Podcasts about limacharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Researchers at Trend Micro have uncovered continued activity from China-aligned threat actors leveraging a cross-platform JavaScript-based command-and-control framework known as "PeckBirdy".Silent Push has identified an extensive phishing campaign targeting over 100 organizations, attributed to the threat actor group ShinyHunters.A malicious Visual Studio Code extension impersonating an AI coding assistant for Moltbot has been discovered distributing malware via the official VS Code Extension Marketplace.Dragos has attributed the December 2025 cyberattack on the Polish power grid to the Russian state-sponsored group known as ELECTRUM, with medium confidence.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for a special Defender Fridays Office Hours session where the LimaCharlie team demonstrates the new Agentic SecOps Workspace (ASW) and explores what's possible when AI agents operate security infrastructure directly.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.What We'll DiscussIn this hands-on session, we showcase real working implementations of AI in cybersecurity operations. From reverse engineering malware to automated rule tuning and infrastructure management, we demonstrate how AI agents are transforming security workflows from concept to production-ready tools in hours instead of days.Key TopicsAutomated malware analysis and decompilation without traditional manual reverse engineering workflowsRule tuning at scale: Investigating noisy detections, writing false positive rules, and deploying them autonomouslyInfrastructure automation: Setting up data sources, configuring tenants, and managing security operations through AI agentsThe permission model: Balancing AI capability with human oversight and approval workflowsReal-world applications: Custom reporting, detection coverage analysis, and operational time savingsAbout This SessionThis office hours format brings together the LimaCharlie team to share practical experiences with AI-powered security operations. Rather than theoretical discussions, we demonstrate working tools and invite the community to share their own AI security experiments. The session highlights the rapid evolution of AI capabilities in cybersecurity and explores the changing relationship between security practitioners and automation.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this special episode of The Cybersecurity Defenders Podcast, a panel of cybersecurity experts discuss the irreversible changes AI has brought to the industry. This panel originally aired on January 20th, 2026.The panel attendees include:Christopher Luft (host) - Co-Founder / CCO, LimaCharlieMaxime Lamothe-Brassard - Founder / CEO, LimaCharlieEric Capuano - Co-Founder, Digital Defense InstituteJoshua Neil - Co-Founder, Alpha LevelKris Merritt - AdvisorDaniel Lees - Sr Staff Cloud Security Architect, GoogleLimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration, detection engineering, reporting, and onboarding. The tedious work that eats margin and slows growth spans the entire operation.What if AI could operate your entire security infrastructure with the same access as your best analyst?We built LimaCharlie for complete programmatic access from day one. we were building for AI operators before AI operators existed. On January 20th, we'll show you what happens when AI agents can do everything in a security platform, across every tenant, through natural language.No marketing theater. Just real conversations and a demonstration of AI-driven security operations where you stay in control.Learn more at https://limacharlie.io/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.China's pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet's FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week on Defender Fridays, John Hubbard, SANS Institute Cyber Defense Curriculum Lead, discusses the future of security operations and what it means for SOC leaders today. We'll be talking about:Building continuous improvement into SOC leadershipCurrent vendor and product trends shaping security operationsAI's real impact on SOC jobs and operationsFew instructors combine real-world security operations center (SOC) leadership, curriculum design, and frontline defense experience like John Hubbard. As a Senior Instructor at the SANS Institute, author of SANS SEC450: SOC Analyst Training – Applied Skills for Cyber Defense Operations, and co-author of SANS LDR551: Building and Leading Security Operations Centers, John translates years of frontline SOC leadership into practical lessons students can immediately apply. His courses give participants more than technical knowledge—they build the skills and judgment that ensure professionals thrive in modern security operations.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

