POPULARITY
In this special DNS Masterclass episode of Breaking Badness, hosts Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce take a deep dive into the Domain Name System often dubbed the backbone and battleground of the internet. From its humble beginnings with host files to its critical role in modern security, the episode unpacks DNS's evolution, vulnerabilities, and impact on InfoSec.
In this episode of Breaking Badness, we dive into two major cybersecurity concerns: the risks of abandoned S3 buckets and a wave of phishing attacks impersonating DeepSeek. Watchtowr Labs uncovers how forgotten AWS storage can be hijacked for malicious purposes, potentially compromising military, government, and enterprise systems. Meanwhile, attackers exploit DeepSeek's rising popularity to create lookalike sites, tricking unsuspecting users into downloading malware or exposing credentials. Join hosts Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce as they break down these findings with humor, deep insights, and even a few pop culture references. Plus, we rate the severity of these threats on our infamous Hoodie Scale and wrap up with Gold, Guidance & Grievances.
Welcome to the 200th episode of Breaking Badness!
In this special 2025 Predictions episode of Breaking Badness, host Kali Fencl joins cybersecurity experts Sean McNee, Tim Helming, and Daniel Schwalbe to discuss the future of cyber threats and defense. From ransomware evolution and AI-powered attacks to quantum computing and “synthetic identity fraud,” the group compares their insights with predictions generated by leading AI platforms like ChatGPT, Claude, Copilot, and Meta AI. Will 2025 be the year of AI-compromised models or industrial control system hacks? Are biometric security risks on the rise, and what's next for ransomware gangs? Tune in for insights, banter, and some predictions you'll want to track!
In this week's episode of Breaking Badness, we dive deep into two major cybersecurity stories that are shaping today's landscape. First, we explore the alarming capabilities of Locate X, a powerful smartphone tracking tool used by U.S. law enforcement without a warrant. How does it work, what are the privacy implications, and what can individuals do to protect their data? We then shift gears to APT29's latest campaign as discovered by Amazon, uncovering how this well-known threat actor employed advanced tactics to impersonate AWS infrastructure and target victims. Join Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce as they dissect these stories and share their expert insights. Stick around for the Grim Reaper's hoodie ratings and our signature segment, Gold, Guidance, and Grievances.
In this special research edition of Breaking Badness, hosts Kali Fencl, Tim Helming, Sean McNee, and guest Sasha Angus from Sylla Intel dive deep into the world of cybercriminal campaigns targeting retailers. They explore how bad actors exploit the growing threat landscape, discussing specific fraud tactics, infrastructure reuse, and ways organizations can defend themselves. From pandemic-driven scams to sophisticated brand impersonation schemes, this episode offers valuable insights for both retailers and consumers navigating the complex world of e-commerce security.
Kali Fencl, Daniel Schwalbe, and Tim Helming discuss Brian Krebs' article on namespace collisions and the risks associated with new generic TLDs (gTLDs) along with facial recognition and privacy concerns at major sporting events
In this episode of the Breaking Badness Cybersecurity Podcast, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vulnerabilities impacting your phone's 5G connection along with the new owner of the popular Polyfill JS project injecting malware into more than 100,000 sites.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vishing attacks against CISA along with a threat campaign targeting Snowflake customer database instances.
This week Kali Fencl, Tim Helming, and Ian Campbell discuss mercenary spyware attacks along with the US, Philippines, and Japan entering into a cyber intel sharing alliance.
Kali Fencl, Tim Helming, and Ian Campbell discuss spoofed domains and the American Girl brand along with @Proofpoint's findings regarding distribution of malware on YouTube.
Episode 185 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss Brian Krebs' article on thread hijacking along with the latest alert from CISA that affects XZ Utils.
This week Kali Fencl, Tim Helming, and Austin Northcutt discuss threat actors using DDP sites for phishing, credential harvesting, and more along with Wired's reporting of how researchers discovered how to open 3 million hotel keycard locks
Episode 182 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss Palo Alto's latest findings on Bifrost along with the rise of laid off tech workers turning to cybercrime.
Episode 181 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss CISA's caution against a hacked VPN getaway along with Guardio Security's discovery of a large subdomain hacking campaign.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss China's involvement with I-Soon along with DNSSEC and the #KeyTrap vulnerability
Episode 178 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the US disabling of Volt Typhoon along with AnyDesk's recent cyberattack.
This week it's all about targeting expansions! Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss threat actors COLDRIVER expanding their targeting along with Mint Sandstorm.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss a new method of hacking compromising Google accounts along with findings from Operation Triangulation.
