Shows
The Cybersecurity Defenders PodcastHow can we improve global security? With J. Michael Daniel from Cyber Threat Alliance [#314]J. Michael Daniel, President and CEO of Cyber Threat Alliance (CTA), gives us a peek behind the U.S. Government cybersecurity curtain and how he has helped improve the nation's security through the CTA.Michael leads the CTA team and oversees the organization's operations. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy, and ensured that the US government effectively partnered with the private sector...
2026-04-2240 min
The Cybersecurity Defenders PodcastChina-linked group targets cloud workflows, Russian cyber espionage, agentic AI systems flaw & Nginx vulnerability / Intel Chat [#313]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Intercept and control AI agent activity with Viberails by LimaCharlie: viberails.ioAPT41, a China-linked threat group is deploying a previously undetected backdoor targeting Linux based cloud workflows.Fancy bear, also known as APT28 or Forest Blizzard, is a Russian cyber espionage group believed to operate on behalf of the country's military intelligence services, the GRU. Trend Micro research here.Anthropic’s Model Control Protocol widely used in agentic AI systems to connect AI agents with data sources, co...
2026-04-2031 min
The Cybersecurity Defenders PodcastHow do you know your AI agents are actually correct? With Dylan Williams from Spectrum Security / Defender Fridays [#312]Today, Dylan Williams, Co-Founder and Chief Research Officer at Spectrum Security, joins Defender Fridays to dig into that exact problem: self-evaluating agents, trajectory analysis, and what improvement looks like in production.Learn more at https://www.spectrum.security/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to ou...
2026-04-1733 minThe Cybersecurity Defenders PodcastUnderstanding how attackers think & helping you avoid threats with Terry Bradley from Mile High Cyber [#311]Terry Bradley, Founder and President of Mile High Cyber, shares how you can uncover vulnerabilities and strengthen your organization's defenses with expert penetration testing and security assessments.Terry is a former hacker for the NSA and uses those same skills at Mile High Club, the firm he founded, to help businesses stay one step ahead of cybercriminals. After a lifelong passion for security, starting with his time as a 1990 graduate of the U.S. Air Force Academy, Terry has spent his career understanding how attackers exploit weaknesses and helping businesses stay ahead of threats. From penetration testing...
2026-04-1538 min
The Cybersecurity Defenders PodcastIran-linked cyber attacks U.S. critical infrastructure, FlamingChina, Node.js targeted & Storm-1175 / Intel Chat [#310]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Federal cybersecurity agencies have issued an urgent warning about Iran-linked cyberattacks targeting operational technology (OT) systems across U.S. critical infrastructure.A hacker operating under the alias “FlamingChina” claims to have breached a Chinese state-run supercomputing facility and stolen a large dataset that may exceed 10 petabytes of information.Multiple high-profile maintainers in the Node.js ecosystem report being targeted in a coordinated social-engineering campaign aimed at compromising widely used open-source packages.Microsoft Threat Intelligence reports that the cybercrime group Storm-1175 is c...
2026-04-1339 min
The Cybersecurity Defenders PodcastLevelling up your AI SOC with Joshua Neil from Alpha Level / Defender Fridays [#309]Joshua Neil, Co-Founder of Alpha Level, dives into a more sophisticated understanding of AI SOCs. Join the conversation about this industry change on Defender Fridays.Dr. Joshua Neil, has been a pioneer in applying machine learning to cybersecurity since 2000, starting his journey at Los Alamos National Laboratory. There, he co-developed Pathscan, a network anomaly detection system capable of spotting attacks that slip past traditional defenses. In 2014, he and CEO Mike Pozmantier took that innovation to market by licensing Pathscan to Ernst & Young (EY), turning deep research into enterprise impact.That experience exposed a hard truth...
2026-04-1034 minThe Cybersecurity Defenders PodcastWhy cyber analysts are crucial in protecting public infrastructure with Michael Hamilton from PISCES International [#308]Michael Hamilton, Chief Technology Officer at PISCES International, joins us to discuss the benefits of providing real world experience to students while they protect existing public infrastructure. The resilient future of local government security rests in our ability to adapt to changing threats and adopt new technologies, including AI.Learn more at https://pisces-intl.org/30 years in Information Security as a practitioner, entrepreneur, consultant, and in executive management. Direct experience in retail, manufacturing, government, defense, academic, semiconductor, energy, law enforcement, transportation, publishing and financial sectors - from Fortune 1 to small nonprofits. Formerly: Policy...
2026-04-0845 min
The Cybersecurity Defenders PodcastIran’s IRGC threatens U.S. tech companies, FBI Director hacked, Venom Stealer & Hasbro cyber attack / Intel Chat [#307]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Iran’s Islamic Revolutionary Guard Core, or the IRGC, announced that it plans to begin attacks on more than a dozen American technology companies operating across the middle east, starting after 8pm Tiran time on April 1st.A pro-Iranian hacking group, known as Hendala, has claimed responsibility for breaching a personal account belonging to FBI Director, Kash Patel.A newly discovered malware-as-a-service platform called Venom Stealer is automating the creation and deployment of quick-fix social engineering attacks, significantly lowering the ba...
2026-04-0623 min
The Cybersecurity Defenders PodcastMalicious geopolitical cyber activity, cyberattacks tied to conflict in Iran, open source supply chain attack & AI autonomous espionage / Intel Chat [#306]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Since the onset of the conflict in the Gulf region, cybersecurity researchers have observed a noticeable rise in malicious cyber activity tied to geopolitical events.Unit 42 researchers are warning about an increased risk of destructive cyberattacks tied to the conflict involving Iran.The hacking group known as TeamPCP has expanded a large-scale supply chain campaign targeting widely used open source software ecosystems.In September 2025, Anthropic disclosed an incident in which a state-sponsored threat actor used an AI coding agent to...
2026-03-3035 min
The Cybersecurity Defenders PodcastWhat makes a strong security team? With Andrew Cook from Recon InfoSec / Defender Fridays [#305]This week on Defender Friday we are joined by Andrew Cook, CTO of Recon InfoSec, to talk about what it means to build a strong security team and why hiring builders is always a good bet.As the CTO of Recon InfoSec, a leading provider of managed security operations, Andrew oversees the technical vision, strategy, and execution of their services and solutions. He has more than a decade of experience in threat hunting, digital forensics, network defense, and capability development.Andrew's mission is to provide customers with the expertise they need to confidently and effectively...
2026-03-2732 minThe Cybersecurity Defenders PodcastBringing 40+ year old industrial security systems into the 21st century with Justin Searle from InGuardians [#304]Justin Searle, Director of ICS Security at InGuardians, joins us today to talk about the challenges facing industrial control system security. With increased attack surface areas and maintaining and updating decades-old systems, Justin's dedication to informing and educating newcomers and experts alike is more important now than ever before.As the Director of ICS Security at InGuardians, Justin specializes in ICS security architecture design and penetration testing. He led the Smart Grid Security Architecture group in creating the NIST Interagency Report 7628 and has played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG...
2026-03-2531 min
The Cybersecurity Defenders PodcastIs it smart to have AI agents act as employees? With David Burkett from Corelight / Defender Fridays [#303]David Burkett, Cloud Security Researcher at Corelight, is back on Defender Fridays this week to discuss thinking in pipelines for AI agents.As a dedicated and highly experienced Cloud Detection Engineer and Security Architect, David has the privilege of working at a Fortune 50 Company where he leverages his extensive background in cybersecurity to protect digital assets. With a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers.David's expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. He's proud...
