The Adversarial Podcast

00:34 - Introduction03:33 - Enterprise Challenges07:08 - End User and Browsers21:55 - Vulnerability Metrics40:37 - Approaching Leadership42:09 - TPRM Discussion46:40 - Sharing Findings01:03:04 - ConclusionMozilla: Anthropic’s Mythos found 271 security vulnerabilities in Firefox 150Anthropic’s Mythos found 271 zero-day vulnerabilities in Firefox 150 Mozilla let Anthropic’s Mythos loose on Firefox 150’s codebase, harvesting 271 shippable fixes in one sweep and forcing the security team to reckon with AI-scale fuzzing, triage, and patch velocity. https://arstechnica.com/ai/2026/04/mozilla-anthropics-mythos-found-271-zero-day-vulnerabilities-in-firefox-150/Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Project Glasswing (https://www.anthropic.com/glasswing) Anthropic is letting AWS, Apple, Google, Microsoft, JPMorgan, Cisco, NVIDIA, and friends point Claude Mythos at their shared attack surface while backing it with $100M in credits and $4M for OSS security groups so blue teams can burn down latent vulns before the offense gets equivalent AI. Inside the TeamPCP cascading supply chain attack (https://www.reversinglabs.com/blog/teampcp-supply-chain-attack-spreads) Hijacked Trivy GitHub Actions poisoned Docker images, stole CI secrets, and daisy-chained through Checkmarx workflows, npm packages, and VS Code extensions, seeding thousands of tenants with infostealers and proving CI creds are the new crown jewels. Delve – Fake Compliance as a Service - Part I (https://substack.com/home/post/p-191342187) A report says Delve mass-produced fake SOC 2 artifacts and funneled them through shell auditors, leaving customers—from indie apps to a Nasdaq firm—waving fraudulent attestations that crater their legal compliance.Hosts: Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

The Adversarial Podcast brings you a special episode in collaboration with Cloudflare's Security Signal Podcast.0:39 - 3:33 AI Governance and Autonomy 6:26 - 8:49 Human in the Loop 9:17 - 11:40 Cybersecurity and AI 15:26 - 18:19 Resilience and Anti-Fragility 28:24 - 33:05 Threat Intelligence 33:31 - 36:50 Board and CISO Dynamics 41:09 - 42:35 Future of Cybersecurity 42:35 - 44:14 Books and ResourcesSecurity Signal Podcast: https://podcasts.apple.com/us/podcast/security-signal/id1815513800Cloudflare; http://cloudflare.com/Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Iran-linked hackers claim responsibility for attack on US medical device maker StrykerAttackers tied to Iran say they hit Stryker, and investors punished the stock as the company scrambled to assess exposure.Trump Signs Executive Order Aimed at Cybercrime GangsThe President issued an order to tide together federal tools, international partners, and private-sector incentives for hunting down and disrupting ransomware crews.President Trump’s Cyber Strategy for AmericaThe new national cyber strategy leans hard on resilience, collaboration with allies, and deterring Beijing through offensive-ready posture.The future of third-party risk is NOT better questionnairesThe author argues that automation and better data sharing—not more paperwork—are what finally move the needle on vendor risk management.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Claude Code Security research preview Claude now reasons about code like a human researcher, re-checks its own findings for confidence, and surfaces patch suggestions in a dashboard while keeping humans in control—limited preview for Enterprise/Team customers plus expedited access for open-source maintainers. Pentagon gives Anthropic a best-and-final offer With a deadline looming, the Pentagon demanded full lawful-use access, threatening supply-chain risk and even a Defense Production Act push, but Anthropic stood firm on guardrails around mass surveillance and autonomous weapons. State Department and other agencies ditch Anthropic for OpenAI State, Treasury, HHS, and others are dropping Claude after Trump’s directive to cancel Anthropic contracts, swapping in OpenAI’s GPT-4.1 for tools like StateChat as the broader federal boycott takes shape. New AirSnitch attack bypasses Wi-Fi encryption AirSnitch leverages cross-layer identity desync to nullify client isolation on routers from Netgear to Cisco, giving nearby attackers full MitM access to intercept and tamper with otherwise encrypted traffic. Your password manager’s “zero knowledge” promise is broken ETH Zürich’s USENIX paper proves that malicious servers controlling Bitwarden/Dashlane/LastPass infrastructure can hijack everyday vault interactions and read users’ encrypted data despite the “zero knowledge” pitch. Researchers find critical vulnerabilities in cloud-based password managers The ETH team demonstrated a dozen attacks on Bitwarden, seven on LastPass, six on Dashlane, and even a 1Password flaw, showing compromised servers—without exotic hardware—can view or rewrite entire vaults. Hosts: Jerry Perullo (Founder, https://adversarial.com/) Sounil Yu (Founder, https://www.knostic.ai/) Mario Duarte (Founder, stealth startup) Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use Google’s threat team distills red-team learnings from sophisticated experimentation as it hardens defenses and anticipates adversarial AI backdoors.New Trump Cyber Strategy Prompts Companies to Mull Legal Limits The administration’s aggressive cyber doctrine is forcing firms to reconsider how far they can legally follow the offensive playbook.The Trump Administration’s Cyber Strategy Fundamentally Misunderstands China’s Threat | Council on Foreign Relations CFR analysis warns that the new strategy oversimplifies China’s capabilities and risks misaligning priorities.CISA will shutter some missions to prioritize others. CISA’s Cybersecurity Division is reorganizing to better match a layered threat-response posture.Google TIG disrupts “world’s largest residential proxy network” The threat-intel team dismantled a sprawling residential proxy operation that was selling access to anonymized traffic, curbing a major enabler of fraud and abuse.Hosts: Jerry Perullo (Founder, https://adversarial.com/) Sounil Yu (Founder, https://www.knostic.ai/) Mario Duarte (Founder, stealth startup) Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