In this special episode of The Cybersecurity Defenders Podcast, Mike Privette hosts a keynote discussion with LimaCharlie Founder and CEO, Maxime Lamothe-Brassard. LimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration, detection engineering, reporting, and onboarding. The tedious work that eats margin and slows growth spans the entire operation.What if AI could operate your entire security infrastructure with the same access as your best analyst?We built LimaCharlie for complete programmatic access from day one. we were building for AI operators before AI operators existed. On January 20th, we'll show you what happens when AI agents can do everything in a security platform, across every tenant, through natural language.No marketing theater. Just real conversations and a demonstration of AI-driven security operations where you stay in control.Learn more at https://limacharlie.io/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Security researchers at Check Point have uncovered a previously unknown Linux malware framework named VoidLink, which stands out for its complexity and modular design.Researchers at Trend Micro have identified a new phishing campaign that combines legitimate services and open-source tools to distribute AsyncRAT, a commodity-remote access trojan.New research into Predator spyware reveals a deeper level of sophistication and operational intelligence than previously understood.The widespread adoption of AI agents in enterprise environments is creating a new class of identity and access control risks as highlighted in a new report from The Hacker News.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week on Defender Fridays, Tom Cross, Head of Threat Research at GetReal Security, joins us to talk hiring fraud and deepfakes on our first Defender Fridays session of 2026!At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances.Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security.The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official confirmation of cyber's role remains ambiguous.Two U.S. citizens with professional backgrounds in cybersecurity have pleaded guilty to acting as affiliates of the ALPHV/BlackCat ransomware group, a prominent ransomware-as-a-service (RaaS) operation.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we're starting the new season off with the hottest topic of 2025: AI. Sitting down with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, we discuss the ways AI has rapidly changed how companies are building security tools.Join an in-depth discussion January 20, 2026 and witness LimaCharlie's fundamentally different approach to AI-powered security operations. Your security operations will never be the same: https://www.linkedin.com/events/7401665070889545728/Maxime Lamothe-Brassard began his cybersecurity career at the Canadian Department of National Defense before providing direct assistance to organizations facing cyber defense challenges. His career includes key roles at CrowdStrike and Google, as well as being part of Chronicle Security's founding team, ultimately leading him to establish LimaCharlie to revolutionize security operations infrastructure. Support our show and share your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast, we revisit the 2025 predictions shared by our guests throughout the year. From attackers and defenders to AI and the broader security industry, these forecasts capture what experts expected was coming next. Rather than judging accuracy - which is still too early to assess -we're examining the predictions themselves: where they aligned, how they clustered, and what those patterns reveal about the industry's mindset as this year came to a close. Free from hindsight bias, this episode explores what remained uncertain as we entered 2026.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week on Defender Fridays, Bryan Brake, Senior Product Manager and Bug Bounty Team Lead at Amazon, joins us to discuss vulnerability remediation, bounty processes, and incident response workflows.Bryan will share practical insights on managing disclosures and coordinating responses across security teams.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

On this episode of The Cybersecurity Defenders Podcast we speak with Rebekah Skeete, Executive Director and CEO of BlackGirlsHack Foundation. Rebekah dives into how BGH is helping to increase diversity in cybersecurity by bridging the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity.For more information visit: https://www.blackgirlshack.org/HomeRebekah Skeete is a Security Engineer with Schellman based in Dallas, Texas. As a member of the Infrastructure and Security team, Rebekah is part of a collaborative group of technology professionals serving as the primary technical resource to safeguard the organization's computer networks and systems. In her role, she is responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. Prior to joining Schellman in 2022, Rebekah worked for the Texas Rangers in a myriad of roles, including Cybersecurity Analyst and Manager of IT Applications and Operations. During the construction of the Rangers new state-of-the-art ballpark, Globe Life Field, Rebekah assisted the Rangers IT department's efforts to transition over 200 front office employees to their new workspaces. Outside baseball and IT, Rebekah is also interested in politics and started volunteering for campaigns in 2008. From 2013-2016, she served as a Campaign Manager in the Dallas-Fort Worth area. In 2015, she attended the Women's Campaign School at Yale. Rebekah is the COO of BlackGirlsHack, a nonprofit organization providing black women with resources, training, mentoring, and access to increase representation and diversity in the cybersecurity field. Committed to inclusion and belonging, she holds the firm belief that representation enhances the culture and community of an organization and seeks to amplify underserved voices at any table she has a seat.