2026-03-2035 minThe Cybersecurity Defenders PodcastHow to think long-term growth in an AI-dominated industry with Stel Valavanis from onShore Networks [#302]Today we're speaking with Stel Valavanis, Founder and Chairman at onShore Networks and Co-Founder at The Gallery Building, about sustaining a security company over three decades of industry changes. We also dive into investing in start ups and how founders can think long term about governance and growth.Stel has over 40 years of experience ranging from software development to network design and cybersecurity. He's founded 8 companies, invested in 10 more, and sit on various boards. His goal is to build the best tech stack for his customers but also wants to pay forward and make investments in startups...
2026-03-1938 min
The Cybersecurity Defenders PodcastCyber Strategy for America, new targets in war in Iran, Camaro Dragon & medical manufacturer Stryker attacked / Intel Chat [#301]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The White House released President Trump’s Cyber Strategy for America, outlining a national framework to strengthen both defensive and offensive cybersecurity capabilities.Iran has expanded the scope of potential targets in the ongoing conflict with Israel and the United States by identifying infrastructure tied to major American technology companies in the Middle East as “legitimate targets.”Chinese-linked threat actors have launched cyberattacks against organizations in Qatar shortly after the initial US-Israel strikes on Iran, indicating a shift in regional target...
2026-03-1732 min
The Cybersecurity Defenders PodcastDrones damage data centers, Iranian cyber retaliation, Sloppy Lemming & Honeywell vulnerability / Intel Chat [#300]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Iranian drone strikes damaged three Amazon Web Services data center facilities in the Middle East, highlighting the physical risks associated with large-scale cloud infrastructure.Cyber activity linked to Iran and pro-Iranian actors has intensified following a joint US–Israeli military strike on Iran that killed Supreme Leader Ayatollah Ali Khamenei and several other government officials.The India-linked advanced persistent threat group known as “Sloppy Lemming” has significantly increased its cyber operations over the past year, targeting organizations in Pakistan, Bangladesh, and ot...
2026-03-0935 min
The Cybersecurity Defenders PodcastLearning how to trust that AI is secure with Saurabh Shintre from Realm Labs / Defender Fridays [#299]Saurabh Shintre, Founder and CEO of Realm Labs, is on Defender Fridays today to discuss securing AI from within.Saurabh previously led the AI security research at Splunk and Symantec. He has been at the forefront of AI security research for nearly a decade with multiple publications and patents and regularly features on public forums on issues regarding security and AI. Saurabh holds a PhD from Carnegie Mellon. Learn more at https://www.realmlabs.ai/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts...
2026-03-0930 min
The Cybersecurity Defenders PodcastNorth Korean malware interviews, FortiGate firewall compromised, Cisco zero-day & Citrini Research AI future / Intel Chat [#298]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.GitLab’s Threat Intelligence Team published detailed findings on North Korean activity associated with the Contagious Interview campaign and broader IT worker operations.A financially motivated, Russian-speaking threat actor used generative AI tools to compromise more than 600 Fortinet FortiGate firewall instances between January and February, according to Amazon Web Services.Cisco has released emergency patches for a critical zero-day vulnerability in its Catalyst SD-WAN products that has been actively exploited in the wild.Citrini Research presents a forward-looking scenario framed as...
2026-03-0342 min
The Cybersecurity Defenders PodcastAI Red Teaming with John V from the Institute for Security and Technology / Defender Fridays [#297]John V, AI risk, safety, and security at the Institute for Security and Technology (IST), joins Defender Fridays today. John's work spans AI red teaming, adversarial machine learning, AI evals and validation, and AI risk assessment, including policy work at the intersection of AGI and nuclear strategic stability. Learn more at https://securityandtechnology.org/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts...
2026-02-2730 minThe Cybersecurity Defenders PodcastHow to Strengthen Cyber Resilience in an AI Era with Chris Cochran from SANS Institute [#296]On this episode of The Cybersecurity Defenders Podcast, we speak with Chris Cochran, Field CISO & Vice President of AI Security at SANS Institute, about how to navigate the future of AI risk and security strategyChris works at the intersection of cyber defense, AI safety, and emerging risk, where the threats are converging and the playbooks are still being written. His career has taken him from the Marine Corps to NSA, U.S. Cyber Command, the U.S. House of Representatives, Mandiant, and Netflix. Across every role, one throughline: understanding adversaries, building high-trust teams, and translating complex...
2026-02-2531 min
The Cybersecurity Defenders PodcastDoppelBrand targets fortune 500s, Android malware Keenadu, attackers expand AI adoption & endless AI-driven threats / Intel Chat [#295]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A financially motivated threat actor known as GS7 is conducting a large-scale phishing campaign called Operation DoppelBrand, targeting Fortune 500 companies by impersonating their corporate login portals.Kaspersky researchers have analyzed a newly identified Android malware strain named Keenadu that provides attackers with remote control over infected devices.Application Programming Interfaces continue to be a primary attack surface, and new research from Wallarm shows the problem is accelerating as AI adoption expands.Hacker News outlines cybersecurity technology priorities for 2026, framing the...
2026-02-2340 min
The Cybersecurity Defenders PodcastHow is AI reshaping app security? With Farshad Abasi from Eureka DevSecOps / Defender Fridays [#294]This week on Defender Fridays, Farshad Abasi, Founder and CEO of Forward Security and Eureka DevSecOps, discusses how AI can help us set a new standard in app and cloud security. Farshad brings over 27 years of industry experience to the forefront of cybersecurity innovation. His professional journey includes key technical roles at Intel and Motorola, evolving into senior security positions as the Principal Security Architect for HSBC Global, and Head of IT Security for the Canadian division. Farshad's commitment to the field extends to his role as an instructor at BCIT, where he imparts his...
2026-02-2030 min
The Cybersecurity Defenders PodcastRussian cyber ops, Sygnia, Ollama & TeamPCP / Intel Chat [#293]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Russian cyber operations have maintained a consistent focus on exploiting both tactical and strategic targets within the defense industrial base, particularly in the context of the war in Ukraine.Sygnia has disclosed a large-scale, AI-driven scam operation involving over 150 cloned websites impersonating law firms.A joint investigation by SentinelLabs and Censys has revealed a growing ecosystem of publicly exposed AI compute infrastructure, driven largely by deployments of Ollama - an open-source framework for running large language models locally.Flare has...
2026-02-1635 min
The Cybersecurity Defenders PodcastAre we overlooking our most precious resource - ourselves? With Brandon Min from Herd Security / Defender Fridays [#292]This week Brandon Min, Founder and CEO of Herd Security, joins Defender Fridays to discuss how human risk management needs to rebrand with empathy.Brandon is the co-founder and CEO of Herd Security, where they help security teams drive employee engagement in security, making a more resilient organization. Humans have been the #1 target of organizational cyber attacks; however, security teams, organizations, vendors, and leaders have vilified them. At Herd, they believe security should be led with empathy and care. Building trust amongst users that will drive their engagement in security. Building herd immunity from cyber...
