In this episode of Breaking Badness, we dive into the critical challenges and innovations in healthcare cybersecurity with Ken Zalevsky, CEO of Vigilant Ops. From the vulnerabilities in medical devices to the revolutionary role of Software Bill of Materials (SBOMs), Ken shares his two decades of expertise in safeguarding patient safety and hospital systems against emerging threats. Tune in to learn about shifting cybersecurity left, the complexities of interconnected healthcare systems, and acti...
Nov 27, 2024•31 min
In this episode of Breaking Badness, we explore two fascinating cybersecurity stories. First, we delve into the unusual case of an ex-Disney employee who hacked menu systems, creating chaos in the happiest place on Earth. Next, we discuss Sophos' five-year-long battle with a determined group of attackers targeting their firewalls. Tune in as we break down the insider threat at Disney, the lessons learned from Sophos' transparency, and what it all means for the future of cybersecurity. Plus, don'...
Nov 20, 2024•39 min
In this episode of the Breaking Badness Cybersecurity Podcast, Jason Haddix dives into his unique journey from red teaming and pentesting to leading security teams as a CISO in high-profile organizations, including a top gaming company. Jason unpacks the distinct challenges of securing a gaming company, where risks come not only from state actors but also from clout-seeking young hackers. He shares valuable insights on building scalable security programs, secrets management, and the importance o...
Nov 13, 2024•44 min
In this week’s episode of Breaking Badness, we dive deep into two major cybersecurity stories that are shaping today’s landscape. First, we explore the alarming capabilities of Locate X, a powerful smartphone tracking tool used by U.S. law enforcement without a warrant. How does it work, what are the privacy implications, and what can individuals do to protect their data? We then shift gears to APT29’s latest campaign as discovered by Amazon, uncovering how this well-known threat actor employed ...
Nov 06, 2024•33 min
Join Kali Fencl as she dives deep into a conversation with cybersecurity veteran The Gibson. With 25+ years in InfoSec, The Gibson shares his journey from coding as a child to shaping threat intelligence and privacy-first technology today. In this episode, they discuss hacker ethics, the influential hacker groups Loft and Cult of the Dead Cow, the evolution of hacktivism, and the groundbreaking work on privacy-focused projects like Veilid. Tune in for insights on hacking culture, cybersecurity e...
Oct 29, 2024•42 min
In this episode of Breaking Badness, Kali, Tim, and Taylor discuss two major stories shaking up the cybersecurity world. First, a researcher has discovered how attackers are exploiting Whois data to grant themselves unprecedented superpowers in the digital space. Second, the Internet Archive suffers a breach possibly exposing 31 million accounts, raising questions about the security of trusted online platforms. Join the team as they break down these complex stories, share lessons learned, and ex...
Oct 23, 2024•45 min
In this episode of Breaking Badness, we dive deep into the evolving world of Endpoint Detection and Response (EDR) and its critical role in modern cybersecurity. With threats advancing and the sheer volume of endpoint data skyrocketing, AI and deep learning are becoming game changers in threat detection and prevention. Join us as Carl Froggett, CIO at Deep Instinct, and Melissa Bischoping, Senior Director of Security at Tanium, discuss the past, present, and future of EDR, the impact of AI on cy...
Oct 16, 2024•37 min
In this episode of Breaking Badness, we dive deep into the critical world of API security and governance, uncovering key strategies to keep data safe in today’s threat landscape. Special guests Matthias Friedlingsdorf (iVerify), Tristan Kalos (ESCAPE), and Aqsa Taylor (Gutsy) join the conversation to share their experiences with detecting advanced threats like Pegasus, the importance of API governance, and the powerful role bug bounty programs play in identifying critical vulnerabilities. Whethe...
Oct 09, 2024•39 min
In this episode of Breaking Badness, we dive into the rapidly evolving world of cybersecurity with three industry leaders: Raymond Dijkxhoorn, CEO of SURBL; Nabil Hannan, Field CISO at NetSPI; and Jason Mar-Tang, Field CISO at Pentera. They explore the critical role of domain reputation in combating phishing and spam, how AI is reshaping both offensive and defensive cybersecurity strategies, and the growing threat of ransomware in today’s digital landscape. With insights from BlackHat and beyond...
Oct 02, 2024•30 min
In this special Black Hat edition of Breaking Badness, Part 2 of a 5 Part Series, we dive deep into the world of vulnerability management, cyber resilience, and supply chain security. Our expert guests—Jacob Graves, Director of Solution Architecture at Gutsy, Theresa Lanowitz, Chief Evangelist at Level Blue, Pukar Hamal, CEO at SecurityPal, and Vinay Anand, Chief Product Officer at NetSPI discuss the increasing complexity of managing vulnerabilities, the critical importance of reducing mean time...
Sep 25, 2024•26 min
In this special Black Hat edition of the Breaking Badness Cybersecurity Podcast, Part 1 of a 5 Part Series, we dive deep into how artificial intelligence is transforming the cybersecurity landscape. Our guests—Mark Wojtasiak (VP of Product at Vectra AI), Carl Froggett (CIO at Deep Instinct), Dan Fernandez (Staff Product Manager at Chainguard), and Marcus Ludwig (CEO of Ticura)—join us to explore the evolution of Endpoint Detection and Response (EDR), the growing threats posed by generative AI, a...