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comReact2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged involvement with pro‑Russia hacktivist groups CyberArmyofRussia_Reborn and NoName057(16).A China-aligned threat actor identified as Warp Panda has been linked to recent compromises of VMware vCenter environments at U.S.-based organizations, according to a new report from CrowdStrike. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.Key Topics:The gap between AI malware hype and practical realityWhy threat actors prefer simple, effective methods over sophisticated techniquesThe prevalence of legitimate RMM tools in modern attacksBuilding practical detection strategies for actual threatsLessons from physical security that apply to cybersecurity defenseRandy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives. Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

On this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader.Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Alec's commitment to excellence and his unwavering dedication to staying ahead of the curve in the ever-evolving field of cybersecurity have earned him recognition as a trusted advisor and thought leader in the industry. When he's not immersed in the world of IT security, Alec enjoys spending time outdoors, and help coach his son's baseball/basketball teams.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comThe Tomiris cyber-espionage group, which has been under Kaspersky's watch since 2021, has evolved its tactics in a new wave of attacks observed in early 2025. Article #2.CISA has recently added CVE-2021-26829 to its known exploited vulnerabilities, or KEV catalog, marking it as a confirmed threat based on real world exploitation. Researchers at KOI Security have identified a malicious NPM package, which not only performs typical credential stealing behavior, but also includes a new, subtle tactic attempting to manipulate AI-driven security scanners via embedded prompt engineering. Article #2.Iranian state sponsored threat group MuddyWater has launched a new wave of cyber espionage attacks targeting Israeli organizations across sectors including academia, civil infrastructure, engineering, technology and utilities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cyber Security Cares, visit cybersecurity-cares.comAI is now fulfilling a long-standing hope of security teams: it's taking over repetitive, low-skill tasks like log reviews, alert triage, and basic investigations.Anthropic has disclosed what it believes is the first documented case of a largely autonomous AI-orchestrated cyber espionage campaign.The new "JackFix" variant of the ClickFix attack is gaining traction, and unlike its predecessors, it combines both social engineering and technical evasion tactics to bypass existing defenses more effectively.Researchers at Morphisec have uncovered a new six-month-long campaign weaponizing .blend files - native to Blender, the open-source 3D modeling software - to deliver a variant of the StealC information stealer.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Erik Bloch, VP of Security at Illumio, about better tools to combat burnout rate and discuss the reality of AI in security.Erik Bloch has 30+ years of information and cyber security experience, both as an IC and as a leader of teams. “People first” has always been his approach. He has led entire security and IT functions at smaller companies, and been the CISOs leading big teams at larger orgs. Erik also spent time on the product side, trying to make better tooling for people like him. With a mix of security, IT and product under his belt, Erik is at a place where connections, making meaningful change and driving impact in peoples lives, mean a lot to him. The smartest person he knows once said "Problems are really opportunities in disguise"​, and that's something Erik always tries to see.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Michael Baker, VP, Global Chief Information Security Officer at DXC Technology, about his optimistic outlook on the impact of AI in cybersecurity.Michael Baker is an accomplished cyber security executive with more than 24 years of experience in the field. He is passionate about building high-performing teams and transforming the way cyber risk is managed within businesses. Currently, Michael serves as the Global Chief Information Security Officer (CISO) for DXC Technology. In this capacity, he is responsible for protecting the brand and reputation of DXC Technology, a $14 billion global technology enterprise with 130,000 employees located across 80+ territories.Before joining DXC Technology, he held various leadership positions, including CISO, within the US government contracting and aerospace and defense industry, along with a long career serving clients as a cyber security and risk management consultant. Michael is known for his strategic vision, global program management, and ability to drive operational excellence across end-to end cyber services that provide measurable business value. Visit dxc.com for more info.