2026-02-1332 min
The Cybersecurity Defenders PodcastOpenClaw saga continues, React Native Community vulnerability, Notepad++ & GTIG targets IPIDEA proxy network / Intel Chat [#291]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.OpenClaw, an open source AI agent formerly known as MoltBot and ClawdBot, has rapidly become the fastest-growing project on GitHub, amassing over 113,000 stars in under a week.A critical vulnerability in the React Native Community CLI NPM package, tracked as CVE-2025-11953 with a CVSS score of 9.8, has been actively exploited in the wild since late December 2025, according to new findings by VulnCheck. JFrog article.Following the disclosure in the Notepad++ v8.8.9 release announcement, further investigation confirmed a sophisticated supply...
2026-02-0928 min
The Cybersecurity Defenders PodcastDo you have a browser blind spot? With Cody Pierce from Neon Cyber / Defender Fridays [#290]Most orgs have a major blind spot: the browser.This week on Defender Fridays, we're joined by Cody Pierce, Co-Founder and CEO at Neon Cyber, to discuss why browser security remains a critical gap, from sophisticated phishing campaigns that bypass traditional controls to shadow AI tools operating outside your security perimeter.Cody began his career in the computer security industry twenty-five years ago. The first half of his journey was rooted in deep R&D for offensive security, and he had the privilege of leading great teams working on elite problems. Over the last decade...
2026-02-0634 min
The Cybersecurity Defenders PodcastPeckBirdy, ShinyHunters, OpenClaw (former Moltbot) impersonation & ELECTRUM / Intel Chat [#289]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Researchers at Trend Micro have uncovered continued activity from China-aligned threat actors leveraging a cross-platform JavaScript-based command-and-control framework known as "PeckBirdy".Silent Push has identified an extensive phishing campaign targeting over 100 organizations, attributed to the threat actor group ShinyHunters.A malicious Visual Studio Code extension impersonating an AI coding assistant for OpenClaw (former Moltbot) has been discovered distributing malware via the official VS Code Extension Marketplace.Dragos has attributed the December 2025 cyberattack on the Polish power grid to the Russian...
2026-02-0229 min
The Cybersecurity Defenders PodcastAgentic SecOps Workspace (ASW) office hours with LimaCharlie / Defender Fridays [#288]Join us for a special Defender Fridays Office Hours session where the LimaCharlie team demonstrates the new Agentic SecOps Workspace (ASW) and explores what's possible when AI agents operate security infrastructure directly.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.What We'll DiscussIn this hands-on session, we showcase real working implementations of AI in cybersecurity operations...
2026-01-3029 minThe Cybersecurity Defenders PodcastNo Going Back: AI Redefines SecOps for Service Providers (MSSP) with a panel of computer scientists and security practitioners [#287]In this special episode of The Cybersecurity Defenders Podcast, a panel of cybersecurity experts discuss the irreversible changes AI has brought to the industry. This panel originally aired on January 20th, 2026.The panel attendees include:Christopher Luft (host) - Co-Founder / CCO, LimaCharlieMaxime Lamothe-Brassard - Founder / CEO, LimaCharlieEric Capuano - Co-Founder, Digital Defense InstituteJoshua Neil - Co-Founder, Alpha LevelKris Merritt - AdvisorDaniel Lees - Sr Staff Cloud Security Architect, GoogleLimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.Security vendors are racing to attach chatbots to legacy platforms and...
2026-01-281h 12
The Cybersecurity Defenders PodcastVisual Studio Code malware, Sinkholes reversal, Chinese pen-testing & FortiSIEM zero-day / Intel Chat [#286]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.China’s pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.A critical zero-day vulnerability, CVE-2025-6...
2026-01-2631 min
The Cybersecurity Defenders PodcastThe future of SOC leadership with John Hubbard from SANS Institute / Defender Fridays [#285]This week on Defender Fridays, John Hubbard, SANS Institute Cyber Defense Curriculum Lead, discusses the future of security operations and what it means for SOC leaders today. We'll be talking about:Building continuous improvement into SOC leadershipCurrent vendor and product trends shaping security operationsAI's real impact on SOC jobs and operationsFew instructors combine real-world security operations center (SOC) leadership, curriculum design, and frontline defense experience like John Hubbard. As a Senior Instructor at the SANS Institute, author of SANS SEC450: SOC Analyst Training – Applied Skills for Cyber Defense Operations, and co-author of SANS LDR551: Bu...
2026-01-2332 minThe Cybersecurity Defenders PodcastFrom AI SOC to AI in the SOC (and beyond) Ft. Mike Privette from Return on Security with Maxime Lamothe-Brassard from LimaCharlie [#284]In this special episode of The Cybersecurity Defenders Podcast, Mike Privette hosts a keynote discussion with LimaCharlie Founder and CEO, Maxime Lamothe-Brassard. LimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration...
2026-01-2258 min
The Cybersecurity Defenders PodcastVoidLink, AsyncRat, Predator spyware & AI agents pose risk to enterprises / Intel Chat [#283]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Security researchers at Check Point have uncovered a previously unknown Linux malware framework named VoidLink, which stands out for its complexity and modular design.Researchers at Trend Micro have identified a new phishing campaign that combines legitimate services and open-source tools to distribute AsyncRAT, a commodity-remote access trojan.New research into Predator spyware reveals a deeper level of sophistication and operational intelligence than previously understood.The widespread adoption of AI agents in enterprise environments is creating a new class of...
2026-01-2031 min
The Cybersecurity Defenders PodcastHiring fraud and deepfake AI with Tom Cross from GetReal Security / Defender Fridays [#282]This week on Defender Fridays, Tom Cross, Head of Threat Research at GetReal Security, joins us to talk hiring fraud and deepfakes on our first Defender Fridays session of 2026!At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious...
2026-01-1632 min
The Cybersecurity Defenders PodcastNi8mare CVSS 10.0, malicious AI extensions, Venezuela blackout & guilty BlackCat insiders / Intel Chat [#281]In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances.Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security.The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official c...
2026-01-1431 minThe Cybersecurity Defenders PodcastHow AI is Re-Building the Cybersecurity Landscape with Max Lamothe-Brassard from LimaCharlie [#280]On this episode of The Cybersecurity Defenders Podcast we're starting the new season off with the hottest topic of 2025: AI. Sitting down with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, we discuss the ways AI has rapidly changed how companies are building security tools.Join an in-depth discussion January 20, 2026 and witness LimaCharlie's fundamentally different approach to AI-powered security operations. Your security operations will never be the same: https://www.linkedin.com/events/7401665070889545728/Maxime Lamothe-Brassard began his cybersecurity career at the Canadian Department of National Defense before providing direct assistance to organizations facing cyber...
2026-01-1244 minThe Cybersecurity Defenders Podcast#279 - 2025 Predictions for the Future of Cybersecurity with all our guestsOn this episode of The Cybersecurity Defenders Podcast, we revisit the 2025 predictions shared by our guests throughout the year. From attackers and defenders to AI and the broader security industry, these forecasts capture what experts expected was coming next. Rather than judging accuracy - which is still too early to assess -we're examining the predictions themselves: where they aligned, how they clustered, and what those patterns reveal about the industry’s mindset as this year came to a close. Free from hindsight bias, this episode explores what remained uncertain as we entered 2026.Support our show by...