The end of the curl bug bounty program. Curl’s creator Daniel Stenberg announced the shutdown of the project’s bug-bounty program because overwhelming volumes of low-quality and AI-generated reports, coupled with bad-faith security submissions, impose excessive mental and time costs while providing little real improvement to the software.Changing Federal Reserve Regulations. The memo directs Federal Reserve supervisory staff to shift toward a more risk-focused, judgment-driven, and proportionate supervisory model that prioritizes material financial risks, relies more on other regulators’ and firms’ internal audit work, reduces procedural and duplicative oversight, and sharpens the clarity and impact of supervisory findings and enforcement.Reddit: "What is the most expensive security control you added that gave zero security." An online discussion thread about security controls.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro 01:40 Iran's Internet blackout 48:06 U.S. Weighs Expanding Private Companies’ Role in Cyberwarfare 57:35 Aligning cybersecurity programs to frameworksThere's an internet blackout in Iran. How are videos and images getting out? During Iran’s nationwide internet blackout imposed amid widespread anti-government protests, some citizens have been using Elon Musk’s Starlink satellite service to bypass state-controlled communication blackouts and share information with the outside world despite government efforts to restrict or jam such access.Lawmakers to Restart Efforts to Revive Lapsed Cyber Intel Bill. U.S. lawmakers are preparing to revive and reauthorize the lapsed Cybersecurity Information Sharing Act, a key bill that facilitates sharing of cyber threat intelligence between the federal government and the private sector, with bipartisan momentum to include it in broader funding legislation as concerns grow about rising cyber threats and gaps left by the law’s expiration.U.S. Weighs Expanding Private Companies’ Role in Cyberwarfare. The U.S. administration is considering a significant shift in cyber strategy that would allow private companies, beyond their current contractor roles, to directly participate in offensive cyber operations against foreign adversaries—a move that would require new legal authorities and raises legal, ethical and oversight concerns.Should Our Security Controls Be More Like North Korea or Norway? Security programs work better when they resemble Norway’s balanced, trust-based model rather than North Korea’s heavy-handed, surveillance-first approach.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Cloudy Outlook for Cyber Jobs as AI Fills Security Gaps. Cybersecurity hiring growth slowed to 7% in 2025 amid flat budgets and economic uncertainty, with firms shifting spend toward AI automation over expanding teams.Coupang, Inc. (CPNG) Class Period Expanded in Pending Investor Securities Lawsuit - Hagens Berman. Hagens Berman expanded a securities class action against Coupang over alleged cybersecurity misstatements after massive data breach disclosures and losses.Jaguar Land Rover wholesale volumes down 43% after cyberattack. Jaguar Land Rover’s September 2025 cyberattack cut Q3 wholesale volumes 43%, disrupted production, cost £196 million, and triggered UK government intervention.Security Chiefs Plan New Uses for AI in 2026. Security leaders say AI sharply improved their defenses in 2025 and they plan to expand its use in 2026 for tasks like spotting vulnerabilities and automating identity checks.Acting CISA director failed a polygraph. Career staff are now under investigation. CISA’s acting director failed a polygraph, triggering a DHS investigation and suspension of multiple career staff accused of misleading leadership.Possible instances of SOC 2 Fraud. A whistleblower exposed an alleged SOC 2 fraud scheme where automation platforms and audit firms rubber-stamped fake compliance reports at scale.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Nation Cyber Strategy Forthcoming The Trump administration is preparing a new national cyber strategy that increasingly relies on private companies to conduct offensive cyber operations on behalf of the U.S. government. Kirsten Davies Confirmed as Pentagon CIO The U.S. Senate confirmed Kirsten Davies as the Department of Defense’s Chief Information Officer, placing her in charge of modernizing and securing the Pentagon’s vast IT infrastructure. North Korean IT Worker Caught Inside Amazon A North Korean operative was discovered working remotely in Amazon’s IT department after analysts flagged suspicious keystroke latency suggesting the employee was operating from overseas. Australia Bans Social Media for Children Under 16 Australia passed a landmark law banning children under 16 from social media platforms, reigniting global debate over age verification, surveillance, and online privacy. Venezuela Blames Cyberattack on the U.S. After Tanker Seizure Venezuela’s state oil company accused the United States of launching a cyberattack following tanker seizures, with disruptions severe enough that the company’s main website remains offline. Microsoft Overhauls Bug Bounty Program Microsoft revamped its bug bounty program to make all vulnerabilities “in scope by default,” addressing long-standing complaints from security researchers about unclear reward boundaries. Kevin Mandia Launches Armadin Former Mandiant CEO Kevin Mandia unveiled Armadin, a startup offering AI-powered red-teaming services designed to stress-test AI systems against emerging threats. Microsoft Finally Kills a Long-Broken Cipher. Microsoft announced it will disable an obsolete cryptographic cipher that has been exploited for decades, closing a long-standing security hole across Windows systems. Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro02:33 Shai Hulud 2.017:12 Max severity React vulnerability29:23 CrowdStrike catches insider feeding information to hackers46:24 Anthropic disruptes AI-orchestrated cyber campaign52:35 Uncertain economy takes effect on cyber teamsShai-Hulud 2.0 Aftermath: Trends, Victimology and ImpactResearchers report that Shai-Hulud 2.0 is an ongoing npm supply-chain worm that has compromised hundreds of packages and tens of thousands of GitHub repositories and siphoned secrets through CI/CD pipelines.Critical React Server Components Vulnerability CVE-2025-55182React vulnerability React Server Components (RSC) — tracked as CVE-2025-55182 — is a critical (CVSS 10.0) flaw that allows unauthenticated attackers to execute arbitrary code on servers just by sending a crafted HTTP request to vulnerable packages.CrowdStrike catches insider feeding information to hackersCrowdStrike caught an insider who had secretly shared screenshots of internal systems with hackers linked to Scattered Lapsus$ Hunters — though the company says no breach of its infrastructure occurred and no customer data was compromised.Comcast's 2025 Cybersecurity Threat ReportComcast Business’s 2025 Cybersecurity Threat Report finds that over the 12-month period ending May 31, 2025 the company recorded 34.6 billion cyber events — including 4.7 billion phishing attempts, 9.7 billion “drive-by” compromise attacks, 44,000 DDoS attacks, and 19.5 billion resource-development activities.Disrupting the first reported AI-orchestrated cyber espionage campaignAnthropic reports disrupting what it assesses to be the first large-scale, AI-orchestrated cyber espionage campaign, in which a Chinese state-linked group jailbroke Claude Code to autonomously conduct reconnaissance, exploit vulnerabilities, and exfiltrate data across dozens of global targets with minimal human involvement.Uncertain Economy Takes Toll on Cybersecurity TeamsEconomic uncertainty has hit corporate cyber operations: Artico Search and IANS Research report that cybersecurity budgets rose just 4% in 2025 (a five-year low), hiring growth slowed to 7% (down from 12% in 2024), and many security-teams are grappling with tighter budgets, fewer hires, and slower wage growth.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro01:50 Louvre password08:54 Trump budget cuts20:35 Google AI threat report36:56 Nevada didn’t pay ransom48:25 Moved the needle58:38 L3Harris Trenchant boss stole exploits, sold to Russia62:00 Ransomware remediation firm employees go rogue63:40 Cybersecurity Is A Digital Identity Problem And We Must Deal With ItThe password for the Louvre’s video surveillance system was “Louvre”The Louvre Museum reportedly had a video-surveillance server password of simply “LOUVRE” as early as 2014..Trump budget cuts, agency gutting, leave Americans and economy at greater risk of being hacked, experts warnBudget cuts under Donald Trump’s administration are slashing funding and staff at key federal cybersecurity agencies like CISA, increasing the risk of U.S. vulnerability to cyberattacks.GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools | Google Cloud BlogAdversaries are now deploying AI-enabled malware (such as self-modifying code) and exploiting underground AI tool markets across the full attack lifecycle.Nevada didn’t pay ransom in statewide cyberattack, spent $1.5M on responseThe State of Nevada did not pay the ransom after a statewide cyberattack, opting instead to spend approximately $1.5 million on response efforts.How an ex-L3Harris boss stole and sold cyber exploits to RussiaA former L3Harris division boss admitted to stealing eight zero-day exploits from network and selling them to a Russian cyber-tool broker.Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI saysA Chicago-based ransomware response firm is under indictment after employees allegedly conducted five ransomware attacks of their own.Cybersecurity Is A Digital Identity Problem And We Must Deal With ItCybersecurity failures increasingly stem from weak or mis-managed digital identities, and organizations must shift their focus from endpoints to identity-first strategies.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro 00:50 AWS Outage 20:48 F5 Breach 41:06 Risk Management vs. Security Engineering 58:19 Moving the Needle Part 3F5 Hack Blamed on ChinaChinese state-backed hackers allegedly breached U.S. cybersecurity firm F5, gaining year-long access to its systems and BIG-IP source code, prompting security fears and causing the company to warn of revenue impacts and falling shares.AWS OutageA race condition in Amazon DynamoDB’s DNS management system caused widespread outages across the US-EAST-1 region on October 19–20, 2025, disrupting DynamoDB, EC2, NLB, and multiple dependent AWS services until recovery was completed the next afternoon.The CISO Dilemma: Risk Management vs. Security EngineeringThis post argues that quantitative risk management (QRM) in cybersecurity is a deceptive comfort mechanism that lets executives rationalize insecurity, urging CISOs to reject financialized “risk buy-downs” and instead demand true security engineering and systemic architectural integrity.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Highlight03:44 Oracle E-Business Suite Zero-Day14:49 UK government to be guarantor for Jaguar Land Rover cyberattack25:54 "Moved the needle" Part 248:18 12 Security Problems Practitioners Want Solved1:02:53 National Risk of Losing the CISA 2015 Act?Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion CampaignMandiant and Google Threat Intelligence Group uncovered a large-scale CL0P-linked extortion campaign exploiting a zero-day (CVE-2025-61882) in Oracle E-Business Suite to steal data from organizations before patches were released.https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitationUK government to be guarantor for Jaguar Land Rover loan as it recovers from cyberattackThe UK government is guaranteeing a £1.5 billion loan to Jaguar Land Rover to support its recovery and supply chain after a major cyberattack forced the automaker to halt production earlier this month.https://therecord.media/jaguar-land-rover-loan-guarantor-cyberattack12 Security Problems Practitioners Want SolvedLeen and Lockstep Ventures released a “Requests for Security Startups” report outlining twelve practitioner-driven problem areas—from preventative security and identity sprawl to AI-native assistants and continuous compliance—calling for builders to create practical, AI-powered, and workflow-integrated solutions that solve real security pain points.https://www.leen.dev/beyond-the-noiseWhen Cyber Visibility Fades: The National Risk of Losing the CISA 2015 Act—and How Organizations Can Stay Secure Without ItThe expiration of the Cybersecurity Information Sharing Act of 2015 has reduced national cyber visibility and weakened public–private threat intelligence sharing, prompting experts to warn that organizations must strengthen internal risk management and collaboration to stay secure.https://www.carson-saint.com/when-cyber-visibility-fades-the-national-risk-of-losing-the-cisa-2015-act-and-how-organizations-can-stay-secure-without-itHosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Highlight 00:43 Intro 06:40 "Moved the needle" awards 37:05 Scattered Lapsus$ and Jaguar Hack 44:39 One Token to Rule Them All - Entra pwned 1:02:21 H-1B visa changes and their effect on the cyber industryScattered Lapsus$ and Jaguar HackJaguar Land Rover has extended its production pause until October after a cyberattack crippled its IT systems. The company is struggling to recover operations at Range Rover plants.https://www.wsj.com/business/jaguar-land-rover-extends-production-pause-until-october-following-cyberattack-0e39b7e8One Token to Rule Them AllA deep dive into how attackers can obtain Global Admin across all Entra ID tenants using Actor tokens — the mechanics, prerequisites, and mitigation strategies.https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/What to Know About Changes to the H-1B Visa ProgramThe U.S. is proposing major H-1B visa changes, including a $100,000 annual fee per visa starting in 2026, a move aimed at prioritizing higher-wage hires but likely to hit startups and global tech talent hard.https://www.wsj.com/us-news/h1b-visa-changes-explained-45b818e9?mod=djemCybersecruityProHosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro03:10 NPM supply chain attack leaves attackers empty handed24:44 Why is Atlassian buying a browser company?37:20 Apple's new Memory Integrity Enforcement52:56 Salesloft breach leads to downstream hacksHackers left empty-handed after massive NPM supply-chain attackHackers briefly compromised popular NPM packages like chalk and debug-js, infecting ~10% of cloud environments, but despite the massive supply-chain reach they only netted about $600 in stolen cryptocurrency.https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack/Why is Atlassian Buying a Browser Company?Atlassian is buying The Browser Company (makers of Arc and Dia) for $610M to gain control of the browser channel, secure its AI agent (Rovo) distribution, and enter the emerging “enterprise browser” market, even though success is uncertain against Google and Microsoft.https://nextword.substack.com/p/why-is-atlassian-buying-a-browserMemory Integrity Enforcement: A complete vision for memory safety in Apple devicesApple’s new Memory Integrity Enforcement (MIE) brings always-on hardware-software memory safety to iPhone 17, making advanced spyware exploits far harder.https://security.apple.com/blog/memory-integrity-enforcement/Salesloft breached to steal OAuth tokens for Salesforce data-theft attacksHackers exploited Salesloft’s Drift–Salesforce integration to steal OAuth tokens and exfiltrate sensitive Salesforce data, tracked as UNC6395.https://www.bleepingcomputer.com/news/security/salesloft-breached-to-steal-oauth-tokens-for-salesforce-data-theft-attacks/Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (Founder, https://githoundexplore.com)