Sep 18, 2024•22 min
In this special research edition of Breaking Badness, hosts Kali Fencl, Tim Helming, Sean McNee, and guest Sasha Angus from Sylla Intel dive deep into the world of cybercriminal campaigns targeting retailers. They explore how bad actors exploit the growing threat landscape, discussing specific fraud tactics, infrastructure reuse, and ways organizations can defend themselves. From pandemic-driven scams to sophisticated brand impersonation schemes, this episode offers valuable insights for both re...
Sep 11, 2024•31 min
Kali Fencl and Daniel Schwalbe sat down with Lesley Carhart, a seasoned incident responder specializing in Operational Technology (OT) cybersecurity at Dragos, in person at BlackHat USA 2024. Lesley shares their journey, from their unique background in avionics and electronics to becoming a leading expert in the field. We explore the evolving landscape of OT cybersecurity, the challenges of protecting legacy systems, and the critical importance of building strong relationships between cybersecur...
Sep 04, 2024•25 min
Kali Fencl, Daniel Schwalbe, and Tim Helming discuss Brian Krebs’ article on namespace collisions and the risks associated with new generic TLDs (gTLDs) along with facial recognition and privacy concerns at major sporting events
Aug 28, 2024•1 hr 4 min
Kali Fencl, Daniel Schwalbe, and Malachi Walker discuss all things Hacker Summer Camp. What sessions were their favorites? How did they beat the heat? Listen to the episode and find out!
Aug 21, 2024•53 min
This week we compromised domains targeting DeFi protocols along with the JFrog research team's findings regarding a leaked access token with admin access to Python repositories
Jul 17, 2024•52 min
We're thrilled Tanya Janca (aka SheHacksPurple) joined us this week on the podcast! She and Kali Fencl discuss secure guardrails, Semgrep Academy, the process of writing two books, gardening, and so much more.
Jul 10, 2024•1 hr 3 min
In this episode of the Breaking Badness Cybersecurity Podcast, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vulnerabilities impacting your phone's 5G connection along with the new owner of the popular Polyfill JS project injecting malware into more than 100,000 sites.
Jul 03, 2024•47 min
Jake Bernardes, Field CISO of Anecdotes, joins the Breaking Badness Cybersecurity Podcast in this week’s episode! We’re sharing Jake’s background and path within infosec along with what’s intriguing him about the industry currently, how conferences and in-person events can still play a role in community involvement, and we’ll touch briefly on American history.
Jun 26, 2024•38 min
This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vishing attacks against CISA along with a threat campaign targeting Snowflake customer database instances.
Jun 19, 2024•55 min
It is the final episode of our mini-series from RSAC 2024! Join Kali as she speaks with Aqsa Taylor, Director of Product Management at Gutsy! They'll discuss Aqsa's path to infosec, the importance of governance strategy and how to achieve a cleaner security posture, women in cybersecurity, and how to break into the field.
Jun 12, 2024•30 min
It's the penultimate episode of our RSAC mini series! We're speaking with Zack Schuler of NINJIO in the first half of the episode and in the second, we speak with Lawrence Gentilello of Optery.
Jun 05, 2024•42 min
We're halfway through our RSAC mini series! We're speaking with Joe Slowik of MITRE in the first half of the episode and in the second, Kali is joined by Daniel Schwalbe to speak with David Goldschlag of Aembit.
May 29, 2024•50 min
In our second iteration of our mini-series, we'll speak with Ben April of Maltego and Allan Liska of Recorded Future. We'll cover topics such as AI, the LockBit ransomware gang, cybersecurity comic books, and more!
May 22, 2024•53 min
In our first episode of our mini-series, we'll speak with Jori VanAntwerp of EmberOT and Steve Stone of Rubrik Zero Labs. We'll cover topics like IT and operational technology and how ransomware is impacting the healthcare space.
May 15, 2024•1 hr 6 min
We're back on the road at RSA 2024 talking with thought leaders in the infosecurity space! Be sure to check in weekly as we share nine interviews with folks from Recorded Future, Gutsy, Maltego, Aembit, MITRE, EmberOT, Optery, Rubrik, and NINJIO.
May 15, 2024•2 min
This week on the Breaking Badness Cybersecurity podcast, Kali Fencl is joined by CEO of DomainTools, Tim Chen, and Executive Chairman of the Silverado Policy Accelerator and co-founder of CrowdStrike, Dmitri Alperovitch to discuss his book, “World on the Brink: How America Can Beat China in the Race for the 21st Century.”
May 01, 2024•49 min
In this edition of Voices from Infosec, we're talking with Founder and CEO of Zatik Security, Kymberlee Price! We'll cover her path to infosec, the origins of her organization and its goals, and her passions outside of the industry.
Apr 24, 2024•1 hr 1 min
This week Kali Fencl, Tim Helming, and Ian Campbell discuss mercenary spyware attacks along with the US, Philippines, and Japan entering into a cyber intel sharing alliance.
Apr 17, 2024•55 min
Kali Fencl, Tim Helming, and Ian Campbell discuss spoofed domains and the American Girl brand along with @Proofpoint’s findings regarding distribution of malware on YouTube.
Apr 10, 2024•57 min