2025-12-2255 min
The Cybersecurity Defenders Podcast#278 - Defender Fridays: Bug bounties, disclosures and real-world response with Bryan Brake from AmazonThis week on Defender Fridays, Bryan Brake, Senior Product Manager and Bug Bounty Team Lead at Amazon, joins us to discuss vulnerability remediation, bounty processes, and incident response workflows.Bryan will share practical insights on managing disclosures and coordinating responses across security teams.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join us every Friday at 10:30am...
2025-12-1932 minThe Cybersecurity Defenders Podcast#277 - BlackGirlsHack: Building a community and impactful legacy with Rebekah SkeeteOn this episode of The Cybersecurity Defenders Podcast we speak with Rebekah Skeete, Executive Director and CEO of BlackGirlsHack Foundation. Rebekah dives into how BGH is helping to increase diversity in cybersecurity by bridging the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity.For more information visit: https://www.blackgirlshack.org/HomeRebekah Skeete is a Security Engineer with Schellman based in Dallas, Texas. As a member of the Infrastructure and Security team, Rebekah is part of a collaborative group of technology professionals serving as the primary...
2025-12-1746 min
The Cybersecurity Defenders Podcast#276 - Intel Chat: React2Shell, GeminiJack vulnerability, pro‑Russia hacktivist arrested & Warp PandaIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comReact2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged invo...
2025-12-1537 min
The Cybersecurity Defenders Podcast#275 - Defender Fridays: Polymorphic Panic - Debunking the AI Malware Myth with Randy Pargman from ProofpointJoin us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should...
2025-12-1232 min
The Cybersecurity Defenders Podcast#274 - Why most SOCs are failing (and how to fix them) with Alec Fenton from Foresite CybersecurityOn this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader.Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed...
2025-12-1041 min
The Cybersecurity Defenders Podcast#273 - Intel Chat: Tomiris cyber-espionage group, OpenPLC ScadaBR flaw, NPM manipulating AI-driven scanners & MuddyWaterIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comThe Tomiris cyber-espionage group, which has been under Kaspersky's watch since 2021, has evolved its tactics in a new wave of attacks observed in early 2025. Article #2.CISA has recently added CVE-2021-26829 to its known exploited vulnerabilities, or KEV catalog, marking it as a confirmed threat based on real world exploitation. Researchers at KOI Security have identified a malicious NPM package, which not only performs typical credential stealing behavior...
2025-12-0930 min
The Cybersecurity Defenders Podcast#272 - Intel Chat: AI taking over low-skilled work, AI-orchestrated cyber espionage, JackFix & weaponizing Blender filesIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cyber Security Cares, visit cybersecurity-cares.comAI is now fulfilling a long-standing hope of security teams: it’s taking over repetitive, low-skill tasks like log reviews, alert triage, and basic investigations.Anthropic has disclosed what it believes is the first documented case of a largely autonomous AI-orchestrated cyber espionage campaign.The new "JackFix" variant of the ClickFix attack is gaining traction, and unlike its predecessors, it combines both social engineering and technical evasion ta...
2025-12-0132 minThe Cybersecurity Defenders Podcast#271 - AI hype & the future of SecOps, what’s changed in 30 years? With Erik Bloch from IllumioOn this episode of The Cybersecurity Defenders Podcast we speak with Erik Bloch, VP of Security at Illumio, about better tools to combat burnout rate and discuss the reality of AI in security.Erik Bloch has 30+ years of information and cyber security experience, both as an IC and as a leader of teams. “People first” has always been his approach. He has led entire security and IT functions at smaller companies, and been the CISOs leading big teams at larger orgs. Erik also spent time on the product side, trying to make better tooling for peop...
2025-11-2651 minThe Cybersecurity Defenders Podcast#269 - How AI offers defenders even more growth opportunities with Michael Baker from DXC TechnologyOn this episode of The Cybersecurity Defenders Podcast we speak with Michael Baker, VP, Global Chief Information Security Officer at DXC Technology, about his optimistic outlook on the impact of AI in cybersecurity.Michael Baker is an accomplished cyber security executive with more than 24 years of experience in the field. He is passionate about building high-performing teams and transforming the way cyber risk is managed within businesses. Currently, Michael serves as the Global Chief Information Security Officer (CISO) for DXC Technology. In this capacity, he is responsible for protecting the brand and reputation of DXC Technology, a $14...
2025-11-1938 min
The Cybersecurity Defenders Podcast#268 - Intel Chat: LLM integration in malware, Android spyware family LandFall, Windows kernel zero-day flaw & Ex-L3Harris executive sells trade secretsIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Google’s Threat Intelligence Group has observed a significant shift in 2025, threat actors are no longer using AI to just speed up operations, they are now integrating LLMs directly into the malware.Unit 42 has identified a previously undocumented Android spyware family, named LandFall, discovered during an investigation into iOS exploit chains involving malicious DNG images.Microsoft’s November Patch Tuesday rollout includes fixes for over 60 vulnerabilities, one of which is a zero-day privilege escalation flaw in the Windows kernel that has...
2025-11-1742 min
The Cybersecurity Defenders Podcast#267 - Defender Fridays: AI in SecOps - what's real vs. what's hype? With Alec Fenton from Foresite CybersecurityIn this episode of Defender Fridays, we talk to Alec Fenton, VP Security Operations at Foresite Cybersecurity, practical career advice for defenders, SOC metrics that actually matter and AI in security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Alec is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his...
2025-11-1432 minThe Cybersecurity Defenders Podcast#266 - Preparing for Out-of-Band Communication in Incident Response with Navroop Mitter from ArmorTextOn this episode of The Cybersecurity Defenders Podcast we speak with Navroop Mitter, CEO of ArmorText, about the role of Out-of-Band (OOB) communication in cyber incident response.ArmorText Named a Leader in The Forrester Wave™: Secure Communications Solutions, Q3 2024Cyber Resilience: Incident Response Tabletop ExercisesNavroop Mitter is the CEO of ArmorText, a mobile security and privacy company based in the Washington, D.C. area.Before founding ArmorText, Navroop was a Senior Manager in Accenture’s North American Security Practice, where he built and led information security programs across multiple regions. He h...
2025-11-1230 min
The Cybersecurity Defenders Podcast#265 - Intel Chat: AWS TruffleNet exploit, React Native vulnerability, SesameOp OpenAI Assistants API C2 channel & Operation SkyCloakIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly observed threat campaign is exploiting Amazon Web Services' Simple Email Service using stolen credentials and open source tools to perform cloud reconnaissance and eventually launch Business Email Compromise scams. A critical vulnerability has been disclosed in the React Native Community CLI NPM package, a toolset widely used for building React Native applications.Microsoft's Detection and Response Team (DART) has discovered a novel backdoor, SesameOp, that uses the OpenAI Assistants API as a command-and-control (C2) channel, highlighting a new...
2025-11-1031 min
The Cybersecurity Defenders Podcast#264 - Defender Fridays: Dive into SaaS Intrusion Trends with Julie Agnes Sparks from DatadogIn this episode of Defender Fridays, LimaCharlie Founder Maxime Lamothe-Brassard talks to Julie Agnes Sparks, Security Engineer at Datadog, about how to maximize logging visibility for effective detection engineering.Julie has a passion for continuous learning, proactively detecting significant security events, and responding effectively. Interests include: diversity & inclusion, privacy, and making technology more accessible.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating...