00:00 Introduction & BlackHat02:06 Cybersecurity in Schools18:53 Black Hat Conference Highlights34:02 New York sues Zelle44:48 Trends in Cybersecurity Mergers and Acquisitions1:02:44 95% of generative AI pilots at companies are failing1:08:53 Prompt injection with poisoned calendar invitesDARPA announces $4 million winner of AI code review competition at DEF CONDARPA announced Team Atlanta as the winner of its two-year competition among researchers to create the best artificial intelligence systems that can find and fix vulnerabilities.Attorney General James Sues Company Behind Zelle for Enabling Widespread FraudNew York today sued Early Warning Services, a company owned and controlled by a group of the largest banks in the United States that was tasked with developing and operating the electronic payment platform Zelle, for failing to protect its users from massive amounts of fraud.Cyber AcquisitionsPalo Alto / CyberArkCrowdStrike / OnumOkta / AxiomArmis raises millions at $5B valuationMIT report: 95% of generative AI pilots at companies are failingA recent MIT‑commissioned study—highlighted in Fortune on August 18, 2025—reveals that approximately 95% of generative AI pilot programs at companies failed to deliver any measurable return on investment or financial uplift. The core issue appears to be not the AI itself, but poor integration into existing workflows and misaligned use cases, with only about 5% of pilots achieving rapid revenue growth by focusing sharply on specific pain points.Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart HomeSecurity researchers demonstrated that a poisoned Google Calendar invite could indirectly prompt-inject Google’s Gemini, causing it to control smart-home devices.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (https://tillsongalloway.com)