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Google's Threat Intelligence Group has observed a significant shift in 2025, threat actors are no longer using AI to just speed up operations, they are now integrating LLMs directly into the malware.Unit 42 has identified a previously undocumented Android spyware family, named LandFall, discovered during an investigation into iOS exploit chains involving malicious DNG images.Microsoft's November Patch Tuesday rollout includes fixes for over 60 vulnerabilities, one of which is a zero-day privilege escalation flaw in the Windows kernel that has already been exploited in the wild.Former executive at L3Harris Trenchant, Peter Williams, has pleaded guilty in U.S. federal court to selling 8 trade secrets valued at over 1.3 million to a Russian-based software broker involved in the zero-day exploit market.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of Defender Fridays, we talk to Alec Fenton, VP Security Operations at Foresite Cybersecurity, practical career advice for defenders, SOC metrics that actually matter and AI in security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Alec is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Navroop Mitter, CEO of ArmorText, about the role of Out-of-Band (OOB) communication in cyber incident response.ArmorText Named a Leader in The Forrester Wave™: Secure Communications Solutions, Q3 2024Cyber Resilience: Incident Response Tabletop ExercisesNavroop Mitter is the CEO of ArmorText, a mobile security and privacy company based in the Washington, D.C. area.Before founding ArmorText, Navroop was a Senior Manager in Accenture's North American Security Practice, where he built and led information security programs across multiple regions. He helped double Accenture's Scandinavian security practice within a year and established the firm's first near-shore security delivery center in Argentina, hiring and training over 30 practitioners in under 30 days.Navroop has led large-scale international security engagements, working across cultures and time zones to strengthen teams in the U.S., India, and abroad. Recognized for his entrepreneurial mindset and expertise in identity and access management, he became one of Accenture's most sought-after leaders for complex, multi-country security initiatives.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly observed threat campaign is exploiting Amazon Web Services' Simple Email Service using stolen credentials and open source tools to perform cloud reconnaissance and eventually launch Business Email Compromise scams. A critical vulnerability has been disclosed in the React Native Community CLI NPM package, a toolset widely used for building React Native applications.Microsoft's Detection and Response Team (DART) has discovered a novel backdoor, SesameOp, that uses the OpenAI Assistants API as a command-and-control (C2) channel, highlighting a new way attackers are misusing generative AI platforms.Researchers from Cyble and Seqrite Labs have disclosed a sophisticated malware campaign, dubbed Operation SkyCloak, targeting defense-related organizations in Russia and Belarus through weaponized attachments delivered via phishing emails.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of Defender Fridays, LimaCharlie Founder Maxime Lamothe-Brassard talks to Julie Agnes Sparks, Security Engineer at Datadog, about how to maximize logging visibility for effective detection engineering.Julie has a passion for continuous learning, proactively detecting significant security events, and responding effectively. Interests include: diversity & inclusion, privacy, and making technology more accessible.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The UK Information Commissioner's Office (ICO) recently released a comprehensive 136-page report detailing the BlackBasta ransomware attack on Capita in March 2023.Kaspersky researchers have detailed two active campaigns from North Korean APT group BlueNoroff, which continue the group's long-running SnatchCrypto operation targeting individuals in financial and tech sectors.The exploitation of the first Chrome zero-day of 2025 has been attributed to a state-sponsored threat actor involved in Operation ForumTroll, a cyber-espionage campaign targeting Russian entities across sectors like education, finance, media, and government.Netscout has identified a newly emerging Internet of Things (IoT) botnet, Aisuru, which has already launched distributed denial-of-service (DDoS) attacks exceeding 20 Tbps, placing it among the most powerful botnets observed to date.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud and a recognized expert in SIEM, log management, and PCI DSS compliance, will help us cut through the buzzwords and discuss modern security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Dr. Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. He is also a co-host of Cloud Security Podcast.Until June 2019, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. At Gartner he covered a broad range of security operations and detection and response topics, and is credited with inventing the term "EDR." He is a recognized security expert in the field of SIEM, log management and PCI DSS compliance. He is an author of books "Security Warrior", "PCI Compliance", "Logging and Log Management" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, honeypots, etc. His blog securitywarrior.org was one of the most popular in the industry.