2025-11-0732 min
The Cybersecurity Defenders Podcast#263 - Intel Chat: BlackBasta, BlueNoroff, Operation ForumTroll & AisuruIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The UK Information Commissioner's Office (ICO) recently released a comprehensive 136-page report detailing the BlackBasta ransomware attack on Capita in March 2023.Kaspersky researchers have detailed two active campaigns from North Korean APT group BlueNoroff, which continue the group’s long-running SnatchCrypto operation targeting individuals in financial and tech sectors.The exploitation of the first Chrome zero-day of 2025 has been attributed to a state-sponsored threat actor involved in Operation ForumTroll, a cyber-espionage campaign targeting Russian entities across sectors like education, finance, me...
2025-11-0341 min
The Cybersecurity Defenders Podcast#262 - Defender Fridays: What does "AI-ready SOC" actually mean? With Dr. Anton Chuvakin from CISO, Google CloudDr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud and a recognized expert in SIEM, log management, and PCI DSS compliance, will help us cut through the buzzwords and discuss modern security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Dr. Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. He is also a co-host of Cloud Security Podcast.Until...
2025-10-3135 minThe Cybersecurity Defenders Podcast#261 - Scaling MSP & MSSP Services with Hannah Lloyd, Co-Founder / CRO of enhanced.ioOn this episode of The Cybersecurity Defenders Podcast we speak with Hannah Lloyd, Co-Founder and CRO of enhanced.io, about how MSPs can launch, sell and scale security offerings.With 10+ years of channel sales experience, Hannah leads global new business generation and account management to deliver innovative cybersecurity solutions to enhanced.io’s MSP partners. As a GTIA EC member (2018) and Chair (2021), Hannah is actively involved in the MSP channel community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. ...
2025-10-2959 min
The Cybersecurity Defenders Podcast#260 - Intel Chat: Kansas City National Security Campus breach, COLDRIVER, new KEV catalog additions & AWS outageIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A breach at the Kansas City National Security Campus (KCNSC), a facility responsible for manufacturing roughly 80% of the non-nuclear components for U.S. nuclear weapons, was enabled by two critical Microsoft SharePoint vulnerabilities.COLDRIVER, a Russian state-sponsored group also tracked as UNC4057, Callisto, or Star Blizzard, has shifted rapidly toward new malware development following the public exposure of its previous malware, LOSTKEYS, in May 2025.CISA has officially added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging...
2025-10-2740 min
The Cybersecurity Defenders Podcast#259 - Defender Fridays: Breaking Down Microsoft Defender for Endpoint with Ken Westin from LimaCharlieKen, Senior Solutions Engineer at LimaCharlie, dives into the incredibly confusing licensing tiers, pricing models and feature sets for Microsoft Defender for Endpoint. Today we discuss: The difference between tiersWays to solve Defender visibility issues and increase operational transparencyHow its capabilities can be customized and expanded for better flexibility and scalability for service providersJoin the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.A big picture thinker, Ken ferrets out trends, seeking to understand what happens when businesses are breached and...
2025-10-2433 min
The Cybersecurity Defenders Podcast#258 - Intel Chat: Oracle EBS, Storm-2603, North Korean IT infiltration & LLM poisoning studyIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CrowdStrike is tracking a mass exploitation campaign leveraging a previously unknown vulnerability in Oracle E-business suite or EBS. A threat group, tracked as Storm-2603, has been observed using the open source Velociraptor DFIR tool as part of it’s post-exploitation toolkit in recent ransomware attacks.North Korean IT workers, operating under state direction, continue to infiltrate international tech companies using false identities and anonymizing infrastructure to secure jobs and route payments in cryptocurrency. Researchers from Anthropic, the UK AI Security In...
2025-10-2039 min
The Cybersecurity Defenders Podcast#257 - Defender Fridays: Using Honeyfiles to Detect Adversaries with Zane Gittins from Meissner Filtration ProductsZane demonstrates deploying honeyfiles via Velociraptor and discuss deception techniques for early detection of compromise. Learn how decoy files can serve as tripwires for infostealers and adversaries in your environment. Watch on YouTube for better visuals.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of...
2025-10-2031 min
The Cybersecurity Defenders Podcast#256 - Intel Chat: RediShell, Cisco zero-day vulnerability, AI voice cloning tech, Brickstorm & pro-Russia teen hackers arrestedIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in Redis, dubbed RediShell and tracked as CVE-2025-49844, affects all Redis versions and carries a maximum CVSS score of 10.0.Cisco has disclosed a critical zero-day vulnerability—CVE-2025-20352—affecting its widely deployed IOS and IOS XE software, confirming active exploitation in the wild.Researchers at NCC Group have found that voice cloning technology has reached a level where just five minutes of recorded audio is enough to generate convincing voice clones in real time.A Chin...
2025-10-1346 min
The Cybersecurity Defenders Podcast#255 - Defender Fridays: Identity Automation in the Age of Agentic AI with Matthew Chiodi from CerbyMatt, Chief Strategy Officer at Cerby, discusses how the autonomous AI agents create a demand for a fresh approach to identity security and shares practical insights on navigating these new challenges.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Matt has spent 20+ years at the intersection of cybersecurity, strategy, and company building. His career began in the trenches as a practitioner and architect, grew into CISO and CSO roles, and today he helps scale Cerby as Chief Strategy Officer.
2025-10-1033 minThe Cybersecurity Defenders Podcast#254 - Roadmap to Community Cyber Defense with Sarah Powazek, Program Director of Public Interest Cybersecurity, UC Berkeley CLTCOn this episode of The Cybersecurity Defenders Podcast we speak with Sarah Powazek about the Roadmap to Community Cyber Defense. Diving into the report, Sarah emphasizes the need for low-resource organizations and cyber experts to come together in a co-responsibility model for cyber defense. Learn more about the UC Berkeley Center for Long-Term Cybersecurity (CLTC).Get help or join the Cyber Resilience Corps here.Read the roadmap.Sarah leads flagship research on defending low-resource organizations like nonprofits, municipalities, and schools from cyber attacks. She serves as Co-Chair of the Cyber Resilience...
2025-10-0837 min
The Cybersecurity Defenders Podcast#253 - Defender Fridays: Building the Strelka File Scanning System with Josh Liburdi from DoorDashJosh Liburdi, Principal Engineer of Security Operations at DoorDash, joins Maxime Lamothe-Brassard, LimaCharlie CEO / Founder, to talk about building the Strelka file scanning system.As a security engineer who works in security operations (prevention, detection, and response), Josh has more than a decade of industry experience and has worked at several diverse organizations, including Brex, Target, and CrowdStrike.He also presents at information security conferences (BSides NYC & SF, SANS, fwd:cloudsec), is a published author (Bluenomicon from Splunk, Huntpedia from Sqrrl), and is active in the open source security community with contributions to many projects...
2025-10-0330 min
The Cybersecurity Defenders Podcast#252 - Intel Chat: Secret Service SWAT Infrastructure, Nimbus Manticore, malicious ads targeting macOS, SpamGPT & GitHub NPM changesIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively...