00:00 Introduction & BlackHat 03:14 AI Action Plan Overview 13:30 Chip Security Act 20:48 Government led AI-ISAC? 23:16 UK government considering banning public sector ransomware payments 28:14 Microsoft probing if Chinese hackers learned SharePoint flaws through alert 42:07 Ethics in Vendor Relationships – Gifts for meetingsAmerica's AI Action Plan“America’s AI Action Plan,” released by the Trump administration, outlines a roadmap with over 90 federal actions across three pillars—accelerating AI innovation, building U.S. AI infrastructure, and asserting international AI leadership through exports and technology alliances.The Chip Security Act: A Bipartisan Solution to Chip SmugglingThe Chip Security Act, introduced by U.S. lawmakers, mandates that export‑controlled AI chip makers (like NVIDIA) embed on‑chip location‑verification mechanisms to ensure devices go only where they’re authorized—aiming to deter smuggling (especially to China) without deploying intrusive GPS or kill switches.Why a Government-Led AI-ISAC is a Missed OpportunityErrol Weiss argues that an AI‑ISAC led by the U.S. government, as proposed in the July 2025 White House AI Action Plan, represents a missed opportunity, because government-led initiatives tend to be bureaucratic, slow, less innovative, struggle to win private-sector trust and buy‑in, risk duplicating existing ISAC efforts, and may be perceived as politically biased—undermining effective, rapid, cross-industry intelligence sharingUK plans to ban public sector bodies from paying ransom to cyber criminalsThe UK government is set to ban public sector bodies and operators of critical national infrastructure from paying ransom demands to cyber criminals, as part of a wider package also mandating mandatory reporting for other organisations planning to pay, aimed at dismantling the ransomware business model and protecting essential services from dangerous disruptions.Microsoft probing if Chinese hackers learned SharePoint flaws through alert, Bloomberg News reportsMicrosoft is investigating whether a leak from its Microsoft Active Protections Program (MAPP)—which provides early vulnerability alerts to security partners—may have enabled Chinese-aligned hackers (Linen Typhoon, Violet Typhoon, and Storm-2603) to exploit critical zero‑day flaws in on-premises SharePoint servers before Microsoft fully patched the software, fueling a global espionage and ransomware campaign.Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (https://tillsongalloway.com)

00:00 Intro3:23 Cybersecurity stocks: why now might be the time to buy?8:55 AI in cyber investment and business29:28 Microsoft is moving antivirus providers out of the Windows kernel34:29 New AI Malware PoC Reliably Evades Microsoft Defender37:08 VSCode Fork; Putting Millions at Risk43:39 Extensions turn Trojan and infect 2.3M Chrome and Edge users54:20 US government takes down major North Korean ‘remote IT workers’ operation1:06:06 Phishing Training Doesn't WorkCybersecurity stocks: why now might be the time to buy?https://moneyweek.com/investments/tech-stocks/buy-cybersecurity-stocksAI Is Driving A Shift Towards Outcome-Based PricingCloudflare will now, by default, block AI bots from crawling its clients’ websites Microsoft is moving antivirus providers out of the Windows kernelhttps://www.theverge.com/news/692637/microsoft-windows-kernel-antivirus-changesNew AI Malware PoC Reliably Evades Microsoft Defenderhttps://www.darkreading.com/endpoint-security/ai-malware-poc-evades-microsoft-defenderMarketplace Takeover: How We Could’ve Taken Over Every Developer Using a VSCode Fork; Putting Millions at Riskhttps://blog.koi.security/marketplace-takeover-how-we-couldve-taken-over-every-developer-using-a-vscode-fork-f0f8cf104d44Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge usershttps://cybernews.com/security/chrome-edge-hijacked-by-eighteen-malicious-extensionsUS government takes down major North Korean ‘remote IT workers’ operation https://techcrunch.com/2025/06/30/us-government-takes-down-major-north-korean-remote-it-workers-operation/We've All Been Wrong: Phishing Training Doesn't Workhttps://www.darkreading.com/endpoint-security/phishing-training-doesnt-workHosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway

00:00 Intro03:17 Banks call out US Treasury's cybersecurity failures28:54 SEC scraps proposed cybersecurity rules38:05 What makes AI Security differentBanks Challenge Treasury on Cybersecurity Failures. A coalition of major U.S. banking associations—including the American Bankers Association, Bank Policy Institute, MFA, and SIFMA—has publicly challenged the U.S. Treasury and OCC to adopt private-sector cybersecurity standards, decentralize sensitive data, enforce rapid breach notifications, and streamline data collection following high-profile email breaches at federal regulators. https://www.theglobaltreasurer.com/2025/06/10/banking-groups-demand-regulator-cybersecurity-standards/SEC scraps proposed cybersecurity rules for investment advisers, market participants. The U.S. Securities and Exchange Commission (SEC) has scrapped proposed cybersecurity regulations targeting investment advisers, funds, and market participants. The withdrawal reflects pushback from the financial industry, which cited concerns over compliance burdens and regulatory overlap. Critics argue the move weakens oversight as cyber threats continue to rise across the financial sector. https://www.cybersecuritydive.com/news/sec-withdraw-cyber-rules-investment-advisers-funds/750786/Exclusive: New Microsoft Copilot flaw signals broader risk of AI agents being hacked—‘I would be terrified’. A newly discovered vulnerability in Microsoft’s Copilot platform—dubbed “Echoleak”—allows malicious actors to extract private user data from AI agent interactions. The flaw underscores the broader risks associated with AI-powered assistants, particularly as they become more deeply embedded in enterprise workflows. Experts warn this class of attacks could signal a new era of AI exploitation. https://fortune.com/2025/06/11/microsoft-copilot-vulnerability-ai-agents-echoleak-hacking/Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (https://tillsongalloway.com)

