Description In this informal mini-episode, Josh Stepp delves into two AI-related topics. First, he explores the "Vending Bench" research paper, which tests the long-term coherence of LLM-based agents running a vending machine business, revealing high variance in performance, with top models like Claude 3.5 Sonnet and OpenAI's O3 Mini outperforming humans but occasionally spiraling into chaotic behaviors like spamming the FBI over minor issues. Then, Josh reacts to a Pentest Partners blog post ab...
Jul 17, 2025•30 min
In this episode of the Intrusions InDepth Podcast, host Josh Stepp dives into the 2024 Polyfill.io incident, a wake-up call for the web development community that exposed the vulnerabilities of the internet’s sprawling infrastructure. What began as a trusted open-source service, used by over 100,000 websites to ensure cross-browser compatibility, turned into a vehicle for widespread malware distribution after its domain and GitHub repository were sold to a Chinese company, Funnull. Josh explores...
May 27, 2025•38 min
Step back into the late 1980s and early 1990s in Sofia, Bulgaria, a nation transitioning from communism and becoming an unexpected epicenter for early computer virus creation. This episode delves into the story of Vesselin Bontchev, a young researcher studying the nascent threat of computer viruses, and the emergence of the notorious virus writer known only as "Dark Avenger". Explore the destructive nature of early viruses like "Eddie" and the escalating rivalry between Bontchev, who sought to c...
May 05, 2025•53 min
Episode Description : Dive into the complex world of cybersecurity and geopolitics with this addendum episode of Intrusions in Depth, hosted by Josh Stapp. Expanding on the Salt Typhoon episode, this podcast explores China's strategic cyber operations, global ambitions, and the evolving nature of modern warfare. From hacking tactics to pursuing economic and military dominance. Learn how groups like Salt Typhoon fit into China's broader geopolitical goals. Main Topics Discussed: * China’s Strateg...
Apr 11, 2025•1 hr 44 min
Episode Description : This episode of The IntrusionsinDepth Podcast released on March 15, 2025, explores the Chinese hacking group Salt Typhoon, a sophisticated cyber-espionage outfit linked to the Ministry of State Security that infiltrated nine U.S. telecom companies and the Treasury by exploiting vulnerabilities in Cisco and BeyondTrust systems. The host traces the group’s evolution from its broad 2019 attacks on Southeast Asia to its refined 2023-2025 campaigns, wielding custom malware like ...
Mar 15, 2025•1 hr 44 min
Episode Description : Welcome to the first Ask Me Anything (AMA) episode of The Intrusions in Depth Podcast ! Host Josh Stepp takes a break from scripting his next deep-dive episode to answer listener questions in an unscripted, off-the-cuff format. To kick off this new series, Josh tackles a listener's question about the TikTok ban, its national security implications, and President Trump’s decision to delay enforcement for 75 days. What starts as a straightforward discussion spirals into a mult...
Feb 24, 2025•46 min
Episode Description : Intrusions and Depth welcomes its first-ever guest, John Prieto, a cybersecurity professional with experience at CrowdStrike, Mandiant, USAA, and the U.S. Air Force. Together, they dissect the chaotic rise and fall of the Lapsus$ hacking group—a crew of teenagers who turned the cybersecurity world upside down with brazen attacks on tech giants like Microsoft, Nvidia, and Rockstar Games. Josh and John explore how Lapsus$ used social engineering, MFA fatigue, and even taunted...
Feb 07, 2025•49 min
PsyOps, short for psychological operations, involves the use of tactics to influence emotions, perceptions, and behavior. This series explores the diverse applications of psychological influence, from media strategies to social interactions. There’s no specific order or structured episodes—each piece stands on its own, offering unique insights into the power of persuasion. To explore the entire series, click here Episode Description : In this episode of Intrusions InDepth, Josh Stepp explores th...
Jan 19, 2025•29 min
Episode Description : In this episode of Intrusions and Depth , Josh Stepp unpacks the audacious rise and chaotic downfall of the Lapsus$ hacking collective. Known for targeting some of the biggest names in technology, including Microsoft, Nvidia, and Rockstar Games, this group rewrote the playbook on cybercrime with tactics as unconventional as their teenage leadership. From SIM-swapping and MFA fatigue attacks to social engineering and public Telegram boasts, Josh examines how Lapsus$ exposed ...
Dec 23, 2024•1 hr 34 min•Ep. 5
Episode Description : This episode breaks down insights from the 2024 Global Threat Report by Elastic and the 2024 Digital Defense Report from Microsoft. It explores the blurring lines between state-sponsored hackers and cybercriminals, the rising role of generative AI in cyber-attacks and propaganda, and the use of commodity malware by sophisticated threat actors. Josh shares both the report highlights and his reflections on how these trends reshape the cybersecurity landscape, especially in li...