2025-09-2934 min
The Cybersecurity Defenders Podcast#251 - Defender Fridays: Hunting Chinese State Actors with David Burkett from CorelightMaxime Lamothe-Brassard, LimaCharlie CEO / Founder, and our Defender Fridays community sat down with David Burkett to discuss hunting Chinese State Actors with the Latest CISA Joint Advisory.
As a dedicated and highly experienced Cloud Detection Engineer and Security Architect, David has the privilege of working at a Fortune 50 Company where he leverages his extensive background in cybersecurity to protect digital assets. With a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers.
David’s expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, an...
2025-09-2633 min
The Cybersecurity Defenders Podcast#250 - Intel Chat: PromptLock, "Shai-Hulud", EdisonWatch & FileFix campaignIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.ESET Research has uncovered what it believes to be the first documented case of AI-powered ransomware, dubbed PromptLock.Multiple CrowdStrike-branded npm packages were recently discovered to be compromised, marking a new wave in the ongoing “Shai-Hulud” supply chain attack campaign.Researchers at AI security firm EdisonWatch have uncovered a new vulnerability in the ChatGPT calendar integration, revealing how it can be exploited to execute attacker-controlled commands.The most mature and globally distributed FileFix campaign observed to date is now active in t...
2025-09-2236 min
The Cybersecurity Defenders Podcast#248 - Predictive vs. Reactive Cybersecurity with Robert Boles, Founder / CEO of BLOKWORXOn this episode of the Cybersecurity Defenders Podcast we speak with Robert Boles, Founder / CEO of BLOKWORX.A veteran of the U.S. Marine Corps, Rob founded BLOKWORX in 2006 to further his passion for creating fast, secure networks. Since 1999 Rob was a core technical contributor and presenter on an Advanced IP Team, delivering bleeding edge WAN and Managed Security services to Small, Mid-level and Fortune 500 businesses around the world. The experience led him back to the same conclusion, regardless of size and resources, every company struggled with the same uncertainty – multiple vendors with infinite solutions, an...
2025-09-1739 min
The Cybersecurity Defenders Podcast#247 - Intel Chat: JavaScript high-profile phishing, Red Sea cable cutting, Contagious Interview campaign & Salty2FAIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A high-profile phishing incident has resulted in the compromise of several widely-used JavaScript packages on npm, after a developer known as "Qix" inadvertently clicked a malicious link from a fake support email.Multiple undersea cable cuts in the Red Sea have led to degraded internet connectivity across the Middle East and South Asia, affecting key infrastructure and cloud services.North Korean-aligned threat actors operating under the Contagious Interview campaign have been systematically abusing cyber threat intelligence (CTI) platforms to monitor...
2025-09-1534 min
The Cybersecurity Defenders Podcast#245 - Intel Chat: Salt Typhoon, Scattered LapSus Hunters, WhatsApp vulnerability & AI-assisted compromiseIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The Salt Typhoon cyber campaign, attributed to Chinese state-backed hackers, has been declared a national defense crisis by the FBI and allied intelligence agencies.A group identifying itself as “Scattered LapSus Hunters” has posted a threat on Telegram demanding that Google terminate two of its employees.A newly discovered WhatsApp vulnerability, now tracked as CVE-2025-55177, has triggered urgent security advisories, particularly for iPhone users.More than 1,000 developers were compromised in just over four hours on August 26 during an unprecedented, AI-a...
2025-09-0934 min
The Cybersecurity Defenders Podcast#244 - Intel Chat: Trend Micro Apex One, PyPI domains, RingReaper & Openbaar Ministrie attackIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel’s io...
2025-09-0129 min
The Cybersecurity Defenders Podcast#243 - Defender Fridays: Detection prioritization via the BloodHound attack graph with Jared Atkinson, CTO at SpecterOpsMaxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community sit down with Jared Atkinson and dive into BloodHound.Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog...
2025-08-2933 min
The Cybersecurity Defenders Podcast#241 - Intel Chat:Apache ActiveMQ, Elastic EDR vulnerability, kernel-level EDR killers & PipeMagicIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.• Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers.• AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys.• At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as par...
2025-08-2636 min
The Cybersecurity Defenders Podcast#240 - Defender Fridays: Remote Management Tool Abuse with Ezra Woods, Security Engineer at Grand Canyon EducationEzra Woods, Security Engineer at Grand Canyon Education, shares insights on current attack trends and practical defensive strategies you can use to protect your environment with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays
2025-08-2329 min
The Cybersecurity Defenders Podcast#239 - Intel Chat: Scattered Spider or ShinyHunters, Linux kernel’s eBPF subsystem, MAPP & BlackSuit ransomware groupIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/• A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel’s eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1• Microsoft’s Microsoft Active Protections Program, or MAPP, is designed to...
2025-08-2038 min
The Cybersecurity Defenders Podcast#238 - Defender Fridays: Building trusted ecosystems for incident response with Dr. Mike Saylor, CEO of Blackswan CybersecurityChristopher Luft, Co-Founder and CCO of LimaCharlie, and Dr. Mike Saylor, CEO of Blackswan Cybersecurity, sat down with the Defender Fridays community for Black Hat week wrap up and a deep dive building secure environments for IR.Dr. Mike Saylor is an accomplished, outcome-driven and solution-focused business professional and entrepreneur with 30+ years of Consulting, IT Audit & Risk, Cyber Security & Incident Response experience. Uniquely qualified as a leader with a solid knowledge of operations, strategy and management, Dr. Mike has enjoyed repeated success guiding highly skilled, cross functional teams in areas of intelligence, security, technology, and audit & compliance.
2025-08-1531 min
The Cybersecurity Defenders Podcast#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA grant fundingIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.At Black Hat USA in Las Vegas, three security researchers demonstrated how Google's Gemini AI could be hijacked to take control of smart home devices using a novel form of indirect prompt injection.Two separate security teams - NeuralTrust and SPLX - have conducted red teaming evaluations of the newly released GPT-5, and both report serious deficiencies in the model’s security posture.Another Black Hat story, security researchers Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies presented a compelling ca...
2025-08-1142 min
The Cybersecurity Defenders Podcast#236 - Defender Fridays: Explore the Challenges of Securing AI Adoption with Jeremy Snyder, Founder and CEO of FireTail.aiMaxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and Jeremy Snyder, Founder and CEO of FireTail.ai, sat down with the Defender Fridays community to discuss the hurdles of maintaining secure processes while adding AI to your workflow.Jeremy is the founder and CEO of FireTail.ai. Jeremy was an IT and cybersecurity practitioner for over 10 years before transitioning into product and sales roles in cloud security and cyber. Jeremy once went three days without seeing another human, but saw lots of reindeer. Another time, Jeremy was kicked off a train in central Sweden. Find out more at...
2025-08-0830 min
The Cybersecurity Defenders Podcast#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA cyber grant fundingIn this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.More than 90 state and local government organizations have been targeted in a recent wave of cyberattacks exploiting a vulnerability in Microsoft SharePoint, according to the Center for Internet Security (CIS).Traditional cyber attack methodologies - exploiting endpoints, moving laterally, escalating privileges - are increasingly outdated as enterprise IT shifts toward SaaS and browser-based access.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-2533 - a high-severity Cross-Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF print...
2025-08-0739 minThe Cybersecurity Defenders Podcast#179 - Hacker Holidays: Operation FlyhookIn this episode, we recount the story of Operation Flyhook - an FBI sting operation in 2000 that resulted in the arrest of two Russian hackers on American soil. It is quite the story and leaves us with some pretty heavy conclusions.
