drove security growth, developed innovative tools, and shaped industry conversations on cybersecurity. Ken has been a key spokesperson in the industry, frequently quoted in the media and featured at major conferences like Black Hat and DEF CON.

Ken recently joined the team at LimaCharlie as a Senior Solutions Engineer, with the intent to use his deep expertise to help organizations build robust security strategies.

Ken's reading list:

“Daemon” - Daniel Suarez

“Cryptonomicon” - Neal Stephenson

“The Myth of Normal” - Gabor Maté

“Threats: What Every Engineer Should Learn From Star Wars” - Adam Shostack

“The Mitrokhin Archive” Christopher Andrew & Vasili Mitrokhin

“The Road” - Cormac McCarthy

The song at the end of the podcast:

Decrypted Savant - Mercator Misconceptions

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework.
• The Black Lotus Labs team at Lumen Technologies have uncovered a group of hackers linked to the Chinese government which have exploited a previously unknown software vulnerability to target U.S. internet service providers.
• Earlier in August, a North Korean hacking group exploited a previously unknown bug in Chrome-based browsers, aiming to steal cryptocurrency, which was reported by Microsoft in a recent update.
• The Dutch Data Protection Authority, or Dutch DPA, has hit Clearview AI with a €30.5 million fine—about $33.7 million—for illegally collecting data using facial recognition, including photos of Dutch citizens.
• Energy giant Halliburton has confirmed that its systems were hacked, and intruders were able to steal information following a cyberattack last week.

On this episode of The Cybersecurity Defenders Podcast, we speak with George Gerchow, Head of Trust at MongoDB, about the current narrative surrounding AI in cybersecurity. George challenges the dominant focus on AI as a threat and instead highlights its potential as a powerful ally in defending against sophisticated cyberattacks. We explore how AI-driven defense strategies are reshaping the landscape of proactive threat detection and automated response mechanisms, offering a fresh perspective on balancing security innovation with risk management.

George is an experienced executive who has played a key role in guiding highly regulated organizations as they establish and develop agile security, privacy, and compliance programs in fast-paced environments. George’s strong focus on relationships and customer engagement shines through in every interaction, both within his teams and with external clients. He is adept at implementing risk-based security programs that align with overall business objectives, effectively balancing risk reduction with cost management. During his six years at Sumo Logic, George was integral to the team's success in taking the company public and achieving FedRAMP Authorization. Currently, he serves as the Head of Trust at MongoDB, where he continues to drive excellence in security and compliance.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

• Starting in October, all Microsoft Azure customers will be required to have multi-factor authentication (MFA) enabled on their accounts.
• Documents from a lawsuit revealed that over 2.9 billion records are vulnerable after a massive hack of the Florida-based National Public Data network.
• Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote Code Execution - or RCE - vulnerability within the Windows TCP/IP stack.
• Ransomware victims have paid $459,800,000 to cybercriminals in the first half of 2024, setting the stage for a new record this year if ransom payments continue at this level.

On this episode of The Cybersecurity Defenders Podcast we speak with Jacob Salassi, Co-Founder at stealth startup, about product security.

Jacob brings over 10 years of experience in software engineering and cybersecurity to the table. Until four months ago, Jacob was a Security Architect at Snowflake, where he ensured every developer was wildly successful in owning security. Since then, he’s been diving into something new and exciting, working on a stealth startup. Before Snowflake, Jacob was busy bootstrapping application security programs in healthcare and engineering secure distributed systems for a hybrid-cloud security platform. He’s passionate about creating a development security experience that not only measurably reduces risk but also earns the love of engineers. In his own words, Jacob solves problems.

Books mentioned in the podcast:

Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time

Security Engineering: A Guide to Building Dependable Distributed Systems

Measuring and Managing Information Risk: A FAIR Approach