PodcastsBusinessThe Cybersecurity Defenders Podcast

The Cybersecurity Defenders Podcast

LimaCharlie
The Cybersecurity Defenders Podcast
Latest episode

336 episodes

  • The Cybersecurity Defenders Podcast

    Intel Chat: Cisco CUCM exploited, ransomware profiles, Gamaredon & AI agent phishing [335]

    2026-07-01 | 30 mins.
    Intel Chat with Matt Bromiley and Chris Luft.
    Matt and Chris break down four stories from the week in threat intel:
    • Cisco CUCM (CVE-2026-20230) — a web-dialer SSRF that chains to root-level RCE, exploited in the wild less than 24 hours after the PoC and full exploit chain were published.
    • The latest Ransomware Tool Matrix (RTM) / Ransomware Vulnerability Matrix (RVM) update, profiling three active groups — The Gentlemen, DragonForce and Warlock — and the BYOVD and legit-admin-tool tradecraft they increasingly share.
    • Gamaredon's upgraded toolkit against Ukraine (per ESET): new PowerShell downloaders like PteroPaste, Cloudflare tunneling and Workers for C2, and exfiltration to trusted cloud storage such as Amazon S3 and Dropbox.
    • Varonis Threat Labs phishing an AI email agent ("Pinchy") — why agents spot technical phishing better than humans yet hand over credentials to a convincing social request, and why you should treat them as privileged junior employees.
    Chapters:
    0:00 Intro & catching up
    2:25 Cisco CUCM exploited within 24h of the PoC
    9:57 Ransomware Tool Matrix: The Gentlemen, DragonForce & Warlock
    15:44 Gamaredon's upgraded TTPs against Ukraine
    22:18 Can AI email agents be phished?
    28:08 Wrap-up: Black Hat plans & the LimaCharlie suite
    The Cybersecurity Defenders Podcast — a podcast about cybersecurity and the people that keep the internet safe. New episodes drop weekly.
    Subscribe wherever you listen:
    • Spotify: https://open.spotify.com/show/6ep00zeY3S8ffZ4o0UeSps
    • Apple Podcasts: https://podcasts.apple.com/us/podcast/the-cybersecurity-defenders-podcast/id1649981740
    • YouTube: https://www.youtube.com/@limacharlieio
    Learn more about LimaCharlie: https://limacharlie.io
    #cybersecurity #infosec #threatintel #ransomware #DFIR
  • The Cybersecurity Defenders Podcast

    The evolving fraud landscape in the age of AI with Tamas Kadar [#334]

    2026-06-30 | 42 mins.
    Today we're speaking with Tamas Kadar, CEO / Co-Founder of SEON, about building a safer digital world for businesses. We touch on fraud, how it's evolved in the age of AI, and what we can do to protect ourselves against it.
    Tamas' entrepreneurial path began at Corvinus University in Budapest, where the vision for SEON first took shape. Co-founding a cryptocurrency exchange opened his eyes to the scale and complexity of online fraud, sparking the idea for something better. In 2017, that “something better” became SEON. Learn more at https://seon.io/
    Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
    This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io
  • The Cybersecurity Defenders Podcast

    Anthropic restriction, ServiceNow incident, Fortinet credential harvesting & Ukraine accesses EU cyber reserve / Intel Chat [#333]

    2026-06-28 | 34 mins.
    In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
    Reports state that the US government issued an export control order restricting access to anthropic newly released cloud mythos five and fable five models for foreign nationals.
    ServiceNow disclosed a security incident involving an unauthenticated access for an API endpoint that allowed users to query data from customer instances without proper authentication.
    A large scale credential harvesting campaign dubbed for to bleed is actively targeting Fortinet firewalls and VPN gateways, and has already compromised more than 30,000 internet facing devices across 194 countries.
    Ukraine has been granted access to the European Union's cyber security reserve, giving the country the ability to request assistance from EU approved cyber security experts during major cyber attacks that exceed its own response capabilities.
    Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
    This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
  • The Cybersecurity Defenders Podcast