This episode was written by Nathaniel Nelson, narrated by Christopher Luft, and produced by the team at LimaCharlie.
Any questions or feedback can be directed to defenders@limacharlie.io
2024-12-2718 minThe Cybersecurity Defenders Podcast#153 - Unpacking the hacker mindset with Ken Westin, Senior Solutions Engineer at LimaCharlieOn this episode of The Cybersecurity Defenders Podcast, we unpack the hacker mindset with Ken Westin, Senior Solutions Engineer at LimaCharlie.Ken is a seasoned thought leader in cybersecurity who has spent years analyzing and understanding the intricacies of cyber threats and the methods behind them. Ken has a unique ability to identify emerging trends in the industry and for figuring out how businesses can protect themselves before they fall victim to attacks. Previous to his current role, Ken was the Field CISO at Panther, where he developed workshops and delivered them around the world...
2024-09-1035 min
Perpetual Motion® PodcastLimaCharlie: Cybersecurity – Loud and ClearIn this episode, Michael Glenn and Colin Fowler speak with Maxime Lamothe-Brassard of LimaCharlie about cybersecurity as a buildable cloud service. Maxime discusses a thoughtful approach to product development that puts cloud service structure into context in terms of both market forces and the historical development of cybersecurity products.“But the fundamental truth behind it is, all of this is just stuff made up by humans to make a system work. And if you read about it and you go and you try to understand it, you can step through it and you can do it.” - Maxime Lamoth...
2024-08-1553 min
CyberBytes: The PodcastCyberBytes: RSA 2024 Edition: LimaCharlie with Maxime Lamothe-BrassardIt’s not too often that a Cybersecurity vendor comes along with a truly new offering. LimaCharlie is the first Cloud provider for Cybersecurity, and the first vendor I’ve ever seen raffle off a power tool set on the conference floor! CEO & Founder, Maxime Lamothe-Brassard joins me on CyberBytes: The Podcast RSA 2024 Edition and walks us through…His incredible early career with the Canadian equivalent to the NSA, building the early CrowdStrike product and Moonshot/Google X The growing desire to start his own company that led to founding LimaCharlie The challenge and education that comes with...
2024-05-2714 minThe Cybersecurity Defenders Podcast#122 - Platformization in cybersecurity with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlieOn this episode of The Cyebrsecurity Defenders Podcast, we talk platformization and the SecOps Cloud Platform with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlie.In a world where digital transformation has become the norm, cybersecurity professionals face unprecedented challenges. The traditional approach of managing dozens of disparate point solutions and siloed security tools, while attempting to control costs, is no longer sufficient.It's time to embrace a new era of cybersecurity in the SecOps Cloud Platform – one that treats cybersecurity as a set of capabilities much like how cloud providers did for IT. We challenge you to...
2024-05-0622 min
Midstage Startup Momentum#087 LimaCharlie Founder and CEO Maxime Lamothe-Brassard: Learn it the Hard WayCybersecurity is one of the biggest markets emerging in the tech industry right now. There are several big players, yet there is plenty of room for startups that are being innovative and taking a different approach. LimaCharlie is the latter, creating a SecOps cloud platform that aims to bring together a variety of cybersecurity capabilities in a single platform. In other words, it’s a more simplified approach to cybersecurity in the modern era.
Naturally, by taking a different approach to things, LimaCharlie ran into some unique challenges during its startup journey. Founder & CEO Max...
2024-04-1923 minThe Cybersecurity Defenders Podcast#109 - Hacker History: The MOVEit cyberattackIn this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of John Hammond, Principal Security Researcher at Huntress, tell the story of the MOVEit cyberattack: the biggest data theft of 2023.The MOVEit cyberbreach, was a far-reaching cyber attack that unfolded with significant implications worldwide. The breach initially came to light on June 3, when the Government of Nova Scotia disclosed that approximately 100,000 of its current and former employees had been affected, signaling the severity of the breach's impact.The scope of the breach widened on June 5, as it became...
2024-03-1319 minThe Cybersecurity Defenders Podcast#103 - A better way forward for cybersecurity with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlieIn this episode of The Cybersecurity Defenders Podcast, we delve into an innovative, engineering-centered perspective on cybersecurity with Maxime Lamothe-Brassard, the Founder & CEO of LimaCharlie.As part of the Canadian Intelligence apparatus, Maxime worked in positions ranging from development of cyber defence technologies, Counter Computer Network Exploitation, and Counter Intelligence. Maxime led the creation of an advanced cyber security program for the Canadian government and received several Director’s awards for his service.After leaving the government, Maxime provided direct help to private and public organizations in matters of cyber defence and worked for Crowdstrike, Go...
2024-02-2153 minThe Cybersecurity Defenders Podcast#68 - Intel Chat: Bumbebee, LockBit Gang, LUC-3, HTTPSnoop, DeadGlyph & Stately Taurus + Alloy Taurus + GelsemiumIn this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Intel471 are reporting on a campaign utilizing Bumblebee, a type of a loader that has increasingly been used by threat actors affiliated with ransomware.ESentire are reporting on several attacks conducted by the Russia-linked LockBit Gang.Permiso reporting on LUC-3 who overlaps with Scattered Spider.Cisco Talos has discovered a new malware family they have dubbed HTTPSnoop being deployed against telecommunication providers in the Middle East. WeLiveSecurity have stumbled upon a previously unknown backdoor being deployed in the Mi...
2023-09-2847 minThe Cybersecurity Defenders Podcast#62 - Cybersecurity industry trends with Ross Haleliuk, Co-Lead of the Venture in Security Angel SyndicateOn this episode of The Cybersecurity Defenders Podcast, we chat with Ross Haleliuk, Co-Lead of the Venture in Security Angel Syndicate, and Head of Product at LimaCharlie.Ross is a head of product at LimaCharlie - a startup that enables organisations to detect & respond to threats, automate processes, and future-proof their security operations. His areas of expertise include go-to-market and product strategy, B2B product-led growth, strategic positioning, product-market fit expansion, and growth. Outside of work, Ross is a startup advisor, angel investor, frequent contributor to TechCrunch, Forbes, and VentureBeat, and author of VentureinSecurity.net...
2023-09-0740 minThe Cybersecurity Defenders Podcast#58 - An introduction to the SecOps Cloud Platform with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlieOn this episode of The Cybersecurity Defenders Podcast, we chat with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlie, about the SecOps Cloud Platform.The SecOps Cloud Platform is a construct for delivering the core components needed to secure and monitor any given organization: things like, deploying endpoint capabilities through a single agent regardless of the technology, alerting and correlating from logs regardless of the source, automating analysis and response regardless of the environment.The SecOps Cloud Platform is:An environment where many solutions can exist, not as a collection of random tools, but as a...
2023-08-2006 minThe Cybersecurity Defenders Podcast#53 - The future of enterprise SecOps: a panel discussion with industry leadersOn this episode of The Cybersecurity Defenders Podcast we host a panel discussion with industry leaders and explore the advantages of the SecOps Cloud Platform for securing enterprise organizations.The panel is moderated by LimaCharlie's Chief Revenue Officer, Jessica Crytzer. The panel participants are:Founder & CEO of LimaCharlie, Maxime Lamothe-BrassardFounder & CEO of Turngate, Bruce Potter Head of Product, Interpres Security, Fred WilmotPrincipal Consultant at Higgins Cybersecurity Consulting, Sean HigginsWhat is the SecOps Cloud Platform?The SecOps Cloud Platform is a construct for delivering the core...
