PodcastsBusinessThe Cybersecurity Defenders Podcast

The Cybersecurity Defenders Podcast

LimaCharlie
The Cybersecurity Defenders Podcast
Latest episode

337 episodes

  • The Cybersecurity Defenders Podcast

    Intel Chat: Hijacked AI backends, billboard hacks, Cursor DuneSlide & Claude export controls [336]

    2026-07-03 | 33 mins.
    Intel Chat with Matt Bromiley and Chris Luft.
    Matt and Chris break down four stories from the week in threat intel:
    • Zenity researchers observed three campaigns where attackers hijacked internet-exposed AI inference endpoints (Ollama, LiteLLM) as free model backends for offensive operations — including the Strix and HexStrike-AI pentesting frameworks and a Codex agent posing as a "security auditor" — enabled by no-auth defaults and placeholder API keys.
    https://www.darkreading.com/cloud-security/attackers-hijack-exposed-ai-endpoints-power-offensive-ops
    • A CISA advisory on Daktronics controllers behind scoreboards, digital billboards and highway signs: unauthenticated path traversal, arbitrary file upload and default admin credentials chaining to root-level control, found and responsibly disclosed by a Princeton undergrad.
    https://www.securityweek.com/new-controller-flaws-expose-highway-signs-and-billboards-to-remote-hacking/
    • Cato's "DuneSlide" (CVE-2026-50548 / CVE-2026-50549) — two critical Cursor flaws where a single prompt injection escapes the terminal sandbox and executes arbitrary commands on a developer's machine; patched in Cursor 3.0.
    https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html
    • Anthropic restoring worldwide Claude Fable 5 access after the US Commerce Department lifted emergency export controls triggered by a jailbreak — plus what it means for AI governance, open-source model catch-up and the data center debate.
    https://thehackernews.com/2026/07/anthropic-restores-claude-fable-5-after.html
    Chapters:
    0:00 Intro & catching up
    1:17 Attackers hijacking exposed AI backends (Ollama & LiteLLM)
    9:18 CISA advisory: billboard & highway sign controllers
    13:46 Cursor "DuneSlide" prompt-injection sandbox escape
    20:34 Claude Fable 5 export controls lifted
    28:17 Data centers, nuclear déjà vu & the AI race
    33:39 Wrap-up
    The Cybersecurity Defenders Podcast — a podcast about cybersecurity and the people that keep the internet safe. New episodes drop weekly.
    Learn more about LimaCharlie: https://limacharlie.io
    #cybersecurity #infosec #threatintel #AIsecurity #promptinjection
  • The Cybersecurity Defenders Podcast

    Intel Chat: Cisco CUCM exploited, ransomware profiles, Gamaredon & AI agent phishing [335]

    2026-07-01 | 30 mins.
    Intel Chat with Matt Bromiley and Chris Luft.
    Matt and Chris break down four stories from the week in threat intel:
    • Cisco CUCM (CVE-2026-20230) — a web-dialer SSRF that chains to root-level RCE, exploited in the wild less than 24 hours after the PoC and full exploit chain were published.
    • The latest Ransomware Tool Matrix (RTM) / Ransomware Vulnerability Matrix (RVM) update, profiling three active groups — The Gentlemen, DragonForce and Warlock — and the BYOVD and legit-admin-tool tradecraft they increasingly share.
    • Gamaredon's upgraded toolkit against Ukraine (per ESET): new PowerShell downloaders like PteroPaste, Cloudflare tunneling and Workers for C2, and exfiltration to trusted cloud storage such as Amazon S3 and Dropbox.
    • Varonis Threat Labs phishing an AI email agent ("Pinchy") — why agents spot technical phishing better than humans yet hand over credentials to a convincing social request, and why you should treat them as privileged junior employees.
    Chapters:
    0:00 Intro & catching up
    2:25 Cisco CUCM exploited within 24h of the PoC
    9:57 Ransomware Tool Matrix: The Gentlemen, DragonForce & Warlock
    15:44 Gamaredon's upgraded TTPs against Ukraine
    22:18 Can AI email agents be phished?
    28:08 Wrap-up: Black Hat plans & the LimaCharlie suite
    The Cybersecurity Defenders Podcast — a podcast about cybersecurity and the people that keep the internet safe. New episodes drop weekly.
    Subscribe wherever you listen:
    • Spotify: https://open.spotify.com/show/6ep00zeY3S8ffZ4o0UeSps
    • Apple Podcasts: https://podcasts.apple.com/us/podcast/the-cybersecurity-defenders-podcast/id1649981740
    • YouTube: https://www.youtube.com/@limacharlieio
    Learn more about LimaCharlie: https://limacharlie.io
    #cybersecurity #infosec #threatintel #ransomware #DFIR
  • The Cybersecurity Defenders Podcast