    Last call for Defenders - How we're actually using AI in the SOC with Eric Capuano / Defender Fridays [#332]

    2026-06-20 | 37 mins.
    Join us for the final episode of Defender Fridays as Eric Capuano, creator of Defender Fridays and co-founder of Digital Defense Institute, closes out the series with a candid conversation on how he's actually building and running agentic workflows in the SOC today.
    At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
    What We'll Discuss
    In this episode, Eric Capuano draws on years of SOC operations, detection engineering, and hands-on agentic workflow development to share what's actually working, what isn't, and where the industry needs to be more honest with itself.
    Key Topics:
    Why agentic workflows are the next evolution of SOAR, and what it takes to build them reliably
    How deterministic checkpoints at every stage are essential to making LLM-driven workflows trustworthy
    How one team increased their detection engineering output by 900x using agentic workflows running day and night
    Why false positive tuning and detection engineering are the right place to start before tackling complex investigative workflows
    How to think about model selection in agentic pipelines: cost, task complexity, and stakes
    Why organizations with poor data hygiene will struggle to get value from AI regardless of how sophisticated the tooling is
    The risks of prompt injection when feeding untrusted inputs into LLMs, and why trusted inputs should always come first
    Why the goal is to use LLMs for as little as possible, and push everything else into deterministic steps
    About Our Guest
    Eric Capuano is the creator of Defender Fridays and co-founder of Digital Defense Institute. He has spent years doing SOC operations, detection engineering, threat hunting, and DFIR, and currently consults on building and deploying agentic SecOps workflows for security teams. He is also the author of the "So You Want to Be a SOC Analyst" training, which has put over 500 students through hands-on SOC workflows using LimaCharlie's free tier.
    Watch Us Live
    Defender Fridays ran every Friday at 10:30am PT for over 100 sessions. Subscribe to our YouTube channel to catch up on past episodes.
    Sponsored by LimaCharlie
    This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.
    Why LimaCharlie?
    Eliminate vendor sprawl and tool complexity
    Deploy and scale effortlessly on native multi-tenant architecture
    Reduce costs with intelligent data routing and free 1-year retention
    Build custom solutions with 100+ security capabilities on-demand
    Accelerate response with agentic AI that acts directly within predefined workflows
    Try the Agentic SecOps Workspace free: https://limacharlie.io
    Learn more: https://docs.limacharlie.io
    Follow LimaCharlie
    Sign up for free: https://limacharlie.io
    LinkedIn: / limacharlieio
    X: https://x.com/limacharlieio
    Community Discourse: https://community.limacharlie.com/
    Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
    Guest: Eric Capuano - Co-founder of Digital Defense Institute
  • The Cybersecurity Defenders Podcast

    FFmpeg's 21 zero-days, Ruby cooldown feature, Microsoft disrupted by Shai-Hulud worm & Meta AI tool compromise / Intel Chat [#331]

    2026-06-15 | 28 mins.
    In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
    DepthFirst reported that it's autonomous security agent discovered 21 previously unknown vulnerabilities in FFmpeg, a widely deployed multimedia framework used across browsers, streaming infrastructure, and other systems that process media.
    Bundler, 4.0.13 introduces a new security feature called cooldown, aimed at reducing the impact of software supply chain attacks in the Ruby ecosystem.
    A new variant of the Shai-Hulud supply chain worm, known as Miasma, briefly disrupted Microsoft's software development ecosystem after compromising dozens of GitHub repositories.
    Meta says approximately 20,000 Instagram accounts may have been compromised through the abuse of an AI powered account recovery support system.
    Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
    This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
More Business podcasts
About The Cybersecurity Defenders Podcast
An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.
Podcast website

Listen to The Cybersecurity Defenders Podcast, The Rational Reminder Podcast and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features