2023-08-0331 minThe Cybersecurity Defenders Podcast#50 - Intel Chat: AgentTesla, Cobalt Strike, njRAT, LokiBot, SophosEncrypt, BundleBot, and targetted OSS supply chain attacksIn this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations, and civilian users in Ukraine and Poland.FortiGuard Labs investigation the researchers came across several Malicious Office documents designed to exploit known vulnerabilities.Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt.CheckMarx is reporting the first known targeted OSS supply chain attacks against the banking sector.The LimaCharlie SecOps Cloud Platform provides organizations with comprehensive enterprise protection that b...
2023-07-2626 minThe Cybersecurity Defenders Podcast#49 - The history of LimaCharlie with Founder & CEO, Maxime Lamothe-BrassardOn this episode of The Cybersecurity Defenders Podcast, we sit down with LimaCharlie Founder & CEO, Maxime Lamothe-Brassard, and talk about the history and vision of the SecOps Cloud Platform.About the SecOps Cloud Platform:The SecOps Cloud Platform is a construct for delivering the core components needed to secure and monitor any given organization: things like, deploying endpoint capabilities through a single agent regardless of the technology, alerting and correlating from logs regardless of the source, automating analysis and response regardless of the environment.The SecOps Cloud Platform is:An...
2023-07-2139 min
Cyber ThoughtsEP 3: Maxime Lamothe-Brassard, Founder & CEO of LimaCharlieIn this episode of the Cyber Thoughts Podcast, Lucas interviews Maxime Lamothe-Brassard, the founder and CEO of LimaCharlie, a Lytical Venture's portfolio company. Maxime shares his journey in cybersecurity, starting from his time at the CSE, Canada’s national cryptologic agency, through his stints at CrowdStrike and Google, and founding LimaCharlie.
2023-06-2729 min
Secure Ventures with Kyle McNultyLimaCharlie: Maxime Lamothe-Brassard on Cybersecurity Middleware for Incident ResponseMaxime:
CEO and founder at LimaCharlie, middleware for cybersecurity application integration for incident response
Previously worked for Google, Crowdstrike, and Canada's department of defense
Check out the episode for our discussion on the challenges of building your own security workflows, automation adoption journeys, and how the larger cybersecurity automation world is evolving.
https://limacharlie.io/
2023-05-1636 minThe Cybersecurity Defenders Podcast#7 - Hacker History: Operation FlyhookIn this episode, we recount the story of Operation Flyhook - an FBI sting operation in 2000 that resulted in the arrest of two Russian hackers on American soil. It is quite the story and leaves us with some pretty heavy conclusions.This episode was written by Nathaniel Nelson, narrated by Christopher Luft, and produced by the team at LimaCharlie.Any questions or feedback can be directed to defenders@limacharlie.ioThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.
2022-11-2318 minThe Cybersecurity Defenders Podcast#3 - Introducing The Adversary Toolbox: PsExec. Plus cybersecurity startup founders roundtable.In this episode of the Cybersecurity Defenders Podcast, Matt Bromiley introduces the Adversary Toolbox and discusses Microsoft Windows remote execution tool, PsExec.We also sit down to chat with several cybersecurity startup founders about the lessons that they learned along the way and the things they wished they had known starting out.The panelists for this informative discussion are:Roselle Safran, Founder and CEO of KeyCaliberCorey White, Founder and CEO of CyvatarMaxime Lamothe-Brassard, Founder and CEO of LimaCharlieIf you have any suggestions or feedback please don't...
2022-10-2611h 56
Angelneers: Insights From Startup BuildersBringing an Engineering Approach to Cybersecurity with Maxime Lamothe-Brassard from LimaCharlieSiloed security products today don’t give you the control, transparency, scale, and innovation needed to protect against today’s advanced threats. In this episode, we sat down with Maxime Lamothe-Brassard to talk about bringing an engineering approach to cybersecurity through the Security Infrastructure as a Service (SIaaS) model and its implications.
Maxime is a co-founder and CEO of LimaCharlie which enables organizations to detect & respond to threats, automate processes, reduce the number of vendors they use, and future-proof their security operations.
Slack
LinkedIn
Twitter
Github
Youtube
2022-10-1451 min
The Future of Security OperationsLimaCharlie’s Maxime Lamothe-Brassard: Rethinking How Cybersecurity Tools Are Sold — Less Snakeoil, More Focus on CapabilitiesIn our third episode, we speak with Maxime Lamothe-Brassard — CEO and founder of LimaCharlie, a security infrastructure as a service tool that gives security teams full control over how they manage their security infrastructure. Maxime’s unique perspectives come from a career in security, including Canada’s NSA, Google, Arc4dia, and the early days of Crowdstrike.
Topics discussed in this episode:
The problem LimaCharlie solves.
What endpoint hygiene means and lessons Maxime learned from working at Google.
How Maxime describes the state of security today.
Maxime’s philosophy for how cybersecurity products should be marketed and sold to cu...
2022-04-2530 min
UNSECURITY: Information Security PodcastUNSECURITY Episode 163: The Need for Transparency in Cybersecurity Products w/ Max of LimaCharlieThis week, Brad and Evan sit down with special guest Max of LimaCharlie to discuss the importance of transparency in cybersecurity products, and how LimaCharlie is doing things differently.Give episode 163 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.Don't forget to like and subscribe!
2022-02-0140 min
Cybersecurity: Amplified And IntensifiedEpisode #40 - Incident Response Orchestration with Maxime Lamothe-Brassard of LimaCharlie.ioAs part of the Canadian Intelligence apparatus, Maxime worked in positions ranging from development of cyber defense technologies through Counter Computer Network Exploitation and Counter Intelligence. Maxime led the creation of an advanced cyber security program for the Canadian government and received several Director’s awards for his service.After leaving the government, Maxime provided direct help to private and public organizations in matters of cyber defense and worked for CrowdStrike, Google and Google X. Maxime left Google X - where he was a founding member of Chronicle Security - in 2018 to found LimaCharlie.Maxime La...
2021-12-061h 02
Sittadel Podcast30 - Maxime Lamothe-Bressard, Founder of LimaCharlieSome men see EDR as it is; others see EDR as it should be. Maxime Lamothe-Bressard joins Nate and Joshua for a discussion on the ways LimaCharlie is removing the roadblocks for working with some of the most important data points for Incident Responders and SOC analysts: file execution telemetry. Maxime brings a wealth of experience to the show, bringing insight from his time at Google-X, CrowdStrike, and a French Cafe. You can get started with LimaCharlie today for free by visiting limacharlie.io.For more information, visit https://www.sittadel.com or tweet us at @sittadelpodcast.
2021-10-0445 min
Secure Talk PodcastMaxime Lamothe-Brassard, Founder LimaCharlieMaxime "Max" Lamothe-Brassard Founder of LimaCharlie talks about the ins and outs of cloud-based endpoint detection and response (EDR), and explains how LimaCharlie is changing traditional thinking related to corporate cybersecurity solutions.
2021-09-2943 min