    The evolving fraud landscape in the age of AI with Tamas Kadar [#334]

    2026-06-30 | 42 mins.
    Today we're speaking with Tamas Kadar, CEO / Co-Founder of SEON, about building a safer digital world for businesses. We touch on fraud, how it's evolved in the age of AI, and what we can do to protect ourselves against it.
    Tamas' entrepreneurial path began at Corvinus University in Budapest, where the vision for SEON first took shape. Co-founding a cryptocurrency exchange opened his eyes to the scale and complexity of online fraud, sparking the idea for something better. In 2017, that “something better” became SEON. Learn more at https://seon.io/
    Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
    This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io
  • The Cybersecurity Defenders Podcast

    Anthropic restriction, ServiceNow incident, Fortinet credential harvesting & Ukraine accesses EU cyber reserve / Intel Chat [#333]

    2026-06-28 | 34 mins.
    In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
    Reports state that the US government issued an export control order restricting access to anthropic newly released cloud mythos five and fable five models for foreign nationals.
    ServiceNow disclosed a security incident involving an unauthenticated access for an API endpoint that allowed users to query data from customer instances without proper authentication.
    A large scale credential harvesting campaign dubbed for to bleed is actively targeting Fortinet firewalls and VPN gateways, and has already compromised more than 30,000 internet facing devices across 194 countries.
    Ukraine has been granted access to the European Union's cyber security reserve, giving the country the ability to request assistance from EU approved cyber security experts during major cyber attacks that exceed its own response capabilities.
    Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
    This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
  • The Cybersecurity Defenders Podcast

    Last call for Defenders - How we're actually using AI in the SOC with Eric Capuano / Defender Fridays [#332]

    2026-06-20 | 37 mins.
    Join us for the final episode of Defender Fridays as Eric Capuano, creator of Defender Fridays and co-founder of Digital Defense Institute, closes out the series with a candid conversation on how he's actually building and running agentic workflows in the SOC today.
    At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
    What We'll Discuss
    In this episode, Eric Capuano draws on years of SOC operations, detection engineering, and hands-on agentic workflow development to share what's actually working, what isn't, and where the industry needs to be more honest with itself.
    Key Topics:
    Why agentic workflows are the next evolution of SOAR, and what it takes to build them reliably
    How deterministic checkpoints at every stage are essential to making LLM-driven workflows trustworthy
    How one team increased their detection engineering output by 900x using agentic workflows running day and night
    Why false positive tuning and detection engineering are the right place to start before tackling complex investigative workflows
    How to think about model selection in agentic pipelines: cost, task complexity, and stakes
    Why organizations with poor data hygiene will struggle to get value from AI regardless of how sophisticated the tooling is
    The risks of prompt injection when feeding untrusted inputs into LLMs, and why trusted inputs should always come first
    Why the goal is to use LLMs for as little as possible, and push everything else into deterministic steps
    About Our Guest
    Eric Capuano is the creator of Defender Fridays and co-founder of Digital Defense Institute. He has spent years doing SOC operations, detection engineering, threat hunting, and DFIR, and currently consults on building and deploying agentic SecOps workflows for security teams. He is also the author of the "So You Want to Be a SOC Analyst" training, which has put over 500 students through hands-on SOC workflows using LimaCharlie's free tier.
    Watch Us Live
    Defender Fridays ran every Friday at 10:30am PT for over 100 sessions. Subscribe to our YouTube channel to catch up on past episodes.
    Sponsored by LimaCharlie
    This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.
    Why LimaCharlie?
    Eliminate vendor sprawl and tool complexity
    Deploy and scale effortlessly on native multi-tenant architecture
    Reduce costs with intelligent data routing and free 1-year retention
    Build custom solutions with 100+ security capabilities on-demand
    Accelerate response with agentic AI that acts directly within predefined workflows
    Try the Agentic SecOps Workspace free: https://limacharlie.io
    Learn more: https://docs.limacharlie.io
    Follow LimaCharlie
    Sign up for free: https://limacharlie.io
    LinkedIn: / limacharlieio
    X: https://x.com/limacharlieio
    Community Discourse: https://community.limacharlie.com/
    Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
    Guest: Eric Capuano - Co-founder of Digital Defense Institute
More Business podcasts
About The Cybersecurity Defenders Podcast
An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.
Podcast website

Listen to The Cybersecurity Defenders Podcast, The Prof G Pod with Scott Galloway and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features