Episode 175 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Ian Campbell discuss bad actors using shell companies in Wyoming for global attacks along with BazarCall attacks leveraging Google Forms.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss a recent attack on a municipal water authority along with Timo Longin and SEC Consult's latest research on DNS cache poisoning
Kali Fencl, Tim Helming, Taylor Wilkes-Pierce, and Sean McNee discuss their favorite #cybersecurity books! Listen and learn what we've enjoyed and what we've found helpful in our careers along with non-industry books we're currently enjoying.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the SEC charges against SolarWinds and its CISO along with the 0-day exploitation impacting NetScaler ADC and NetScaler Gateway appliances.
This week on Breaking Badness, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the latest accusations against Fancy Bear along with a look at 404 Media's findings about the SIM Swapper group known as The Comm.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss curl 8.4.0 along with one of the biggest DDoSes of all time.
This week on Breaking Badness, Kali Fencl, Tim Helming, and Sean McNee speak with Sean Gallagher from Sophos X-Ops on the latest iteration in pig butchering schemes along with how AI could change the game.
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss a previously unknown compression side channel in GPUs along with the Johnson Controls #ransomware attack.
This week Kali Fencl, Tim Helming, and Ian Campbell discuss the ransom attacks against MGM and Caesars Entertainment along with Cisco's acquisition of Splunk.
In this special episode of Breaking Badness, Kali Fencl and Tim Helming speak with Tony Robinson, Senior Security Researcher with the Emerging Threats team at Proofpoint. We talk about his path to #infosec, #InformationStealers, and more!
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss telekopye and online marketplace scams along with NIST's publication of the first draft standards for post-quantum cryptography. Listen here:
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the Downfall Intel CPU vulnerability along with MoustachedBouncer's espionage against Belarus.
In this special episode of Breaking Badness, Kali Fencl and Tim Helming speak with none other than Tracy Maleeff (aka InfoSec Sherpa!) We're excited to share our conversation on her background, empathy in infosec, industry myths she'd like to bust, and more!
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the investigation of Storm-0558 along with Ukraine's most recent takedown of a massive bot farm.
Math puns abound in episode 161 of Breaking Badness! But Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce do manage to discuss Daniel Kelley's blog on how AI is revolutionizing BEC attacks along with details of the national #cybersecurity strategy.
This week Kelsey LaBelle, Tim Helming, and Ian Campbell discuss the new variant of the Mirai botnet along with Graham Cluley's article on zero-day flaws used in spy attacks against Kaspersky.
On this week's episode of Breaking Badness, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the new Fortigate firmware updates along with Brian Krebs article on replacing Barracuda hardware.
This week Tim Helming, Sean McNee, and guest researcher Sasha Angus discuss the most prolific ransomware families and share cybersecurity gold, guidance, and grievances.
This week Kali Fencl, Tim Helming, and Ian Campbell discuss Kim Zetter's work on the SolarWinds investigation along with the Senate's hearing on AI regulation.
This week Kelsey LaBelle, Tim Helming, and Aaron Gee-Clough discuss the 5 pillars of the White House's National Cybersecurity Strategy.
This week Kelsey LaBelle, Tim Helming, and Taylor Wilkes-Pierce discuss Cisco Talos' Ukraine task unit one year into the Ukraine/Russia conflict along with the Google Pixel and Windows 11 uncropping bugs
This week on Breaking Badness, Kelsey LaBelle, Daniel Schwalbe, and Tim Helming discuss the recent collapse of Silicon Valley Bank. We'll dive into what we've been seeing on our end, predictions on what we may see from bad actors, and practical advice for moving forward.
We're celebrating 150 episodes of Breaking Badness! Join us for Part I of a 2 week extravaganza! We're talking to Kelsey LaBelle, Tim Helming, Taylor Wilkes-Pierce, and Ian Campbell this week on their paths to infosec, favorite pod memories, and interests outside of work.
This week Kelsey LaBelle, Tim Helming, and Taylor Wilkes-Pierce discuss malvertising using Google Ads along with ProofPoint's recent research on use of Microsoft OneNote for delivering malware
This week Kelsey LaBelle, Tim Helming, and Taylor Wilkes-Pierce discuss the FBI takedown of the Hive ransomware variant along with insights from the 2022 GuidePoint Research and Intelligence Team ransomware report.
This week Kelsey LaBelle, Tim Helming, and Taylor Wilkes-Pierce discuss vulnerabilities in Siemens programmable logic controllers along with Kevin Chung's blog post on resurrecting the defunct IoT NYCTrainSign.
This week Kelsey LaBelle, Tim Helming, and Taylor Wilkes-Pierce discuss domains seized by the FBI linked to DDoS-for-hire services along with Rick Osgood's blog on ChatGPT's phishing potential.
It's a special in-person episode of Breaking Badness! Kelsey LaBelle, Tim Helming, Daniel Schwalbe, Taylor Wilkes-Pierce, and Sean McNee talk about the ongoing T.Swift/Ticketmaster security saga, the war in Ukraine, and the Disneyland Team post from Brian Krebs.