00:00 Intro04:15 Our journeys from CISOs to Entreprenuers23:48 Trump changes Biden's Cyber EOs28:40 States rebuff proposed federal ban on AI laws36:43 Vanta bug exposes customers' data to other customers49:12 SentinelOne outage52:53 Banking groups ask SEC to drop incident disclosure requirements1:00:37 Cybersecurity teams generate average $36M in business growth1:03:50 Cybersecurity Companies Want to Go Public. The Market Isn’t Letting ThemTrump Cybersecurity Fact Sheet President Trump announced a reprioritization of U.S. cybersecurity efforts, shifting away from prior frameworks and emphasizing national defense and economic resilience. https://www.whitehouse.gov/fact-sheets/2025/06/fact-sheet-president-donald-j-trump-reprioritizes-cybersecurity-efforts-to-protect-america/Vanta Bug Exposed Customer Data A software flaw in Vanta's platform briefly exposed sensitive compliance data between customers. https://techcrunch.com/2025/06/02/vanta-bug-exposed-customers-data-to-other-customers/SentinelOne Outage A major backend outage at SentinelOne disrupted security operations for numerous customers. https://apple.news/AuaqeFPP8QUyoOwuAwvRBkAStates Push Back on Federal AI Law Ban U.S. states are resisting a federal proposal to ban state-level AI regulation, citing sovereignty and innovation concerns. https://www.wsj.com/articles/states-rebuff-proposed-federal-ban-on-ai-laws-6dde3ce6?mod=procyber_lead_pos1&tpl=csBanking Groups Oppose SEC Cyber Rule Banking associations urged the SEC to drop mandatory cyber incident disclosure rules, citing risk to financial stability. https://ecency.com/hive-167922/@justmythoughts/banking-groups-ask-sec-toCybersecurity Teams “Drive $36M in Growth” A report claims cybersecurity teams deliver $36M in business value annually—an assertion met with industry skepticism. https://www.infosecurity-magazine.com/news/cybersecurity-teams-business-growth/Cybersecurity IPO Market Frozen Despite strong interest, cybersecurity companies are unable to go public due to investor hesitation and market volatility. https://www.wsj.com/articles/cybersecurity-companies-want-to-go-public-the-market-isnt-letting-them-60bfe663Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (https://tillsongalloway.com)

00:00 Intro02:49 Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals14:29 Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom26:24 Fake OpenAI MCP Integration32:25 Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials36:03 Destructive malware available in NPM repo went unnoticed for 2 years48:10 Sam & Jony introduce io58:23 Discussion: how risky are local admin rights?Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by CybercriminalsIn May 2025, an international coalition led by Microsoft, the U.S. Department of Justice, Europol, and Japan's Cybercrime Control Center dismantled the Lumma Stealer malware operation.https://www.wired.com/story/lumma-stealer-takedown-disrupted/Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransomHackers bribed overseas Coinbase customer support agents to steal sensitive user data, leading to a breach prompting a $20M ransom, which Coinbase refused, instead offering a $20M bounty for information leading to the attackers' arrest.https://www.cnbc.com/2025/05/15/coinbase-says-hackers-bribed-staff-to-steal-customer-data-and-are-demanding-20-million-ransom.htmlFake OpenAI MCP IntegrationA fake OpenAI MCP integration was found by a security researcher, showing the importance of security in emerging technologies.https://www.linkedin.com/feed/update/urn:li:activity:7331118878384615424/Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal CredentialsThree malicious npm packages targeting macOS users of the AI-powered code editor Cursor have infected over 3,200 developers by harvesting credentials.https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.htmlDestructive malware available in NPM repo went unnoticed for 2 yearsA destructive malware campaign infiltrated the npm ecosystem for over two years, with malicious packages disguised as legitimate tools targeting popular JavaScript frameworks.https://arstechnica.com/information-technology/2025/05/destructive-malware-available-in-npm-repo-went-unnoticed-for-2-years/Sam & Jony introduce ioOpenAI has announced the acquisition of Jony Ive's AI hardware startup, io.https://openai.com/sam-and-jony/Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (https://tillsongalloway.com)

00:00 Intro00:44 Sounil's RSA Innovation Sandbox experience5:00 5% staffing cuts at Crowdstrike, AI cited as a factor16:00 Trump picks private sector veteran as Pentagon CIO32:41 Messaging app used by Trump official suspends operations after reported hack49:52 An open letter to third-party suppliers59:32 Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support1:04:42 Discussion: delivering secret keys stored in PDFs for password managersHosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (CISO, https://www.aembit.io/)Stories5% staffing cuts at Crowdstrike, AI cited as a factorCrowdStrike is laying off 5% of its workforce, citing AI-driven changes in industry operations as a driving factor.https://www.cnbc.com/2025/05/07/crowdstrike-announces-5percent-job-cuts-says-ai-reshaping-every-industry.htmlTrump picks private sector veteran as Pentagon CIOFormer President Trump has nominated a private-sector executive to serve as the new Chief Information Officer for the Department of Defense.https://therecord.media/trump-picks-private-sector-veteran-for-dod-cio-positionMessaging app used by Trump official suspends operations after reported hackA secure messaging app used by a Trump official has suspended service following a reported cyberattack.https://www.cnbc.com/2025/05/05/signal-telemessage-hack-trump-waltz.htmlAn open letter to third-party suppliersJPMorgan has issued an open letter urging its third-party suppliers to prioritize stronger cybersecurity and operational resilience.https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliersMicrosoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless SupportMicrosoft is now enabling passkeys by default for new accounts, expanding passwordless access to over 15 billion users.https://thehackernews.com/2025/05/microsoft-sets-passkeys-default-for-new.html

00:00 Intro00:31 RSA conference14:38 Verizon's 2025 DBIR report37:55 Security of "Sign in with Google/Microsoft"1:02:50 China accuses US of launching 'advanced' cyberattacks, names alleged NSA agentsRSA Links:Innovation Sandbox: https://www.rsaconference.com/usa/programs/innovation-sandboxProfessional Association of CISOs: https://theciso.org/Pitch for Charity: https://www.okta.com/newsroom/press-releases/pitch-for-charity/Verizon's 2025 Data Breach Investigations Report This year's Verizon DBIR (Data Breach Investigations Report) has been released, which covers the latest techniques that lead to incidents and breaches.Reference: https://www.verizon.com/business/resources/reports/dbirChina accuses US of launching 'advanced' cyberattacks, names alleged NSA agents"China accused the United States National Security Agency (NSA) on Tuesday of launching 'advanced' cyberattacks during the Asian Winter Games in February, targeting essential industries."Reference: https://www.reuters.com/technology/cybersecurity/chinas-harbin-says-us-launched-advanced-cyber-attacks-winter-games-2025-04-15/

⬇️ See below for timestamps/summaries/references for each topic00:00 Highlight/theme23:05 Intro06:56 White House revokes Chris Krebs and SentinelOne's security clearances16:55 How Jeffrey Goldberg got added to the White House Signal group chat26:48 DOGE staffer provided tech support to cybercrime ring39:29 China Acknowledged Role in U.S. Infra Hacks51:56 Oracle under fire for its handling of security incidents54:51 Hackers Spied on 100 US Bank Regulators’ Emails for Over a YearFact Sheet: President Donald J. Trump Addresses Risks from Chris Krebs and Government CensorshipPresident Trump has revoked the security clearance of Chris Krebs and his associates, citing concerns over Krebs’ alleged misuse of authority at CISA.Reference: https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-president-donald-j-trump-addresses-risks-from-chris-krebs-and-government-censorship/How the Atlantic’s Jeffrey Goldberg got added to the White House Signal group chatAn internal investigation revealed that Mike Waltz accidentally added Atlantic editor Jeffrey Goldberg to a Signal group chat discussing classified military plans due to a months-old contact-saving error.Reference: https://www.theguardian.com/us-news/2025/apr/06/signal-group-chat-leak-how-it-happenedDOGE staffer 'Big Balls' provided tech support to cybercrime ring, records showA member of DOGE previously provided network support to a cybercrime group through his company.Reference: https://www.reuters.com/world/us/doge-staffer-big-balls-provided-tech-support-cybercrime-ring-records-show-2025-03-26/In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks​In a confidential meeting, Chinese officials tacitly acknowledged responsibility for a series of cyberattacks on U.S. critical infrastructure, including ports, water utilities, and airports.Reference: https://www.wsj.com/politics/national-security/in-secret-meeting-china-acknowledged-role-in-u-s-infrastructure-hacks-c5ab37cbOracle Appears to Admit Breach of 2 'Obsolete' Servers​Oracle has acknowledged that a hacker accessed two outdated servers containing encrypted or hashed credentials.Reference: https://www.darkreading.com/cyberattacks-data-breaches/oracle-breach-2-obsolete-serversHackers Spied on 100 US Bank Regulators’ Emails for Over a Year​Hackers infiltrated the email systems of over 100 U.S. bank regulators at the Office of the Comptroller of the Currency, accessing 150,000+ messages from 2023-2025.Reference: https://www.bloomberg.com/news/articles/2025-04-08/hackers-spied-on-100-bank-regulators-emails-for-over-a-year