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Hannah Lloyd, Co-Founder and CRO of enhanced.io, about how MSPs can launch, sell and scale security offerings.With 10+ years of channel sales experience, Hannah leads global new business generation and account management to deliver innovative cybersecurity solutions to enhanced.io's MSP partners. As a GTIA EC member (2018) and Chair (2021), Hannah is actively involved in the MSP channel community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A breach at the Kansas City National Security Campus (KCNSC), a facility responsible for manufacturing roughly 80% of the non-nuclear components for U.S. nuclear weapons, was enabled by two critical Microsoft SharePoint vulnerabilities.COLDRIVER, a Russian state-sponsored group also tracked as UNC4057, Callisto, or Star Blizzard, has shifted rapidly toward new malware development following the public exposure of its previous malware, LOSTKEYS, in May 2025.CISA has officially added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging swift remediation efforts across federal environments. Newer article link.Amazon Web Services (AWS) experienced a major outage on October 20th that impacted thousands of applications globally, disrupting operations for companies and end-users alike.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Ken, Senior Solutions Engineer at LimaCharlie, dives into the incredibly confusing licensing tiers, pricing models and feature sets for Microsoft Defender for Endpoint. Today we discuss: The difference between tiersWays to solve Defender visibility issues and increase operational transparencyHow its capabilities can be customized and expanded for better flexibility and scalability for service providersJoin the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.A big picture thinker, Ken ferrets out trends, seeking to understand what happens when businesses are breached and the methods behind the attacks. Then he figures out how to protect customers before they're hit.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Zane demonstrates deploying honeyfiles via Velociraptor and discuss deception techniques for early detection of compromise. Learn how decoy files can serve as tripwires for infostealers and adversaries in your environment. Watch on YouTube for better visuals.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CrowdStrike is tracking a mass exploitation campaign leveraging a previously unknown vulnerability in Oracle E-business suite or EBS. A threat group, tracked as Storm-2603, has been observed using the open source Velociraptor DFIR tool as part of it's post-exploitation toolkit in recent ransomware attacks.North Korean IT workers, operating under state direction, continue to infiltrate international tech companies using false identities and anonymizing infrastructure to secure jobs and route payments in cryptocurrency. Researchers from Anthropic, the UK AI Security Institute, and Alan Turing Institute have released the largest study to date on poisoning attacks during pre-training on large language models or LLMs.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in Redis, dubbed RediShell and tracked as CVE-2025-49844, affects all Redis versions and carries a maximum CVSS score of 10.0.Cisco has disclosed a critical zero-day vulnerability—CVE-2025-20352—affecting its widely deployed IOS and IOS XE software, confirming active exploitation in the wild.Researchers at NCC Group have found that voice cloning technology has reached a level where just five minutes of recorded audio is enough to generate convincing voice clones in real time.A China-linked cyber-espionage group, tracked as UNC5221, has been systematically targeting network infrastructure appliances that lack standard endpoint detection and response (EDR) support.Dutch authorities have arrested two 17-year-old boys suspected of being recruited by pro-Russian hackers to carry out surveillance activities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Matt, Chief Strategy Officer at Cerby, discusses how the autonomous AI agents create a demand for a fresh approach to identity security and shares practical insights on navigating these new challenges.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Matt has spent 20+ years at the intersection of cybersecurity, strategy, and company building. His career began in the trenches as a practitioner and architect, grew into CISO and CSO roles, and today he helps scale Cerby as Chief Strategy Officer.At Cerby, Matt has been part of the journey from pre-launch through significant enterprise adoption, serving first as Founding Advisor, then Chief Trust Officer, COO, and now CSO. Each role reflected a different stage of building the company: establishing trust and market credibility, creating the operations foundation, and shaping long-term strategy and growth.Before Cerby, as part of the early RedLock team, Matt helped scale Prisma Cloud (formerly RedLock) from $4M to $500M+ ARR after Palo Alto Networks' $235M acquisition. That experience taught him how to scale security businesses from the ground up while staying connected to practitioner needs.Matt believes the best security leaders shouldn't have to choose between protecting and growing the business; his work is helping organizations achieve both.