The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comReact2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged involvement with pro‑Russia hacktivist groups CyberArmyofRussia_Reborn and NoName057(16).A China-aligned threat actor identified as Warp Panda has been linked to recent compromises of VMware vCenter environments at U.S.-based organizations, according to a new report from CrowdStrike. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.Key Topics:The gap between AI malware hype and practical realityWhy threat actors prefer simple, effective methods over sophisticated techniquesThe prevalence of legitimate RMM tools in modern attacksBuilding practical detection strategies for actual threatsLessons from physical security that apply to cybersecurity defenseRandy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives. Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

On this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader.Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Alec's commitment to excellence and his unwavering dedication to staying ahead of the curve in the ever-evolving field of cybersecurity have earned him recognition as a trusted advisor and thought leader in the industry. When he's not immersed in the world of IT security, Alec enjoys spending time outdoors, and help coach his son's baseball/basketball teams.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comThe Tomiris cyber-espionage group, which has been under Kaspersky's watch since 2021, has evolved its tactics in a new wave of attacks observed in early 2025. Article #2.CISA has recently added CVE-2021-26829 to its known exploited vulnerabilities, or KEV catalog, marking it as a confirmed threat based on real world exploitation. Researchers at KOI Security have identified a malicious NPM package, which not only performs typical credential stealing behavior, but also includes a new, subtle tactic attempting to manipulate AI-driven security scanners via embedded prompt engineering. Article #2.Iranian state sponsored threat group MuddyWater has launched a new wave of cyber espionage attacks targeting Israeli organizations across sectors including academia, civil infrastructure, engineering, technology and utilities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cyber Security Cares, visit cybersecurity-cares.comAI is now fulfilling a long-standing hope of security teams: it’s taking over repetitive, low-skill tasks like log reviews, alert triage, and basic investigations.Anthropic has disclosed what it believes is the first documented case of a largely autonomous AI-orchestrated cyber espionage campaign.The new "JackFix" variant of the ClickFix attack is gaining traction, and unlike its predecessors, it combines both social engineering and technical evasion tactics to bypass existing defenses more effectively.Researchers at Morphisec have uncovered a new six-month-long campaign weaponizing .blend files - native to Blender, the open-source 3D modeling software - to deliver a variant of the StealC information stealer.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.