⬇️ See below for timestamps/summaries/references for each topic00:00 Highlight/theme00:28 Intro02:15 Unicorn startup allegedly cultivated spy to steal trade secrets from competitor18:19 Google Strikes $32 Billion Deal for Cybersecurity Startup Wiz33:35 Trump Administration accidentally sends war plans to reporter via Signal47:20 GitHub action supply chain attack53:55 Oracle under fire for its handling of security incidentsRippling Alleges Deel Cultivated Spy, Orchestrated Trade-Secret Theft Against CompetitorRippling has filed a lawsuit alleging that $12 billion HR-tech company Deel orchestrated a months-long corporate espionage campaign involving a planted spy within Rippling.Reference: https://www.rippling.com/blog/lawsuit-alleges-12-billion-unicorn-deel-cultivated-spy-orchestrated-long-running-trade-secret-theft-corporate-espionage-against-competitorGoogle Strikes $32 Billion Deal for Cybersecurity Startup WizGoogle has agreed to acquire cybersecurity startup Wiz for $32 billion in cash, marking its largest acquisition ever and the biggest tech deal of 2025 so far. Reference: https://www.wsj.com/business/deals/alphabet-back-in-deal-talks-for-cybersecurity-startup-wiz-41cd3090?st=uQ8bmN&reflink=article_copyURL_shareThe Trump Administration Accidentally Texted Me Its War PlansIn the article, journalist Jeffrey Goldberg reveals that he was accidentally included in a Signal group chat by senior members of the Trump administration—specifically Pete Hegseth, the Secretary of Defense—who shared detailed plans for a military strike on Houthi targets in Yemen. Reference: https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/Supply Chain Attack on GitHub ActionWiz discovered a supply chain attack on the GitHub Action reviewdog/action-setup@v1, likely leading to the compromise of tj-actions/changed-files, resulting in widespread CI secret leakage and highlighting the risks of unpinned actions.Reference: https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setupOracle hackedOracle has informed clients of a second recent cybersecurity breach in which a hacker accessed an old system and stole customer log-in credentials, some of which date back to 2024, according to Bloomberg News. Latest: https://www.reuters.com/technology/cybersecurity/oracle-tells-clients-second-recent-hack-log-in-data-stolen-bloomberg-news-2025-04-02/

⬇️ See below for timestamps/summaries/references for each topic00:00 Highlight/theme00:37 Intro01:37 Malvertising campaign leads to info stealers hosted on GitHub11:59 Wall Street is worried it can't keep up with AI-powered cybercriminals24:02 What Really Happened With the DDoS Attacks That Took Down X28:34 Bring-your-own-laptop policies40:41 Are WAFs useful or are they just another TPRM box to check?46:59 Is the CISO job market warming up?Malvertising campaign leads to info stealers hosted on GitHubMicrosoft Threat Intelligence uncovered a large-scale malvertising campaign in December 2024, affecting nearly one million devices globally. The attack originated from illegal streaming sites embedding malvertising redirectors, which funneled users to GitHub-hosted malware, with additional payloads delivered via Discord and Dropbox. This multi-stage attack leveraged info stealers like Lumma and Doenerium, along with remote monitoring tools, using advanced evasion techniques to steal system and browser data while maintaining persistence on compromised devices.📖 References: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/Wall Street is worried it can't keep up with AI-powered cybercriminalsA survey by Accenture found that 80% of bank cybersecurity executives believe generative AI is enabling cybercriminals faster than banks can respond. While banks invest billions in cybersecurity, they struggle to keep pace due to strict regulations and the rapid advancement of AI-powered scams that target customers, employees, and vendors. Cybercriminals exploit generative AI to craft sophisticated attacks, infiltrate supply chains, and identify vulnerabilities, making third-party risk a major concern for financial institutions.📖 References: https://www.businessinsider.com/banks-ai-cybersecurity-threats-hackers-generative-ai-2025-3What Really Happened With the DDoS Attacks That Took Down XX experienced intermittent outages due to a series of DDoS attacks, which Elon Musk attributed to Ukrainian IP addresses, though cybersecurity experts argue that IP attribution alone is unreliable. Analysts suggest the attacks targeted improperly secured X origin servers, allowing a botnet of compromised cameras and DVRs to bypass Cloudflare protection. While a pro-Palestinian group claimed responsibility, experts emphasize that the attack’s true origin remains unclear due to the decentralized nature of botnets and the use of obfuscation techniques.📖 References: https://www.wired.com/story/x-ddos-attack-march-2025/

00:00 Highlight00:28 Intro3:41 What's getting cut at CISA?19:01 USCYBERCOM told to stop planning offensive attacks against Russia27:54 ByBit hacked for $1.5B in cryptocurrency40:01 CISO discussion: How to regain trust after a cyber breach49:17 CISO discussion: Data security for GenAI tools58:43 How to get the most out of RSA Conference💰 Budget cuts hit CISA, and election security programs might be first on the chopping block. The team debates whether these cuts were expected, what they mean for cybersecurity, and whether some programs were outside CISA’s core mission in the first place.Reference: https://www.scworld.com/perspective/a-sober-look-at-the-recent-cuts-at-cisa⚔️ A sudden shift in cyber warfare strategy—USCYBERCOM has reportedly been asked to halt offensive cyber operations against Russia. The guys discuss what this means for national security, cyber deterrence, and whether it signals a political deal in the making.Reference: https://www.nbcnews.com/politics/trump-administration/defense-secretary-pete-hegseth-orders-halt-offensive-cyber-operations-rcna194435💸 A massive crypto heist exposes software supply chain vulnerabilities. North Korean attackers allegedly compromised a JavaScript library to drain $1.5 billion. The team breaks down what happened, what it means for the future of crypto security, and whether cybercriminals will use the same techniques elsewhere.Reference: https://docsend.com/view/s/rmdi832mpt8u93s7🔄 When a company gets hacked, how do CISOs rebuild trust? The conversation explores the difference between trust and transparency, why some companies handle breaches better than others, and what lessons CISOs can learn from past incidents.Reference: https://www.csoonline.com/article/3825447/how-cisos-can-rebuild-trust-after-a-security-incident.html🤖 GenAI tools want access to everything—but should security teams allow it? The team debates whether CISOs should fight the inevitable, or if they should negotiate smarter ways to control AI access while still allowing business teams to benefit.🎟️ RSA Conference survival guide! How do you maximize networking, avoid vendor overload, and make sure the week is productive?