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Sarah Powazek about the Roadmap to Community Cyber Defense. Diving into the report, Sarah emphasizes the need for low-resource organizations and cyber experts to come together in a co-responsibility model for cyber defense. Learn more about the UC Berkeley Center for Long-Term Cybersecurity (CLTC).Get help or join the Cyber Resilience Corps here.Read the roadmap.Sarah leads flagship research on defending low-resource organizations like nonprofits, municipalities, and schools from cyber attacks. She serves as Co-Chair of the Cyber Resilience Corps and is also Senior Advisor for the Consortium of Cybersecurity Clinics, advocating for the expansion of clinical cyber education around the world. Sarah hosts the Cyber Civil Defense Summit, an annual mission-based gathering of cyber defenders to protect the nation's most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Josh Liburdi, Principal Engineer of Security Operations at DoorDash, joins Maxime Lamothe-Brassard, LimaCharlie CEO / Founder, to talk about building the Strelka file scanning system.As a security engineer who works in security operations (prevention, detection, and response), Josh has more than a decade of industry experience and has worked at several diverse organizations, including Brex, Target, and CrowdStrike.He also presents at information security conferences (BSides NYC & SF, SANS, fwd:cloudsec), is a published author (Bluenomicon from Splunk, Huntpedia from Sqrrl), and is active in the open source security community with contributions to many projects, including Substation at Brex (creator), Strelka at Target (creator), and the Zeek network analysis framework.Join Defender Fridays, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals. Become part of the LimaCharlie Community. Learn more about LimaCharlie at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.ESET Research has uncovered what it believes to be the first documented case of AI-powered ransomware, dubbed PromptLock.Multiple CrowdStrike-branded npm packages were recently discovered to be compromised, marking a new wave in the ongoing “Shai-Hulud” supply chain attack campaign.Researchers at AI security firm EdisonWatch have uncovered a new vulnerability in the ChatGPT calendar integration, revealing how it can be exploited to execute attacker-controlled commands.The most mature and globally distributed FileFix campaign observed to date is now active in the wild, according to researchers at Acronis.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of the Cybersecurity Defenders Podcast we speak with Robert Boles, Founder / CEO of BLOKWORX.A veteran of the U.S. Marine Corps, Rob founded BLOKWORX in 2006 to further his passion for creating fast, secure networks. Since 1999 Rob was a core technical contributor and presenter on an Advanced IP Team, delivering bleeding edge WAN and Managed Security services to Small, Mid-level and Fortune 500 businesses around the world. The experience led him back to the same conclusion, regardless of size and resources, every company struggled with the same uncertainty – multiple vendors with infinite solutions, and no real clarity how to make it all “work.” Rob focused BLOKWORX on security, reliability, and positive user experience. He has built a team that leverages their expertise with extensive research and testing, alignment with vendors, partners, and clients, and the experience of 1000's of nodes managed and monitored, all supported by a mature delivery model built on years of operational experience. Rob is an avid outdoorsman and his favorite place to be is in a raft or a kayak with his son Jack.Learn more at blokworx.com.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A high-profile phishing incident has resulted in the compromise of several widely-used JavaScript packages on npm, after a developer known as "Qix" inadvertently clicked a malicious link from a fake support email.Multiple undersea cable cuts in the Red Sea have led to degraded internet connectivity across the Middle East and South Asia, affecting key infrastructure and cloud services.North Korean-aligned threat actors operating under the Contagious Interview campaign have been systematically abusing cyber threat intelligence (CTI) platforms to monitor exposure of their own infrastructure and scout for new assets.Researchers from Ontinue have detailed a sophisticated phishing campaign leveraging the Salty2FA phishing kit - a framework that reflects how cybercriminal tooling is increasingly mimicking enterprise-grade software in terms of design, capability, and operational maturity.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The Salt Typhoon cyber campaign, attributed to Chinese state-backed hackers, has been declared a national defense crisis by the FBI and allied intelligence agencies.A group identifying itself as “Scattered LapSus Hunters” has posted a threat on Telegram demanding that Google terminate two of its employees.A newly discovered WhatsApp vulnerability, now tracked as CVE-2025-55177, has triggered urgent security advisories, particularly for iPhone users.More than 1,000 developers were compromised in just over four hours on August 26 during an unprecedented, AI-assisted software supply chain attack targeting the npm ecosystem.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel's io_uring interface to operate undetected by standard endpoint detection and response (EDR) systems.A cyberattack on the Netherlands' Openbaar Ministerie (OM), the Public Prosecution Service, has unexpectedly disrupted speed enforcement across the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community sit down with Jared Atkinson and dive into BloodHound.Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog at www.invoke-ir.com.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.• Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers.• AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic's Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys.• At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as part of their malware arsenal.• Microsoft has released an in-depth technical analysis of PipeMagic, a modular backdoor linked to ransomware operations carried out by Storm-2460, a financially motivated threat group associated with RansomEXX.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Ezra Woods, Security Engineer at Grand Canyon Education, shares insights on current attack trends and practical defensive strategies you can use to protect your environment with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/• A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel's eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1• Microsoft's Microsoft Active Protections Program, or MAPP, is designed to shorten the time between vulnerability discovery and patch deployment by giving trusted security vendors early access to vulnerability details. https://nattothoughts.substack.com/p/when-privileged-access-falls-into• US law enforcement, in coordination with multiple international partners, has taken action against the BlackSuit ransomware group — also known as Royal — resulting in the seizure of four servers, nine domains, and approximately $1 million in cryptocurrency. https://www.darkreading.com/vulnerabilities-threats/blacksuit-ransomware-infrastructure-law-enforcementSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Christopher Luft, Co-Founder and CCO of LimaCharlie, and Dr. Mike Saylor, CEO of Blackswan Cybersecurity, sat down with the Defender Fridays community for Black Hat week wrap up and a deep dive building secure environments for IR.Dr. Mike Saylor is an accomplished, outcome-driven and solution-focused business professional and entrepreneur with 30+ years of Consulting, IT Audit & Risk, Cyber Security & Incident Response experience. Uniquely qualified as a leader with a solid knowledge of operations, strategy and management, Dr. Mike has enjoyed repeated success guiding highly skilled, cross functional teams in areas of intelligence, security, technology, and audit & compliance. Dr. Mike is an experienced public speaker, writer, and researcher on topics of technology, security, and cybercrime. He stays current with changes in the industry through professional affiliations and continuing professional development. Learn more about Blackswan Cybersecurity at blackswan-cybersecurity.comOn Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.At Black Hat USA in Las Vegas, three security researchers demonstrated how Google's Gemini AI could be hijacked to take control of smart home devices using a novel form of indirect prompt injection.Two separate security teams - NeuralTrust and SPLX - have conducted red teaming evaluations of the newly released GPT-5, and both report serious deficiencies in the model's security posture.Another Black Hat story, security researchers Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies presented a compelling case that hacking satellites is not only more cost-effective than deploying anti-satellite missiles, but alarmingly easy due to widespread software vulnerabilities.Our final Black Hat story, Cisco Talos researchers disclosed five critical vulnerabilities in Broadcom's BCM5820X series chips, used in Dell's ControlVault3 secure enclave hardware.CISA and FEMA have jointly announced over $100 million in cybersecurity grant funding for the 2025 fiscal year, targeting state, local, and tribal governments.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and Jeremy Snyder, Founder and CEO of FireTail.ai, sat down with the Defender Fridays community to discuss the hurdles of maintaining secure processes while adding AI to your workflow.Jeremy is the founder and CEO of FireTail.ai. Jeremy was an IT and cybersecurity practitioner for over 10 years before transitioning into product and sales roles in cloud security and cyber. Jeremy once went three days without seeing another human, but saw lots of reindeer. Another time, Jeremy was kicked off a train in central Sweden. Find out more at FireTail.ai.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at limacharlie.io/defender-fridays.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.More than 90 state and local government organizations have been targeted in a recent wave of cyberattacks exploiting a vulnerability in Microsoft SharePoint, according to the Center for Internet Security (CIS).Traditional cyber attack methodologies - exploiting endpoints, moving laterally, escalating privileges - are increasingly outdated as enterprise IT shifts toward SaaS and browser-based access.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-2533 - a high-severity Cross-Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF print management software - to its Known Exploited Vulnerabilities (KEV) catalog.Researchers at Nozomi Networks have disclosed over a dozen security flaws in Tridium's Niagara Framework, a vendor-agnostic building management platform used in sectors ranging from industrial automation to energy and smart infrastructure.Between April 2024 and April 2025, ransomware attacks on the oil and gas industry increased by an unprecedented 935%, according to new research from cybersecurity firm Zscaler.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.