Episode 138 of Breaking Badness, Kelsey LaBelle, Tim Helming, and special guest Aaron Gee-Clough discuss SocGholish JavaScript malware along with Phylum's research regarding PyPI packages in ongoing supply chain attacks.
Episode 136 of Breaking Badness gets spooky! This week Taylor Wilkes-Pierce, Kelsey LaBelle, and Tim Helming discuss the classic movie Gremlins since it comes up while discussing OldGremlin, along with double extortion attacks from BlackByte. Listen here:
In Breaking Badness Episode 106, Taylor Wilkes-Pierce, Tim Helming, and Kelsey LaBelle discuss Project Zero's deep dive into an NSO zero-click iMessage exploit and the impact and takeaways of the log4j vulnerability.
Co-hosts Tim Helming, Chad Anderson, and Taylor Wilkes-Pierce discuss a $10M bounty on the DarkSide ransomware gang, and a critical Apple vulnerability Microsoft dubbed "Shrootless."
BB host Tim Helming was at the Mandiant Cyber Defense Summit recently, and caught up with two analysts, Regina Elwell and Alyssa Rahman. They describe their roles, how they got into infosec, and what they're researching at the moment.
Chad Anderson, Dan Fernàndez, and Tim Helming discuss why Azure is giving folks the blues, and how data theft is making the skies decidedly less friendly.
Episode 96 of Breaking Badness is now available. This week Chad Anderson, Tim Helming, and Kelsey LaBelle discuss a RCE in MSHTML and a new DDoS botnet that has been attacking
Tim Helming, WT1IM, the PIO of the Comm Academy 2021, an emergency communications and amateur radio conference, will take your calls live. The Comm Academy, like many other conferences, has been moved online for this year. So, you don't have to go to Seattle this time! You can attend from anywhere with an internet connection.Be sure to CALL in with your questions and comments by calling 859-982-7373 live during the call-in segment of the show. You can also tweet your questions before or during the show to @HamTalkLive.commacademy.org
In this week's podcast Tim Heming is back to discuss the recent events in long distance triathlon and deliver his now legendary (his words) Kona Top 10 predictions. Tim has a deep knowledge about the top Ironman and 70.3 competitors and keeps track of their performances in order to enhance the validity of his picks. In fact, last year he correctly predicted 7/10 of the female top 10 in Kona including the correct order of the top 3 and he also picked 5/10 of the top 10 males including the winner. Can he go any better and will you be a better pundit? Keep an eye out for my Kona predictions competition. In this chat we covered a few subjects including: How did Alistair Brownlee get beaten by a relative unknown in the World 70.3 Championships in Nice Does Lucy Charles performance in France indicate that Daniella Ryf has the upper hand Patrick Lange finished 22nd in Nice. How will he go in Kona? Our thoughts on drug cheats winning age groups medals in Ironman events Why Sebastien Kienle’s Nice performance is good news ahead of Ironman Hawaii Which nation occupies the male podium (top 3) in Tim’s Kona picks You can find the answers to all of these questions in this week's podcast. Also, look out for our Kona predictions competition on Facebook. To find out more about Simon’s coaching please visit his website here. To follow Simon on Facebook, click here. For more information please go to www.SimonWardTriathlonCoach.com, or www.TheTriathlonCoach.com, or email Beth@TheTriathlonCoach.com.
This week, Paul reports on hackers hijacking Nintendo Switch, Salon website gives you a choice: turn off your ad blocker or let us mine cryptocurrency, and Google Chrome marking all non-HTTPS sites insecure in July 2018! Tim Helming of DomainTools joins us for the expert commentary, and more on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode161 Visit https://www.securityweekly.com/hnn for all the latest episodes!
This week, Paul reports on hackers hijacking Nintendo Switch, Salon website gives you a choice: turn off your ad blocker or let us mine cryptocurrency, and Google Chrome marking all non-HTTPS sites insecure in July 2018! Tim Helming of DomainTools joins us for the expert commentary, and more on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode161 Visit http://hacknaked.tv to get all the latest episodes!
Tim Helming joins us to talk about all things related to domains, including luxury domain abuses, the security value of the whois database and more! Full Show Notes: https://wiki.securityweekly.com/Episode521 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Tim Helming joins us to talk about all things related to domains, including luxury domain abuses, the security value of the whois database and more! Full Show Notes: https://wiki.securityweekly.com/Episode521 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Tim Helming of DomainTools joins us, Paul Ewing of Endgame demystifies the art of hunting, and we discuss the latest security news! Full Show Notes: https://wiki.securityweekly.com/Episode521 Visit https://www.securityweekly.com for all the latest episodes!
Tim Helming of DomainTools joins us, Paul Ewing of Endgame demystifies the art of hunting, and we discuss the latest security news! Full Show Notes: https://wiki.securityweekly.com/Episode521 Visit https://www.securityweekly.com for all the latest episodes!