⬇️ See below for timestamps/summaries/references for each topic00:00 Highlight/theme 00:37 Intro 1:21 Hitch Partners survey of CISOs 13:34 Dangling S3 buckets 24:35 Update on Cybersecurity Innovation Executive Order 32:58 Cyber stocks - NET and CRWD at all-time highs 44:07 Okta lays off 180 employees, including security engineers 55:47 Is anyone actually doing TLS inspection? 1:03:21 Is a SOC2 certificate enough to pass TPRM?Hitch Partners survey of CISOsThe 2025 CISO Security Leadership Survey by Hitch Partners highlights key trends in CISO compensation, reporting structures, and industry disparities. Public company CISOs see higher cash compensation and equity growth, with a 6.1% increase year-over-year, while private company CISOs face tighter financial conditions and fewer benefits like D&O insurance. CISOs in larger organizations are less likely to report directly to the CEO, instead aligning with CIOs as company size increases. Compliance, business impact, and ROI are the top budget justification factors, and signing bonuses are more common in public companies. With an average tenure of 39 months, organizations looking to attract top security leaders must focus on competitive compensation, equity incentives, and comprehensive protections.📖 References: https://www.hitchpartners.com/ciso-security-leadership-survey-results-25Dangling S3 bucketswatchTowr Labs detailed how they identified approximately 150 abandoned Amazon S3 buckets previously utilized by various organizations, including governments and cybersecurity firms. Upon registering these buckets, they monitored over 8 million HTTP requests within two months, revealing ongoing attempts to access software updates, binaries, and other critical resources.📖 References: https://labs.watchtowr.com/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur/Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity The outgoing Biden administration issues an executive order aimed at enhancing cybersecurity innovation in the U.S. The order focuses on strengthening national cybersecurity infrastructure, promoting technological advancements, and ensuring robust defenses against cyber threats.📖 References: https://web.archive.org/web/20250119001804/https://www.whitehouse.gov/briefing-room/presidential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/Layoffs at OktaOn February 4, 2025, Okta, a U.S. access and identity management company, laid off 180 employees, marking its second workforce reduction in just over a year. This follows a previous layoff of approximately 400 employees in February 2024. The Enterprise Security team was affected.📖 References: https://techcrunch.com/2025/02/04/okta-lays-off-180-employees-nearly-one-year-after-last-workforce-reduction/

⬇️ See below for timestamps/summaries/references for each topic00:00 Intro01:33 Biden's Executive Order on Cyber Security05:18 Cyber policy wishlist21:30 TikTok and RedNote29:36 Marsh's report on cyber insurance49:21 Do CISOs need to be highly technical?Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity The outgoing Biden administration issues an executive order aimed at enhancing cybersecurity innovation in the U.S. The order focuses on strengthening national cybersecurity infrastructure, promoting technological advancements, and ensuring robust defenses against cyber threats.📖 References: https://web.archive.org/web/20250119001804/https://www.whitehouse.gov/briefing-room/presidential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/TikTok Refugees Flock to China’s RedNote Amid U.S. Ban Concerns Following increased scrutiny and potential bans on TikTok in the U.S., over half a million users migrate to China’s RedNote platform. This shift highlights growing concerns over data privacy, national security, and the geopolitical tensions surrounding Chinese-owned apps.📖 References: https://www.reuters.com/technology/over-half-million-tiktok-refugees-flock-chinas-rednote-2025-01-14/Using Cybersecurity Analytics to Prioritize Cybersecurity Investments This article by Marsh explores how organizations can leverage cybersecurity analytics to make informed decisions about where to allocate resources for maximum impact. By analyzing data on threats, vulnerabilities, and past incidents, businesses can prioritize investments in areas that will most effectively reduce risk and enhance their overall security posture.📖 References: https://www.marsh.com/en/services/cyber-risk/insights/using-cybersecurity-analytics-to-prioritize-cybersecurity-investments.htmlNo, you probably don't need a technical CISO An article argues that organizations may not necessarily require a highly technical Chief Information Security Officer (CISO). Instead, it emphasizes the importance of leadership, strategic thinking, and the ability to manage risk effectively in the role. 📖 References: https://www.linkedin.com/pulse/you-probably-dont-need-technical-ciso-shaun-marion-u0pmc

Join former CISOs Jerry, Mario, and Sounil as they dissect the latest cybersecurity news, discuss evolving threats, and share their seasoned perspectives on infosec. 00:00 Highlight00:32 Intro1:48 China accuses US of stealing trade secrets10:05 Taiwan reports 2.4M Chinese cyberattacks/day18:21 Christmas day Chrome Extension hacks, including Cyberhaven23:28 Krebs: U.S. Army Soldier arrested for Snowflake customer extortions26:40 Wired: Popular apps hijacked to spy on locations through ad tracking33:28 Holiday DoS vulnerabilities in Palo Alto and Windows LDAP34:36 Are DoS vulnerabilities neglected by security programs?40:37 TI news feeds are noisy and vulnerabilities are overhyped49:37 Are Passkeys ready for prime time?54:49 Adversarial Podcast YouTube comments 57:06 YouTube comment cryptowallet scams59:24 What should security teams try to accomplish during offsites?China Accuses US of Cyberattacks: https://www.reuters.com/world/china/chinas-internet-emergency-center-says-it-dealt-with-two-us-cyber-attacks-against-2024-12-18/Taiwan Reports 2.4M Chinese Cyberattacks Daily: https://www.reuters.com/technology/cybersecurity/chinese-cyberattacks-taiwan-government-averaged-24-mln-day-2024-report-says-2025-01-06/Christmas Day Chrome Extension Hacks: https://thehackernews.com/2024/12/16-chrome-extensions-hacked-exposing.html https://adversarialgroup.slack.com/archives/C073BTZ6ZSR/p1735336226170729U.S. Army Soldier Arrested for AT&T and Verizon Extortions: https://krebsonsecurity.com/2024/12/u-s-army-soldier-arrested-in-att-verizon-extortions/Geo-Data Privacy and App Hijacks: https://www.wired.com/story/gravy-location-data-app-leak-rtb/Holiday DoS Vulnerabilities: https://security.paloaltonetworks.com/CVE-2024-3393 https://www.securityweek.com/exploit-code-published-for-potentially-dangerous-windows-ldap-vulnerability/Passkeys: Are They Ready for Prime Time: https://arstechnica.com/security/2024/12/passkey-technology-is-elegant-but-its-most-definitely-not-usable-security/Cryptowallet Scams and YouTube Comments: https://www.kaspersky.com/blog/cryptowallet-free-seed-phrase-scam/52810