Nov 19, 2024•50 min
Episode Description : In this episode of IntrusionsInDepth , host Josh Stepp uncovers the story of how a Ukrainian-developed artillery targeting app, designed to assist soldiers on the battlefield, was compromised by the Russian cyber espionage group Fancy Bear. The episode explores the technical breakdown of the malware used, its devastating impact on Ukrainian forces, and the broader implications of integrating technology into warfare. Josh takes listeners through the timeline of events from 2...
Nov 04, 2024•49 min
In this episode of Intrusions In-Depth , host Josh Stepp dives into the infamous 2014 Sony hack, where North Korea allegedly targeted Sony Pictures over the controversial film The Interview . The episode explores the timeline of the hack, technical analysis of the malware used, and the political implications, including the response from President Obama. Josh also examines various conspiracy theories surrounding the hack, including speculation about Russian involvement and insider threats. Main T...
Oct 09, 2024•1 hr 35 min
In this episode of Intrusions InDepth , Josh Stepp delves into the complexities of information warfare and its intersection with cyber warfare. Drawing on historical examples and modern tactics, Josh explores how disinformation, psychological operations, and propaganda shape modern conflicts. Key Topics Discussed: * Defining Information Warfare * What is information warfare? Josh explains the definition, focusing on data collection, propaganda, and psychological warfare as non-physical tactics. ...
Sep 29, 2024•41 min
In this final episode of " The Curious Case of PhineasFisher, " host Josh Stepp dives deep into the legacy of one of the most infamous hacktivists of our time. From exposing the dark side of commercial spyware to inspiring a new generation of cyber-revolutionaries, PhineasFisher’s impact on the world of hacktivism is undeniable. The episode explores key moments in PhineasFisher's career, their influence on modern hacktivist movements, and a technical breakdown of recent attacks inspired by their...
Aug 26, 2024•38 min
In this episode of Intrusions in Depth, host Josh Stepp explores the intriguing theory that Phineas Fisher may be linked to Russian intelligence. Inspired by a listener's email and drawing on various data points and historical incidents, Josh delves into the possibility of Phineas Fisher being a Russian asset, comparing their tactics to those of known cybercriminals and government operatives. Main Topics: 1. History of Cyber Operations and Notable Cases * Examination of various APT (Advanced Per...
Aug 15, 2024•45 min
In this episode of the Intrusions in Depth Podcast, host Josh Stepp delves into the multifaceted story of Phineas Fisher, exploring three significant cyber-attacks: the AKP email release in Turkey, the ethical bank heist at the Cayman National Bank, and the hack of the Catalan police union. Phineas Fisher's actions highlight the intersection of political activism and cyber warfare against global turmoil in 2016, including the Turkish coup attempt and escalating tensions with Russia. Through thes...
Jul 18, 2024•52 min
Topics: 1. Introduction to PhineasFisher and Hacking Team * A brief recap of part one and its focus on Gamma Group. * Overview of PhineasFisher’s most notorious hack on Hacking Team in 2015. * The hack exposed over 400GB of internal data, shedding light on the company’s shady dealings. 2. The Hacking Team Leak * A detailed description of Hacking Team’s activities and their flagship product, Remote Control System (RCS). * Impact of the leaked data, including emails, client lists, and source code....
Jul 05, 2024•1 hr 17 min
The Intrusions in Depth Podcast is a detailed exploration of major cyber attacks, the threat actors that conduct them, and their broader implications. The podcast, hosted by Josh Stepp, delves into the technical aspects, historical context, and global impact of significant cybersecurity events. In this episode: Josh Stepp takes you into the shadowy world of hacktivism and surveillance tools, focusing on the notorious hacktivist, Phineas Fisher, and their audacious cyber-attack on Gamma Group in ...
Jun 12, 2024•47 min
The Intrusions in Depth Podcast is a detailed exploration of major cyber attacks, the threat actors who carry them out, and their broader implications. Hosted by Josh Stepp . In this episode: Topics: * Evolution of Cyber Warfare : Discusses the shift from traditional forms of cyberattacks, like DDoS, to more severe threats targeting critical infrastructure and sensitive personal data. * Government Reliance on Microsoft: Critiques the U.S. government's heavy dependency on Microsoft, highlighting ...
May 25, 2024•18 min
The Intrusions in Depth Podcast is a detailed exploration of major cyber attacks and their broader implications. Hosted by Josh Stepp , the podcast delves into the technical aspects, historical context, and global impact of significant cybersecurity events. In the premiere episode: notPetya , the show examines the 2017 NotPetya malware attack, which caused an estimated $10 billion in damages worldwide. Through a mix of technical analysis, historical background, and commentary, the episode provid...
May 14, 2024•50 min