In this episode of The Adversarial Podcast, Jerry Perullo, Mario Duarte, and Sounil Yu discuss the latest developments in cybersecurity, geopolitical threats, and emerging trends as 2025 approaches.00:00 Introduction 02:06 Trump 2.0's effect on security 03:25 Future of CISA 09:00 Future of SEC cyber reports 15:57 Possible Trump 2.0 priorities 19:40 Spying on US Telco 20:20 What is SS7? 24:04 SS7 vs. SMS interception 25:40 Privacy impact of SS7 attacks 30:12 National security 31:17 CISA's guidance for telco 36:58 DPRK targets DAO network, $50M heist using macOS malware46:30 DOJ indicts 14 DPRK nationals The Future of SEC/CISA under Trump 2.0. With Trump returning to office, the hosts discuss possible changes to SEC-mandated cybersecurity disclosures and the potential of priorities shifting away from CISA as Jenny Easterly’s resignation looms.References: https://www.cfodive.com/news/sec-cybersecurity-enforcement-outlook-uncertain-as-trump-returns/735728/, https://www.bankinfosecurity.com/cisa-faces-uncertain-future-under-trump-a-26829China, Russia, and Iran spying on US Telco networks. Adversaries are abusing SS7 vulnerabilities and are hacking into Telco networks to spy on U.S. citizens. The hosts unpack CISA's new recommendations for encrypted communications and discuss the history of SS7 vulnerabilities.References: https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/, https://www.reuters.com/technology/cybersecurity/china-affiliated-actors-compromised-networks-multiple-telecom-companies-us-says-2024-11-13/, https://www.cisa.gov/sites/default/files/2024-12/guidance-mobile-communications-best-practices.pdfDPRK Targets macOS hosts in $50M heist from DAO network. The hosts discuss recent DPRK-aligned Mac malware involved in a $50M cryptocurrency heist. The team discusses the sophistication of the attack, parallels to the attacks against US financial services companies, and why the crypto space remains a goldmine for state-sponsored cybercriminals.References: https://medium.com/@RadiantCapital/radiant-capital-incident-update-e56d8c23829eDOJ indicts 14 DPRK nationals for fraudulent worker scheme and extortions. We return to the ongoing surge in DPRK-funded actors illegallying work in IT roles within the US using false identities. The hosts unpack raise questions about insider threats and remote work challenges.References: https://www.justice.gov/opa/pr/fourteen-north-korean-nationals-indicted-carrying-out-multi-year-fraudulent-information?&web_view=true

In this episode of The Adversarial Podcast, Jerry, Mario, and Sounil bring their adversarial insights to a packed discussion of the latest topics in enterprise cybersecurity. - East Coast vs. West Coast CISOs: The trio explores the divide between East Coast and West Coast CISOs. Is the East too focused on risk? Does the West overfit to AppSec and "shift-left" practices? - 2024 CISO Budget Report: Where are CISOs spending their increasing budgets in 2024? The hosts chat about the increasing expenses in identity management and generative AI security. Reference: https://news.crunchbase.com/cybersecurity/ciso-budgets-rising-generative-ai-ellis-yl-ventures/ - AI and Crypto Regulation: A discussion of AI and crypto regulation, emphasizing the need for clarity in regulatory goals while raising questions about their broader implications. Reference: https://www.reuters.com/world/us/trump-appoints-former-paypal-coo-david-sacks-ai-crypto-czar-2024-12-06/ - The GitHub Security Gap: The hosts discuss securing GitHub environments in increasingly BYOD environments. - Pegasus Malware: The group examines modern attack vectors, from sophisticated supply chain threats to Pegasus malware's unexpected victims. Reference: https://www.darkreading.com/endpoint-security/pegasus-spyware-infections-ios-android-devices - Deep Fakes and Vishing: Staying on the topic of mobile attacks, the hosts debate how to best hinder deep fake-powered vishing attacks. Reference: https://www.nasdaq.com/articles/scammers-are-using-low-tech-tactic-access-peoples-bank-accounts - South Korean CEO arrested for adding DDoS feature to satellite receivers: A discussion of a recent story involving supply chain injection of DDoS features in Korea. Reference: https://www.bleepingcomputer.com/news/security/korea-arrests-ceo-for-adding-ddos-feature-to-satellite-receivers/

In this episode of The Adversarial Podcast, former CISOs Jerry Perullo, Mario Duarte, and Sounil Yu explore critical topics shaping the cybersecurity landscape.1. Crosspoint Capital’s RSA Innovation Sandbox Model The hosts discuss Crosspoint Capital's controversial $5 million SAFE investment requirement for Innovation Sandbox finalists. They examine the implications for startups, founders, and the cybersecurity ecosystem as a whole, weighing its potential to drive innovation against the risks of stifling participation.Reference: RSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment - https://www.securityweek.com/rsa-conference-will-take-equity-in-innovation-sandbox-startup-finalists/2. The Effectiveness of Phishing Simulations and Training Phishing simulations are dissected, from their role in training effectiveness to their limitations. The hosts share personal experiences, propose smarter testing methods, and stress the need for customized, relevant security awareness programs.Reference: Understanding the Efficacy of Phishing Training in Practice - https://www.computer.org/csdl/proceedings-article/sp/2025/223600a076/21B7RjYyG9q3. Insights from a CISA Red Team Report A recent CISA red team assessment of critical infrastructure prompts discussions on systemic security flaws, logging and monitoring challenges, and the importance of infrastructure segmentation. The team critiques current approaches and highlights the risks of improper cleanup after penetration testing.Reference: Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization - https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-326a4. Cookie Theft and FBI Warnings The conversation shifts to session cookie theft, a rising threat targeting big identity providers like Google and Microsoft. The hosts explore technical solutions like device-bound session cookies and discuss why such attacks bypass MFA, affecting both enterprises and public users.Reference: https://www.fbi.gov/contact-us/field-offices/atlanta/news/cybercriminals-are-stealing-cookies-to-bypass-multifactor-authentication

Introduction:The episode opens with a discussion on securing devices for employees traveling to high-risk countries, like China, as a way to protect corporate data and maintain customer trust.Hosts Jerry, Sounil, and Mario welcome listeners and discuss recent events, including the FS-ISAC Fall Summit in Atlanta and geopolitical implications of the recent election.Key Topics:Geopolitical Risks:The group explores China's espionage activities and Russia's geopolitical maneuvers, predicting shifts in attacker strategies depending on U.S. political leadership.Concerns about China's possible invasion of Taiwan and its implications for global tech, particularly chip manufacturing, are highlighted.Cybersecurity and Crypto:The hosts discuss the post-election stock market bump, particularly in the tech and crypto sectors, and note the growing reliance on platforms like Coinbase.They debate the perception and reality of cryptocurrency stability.Travel Security Policies:The panel critiques outdated views on China-focused security policies and suggests broadening these policies to apply to all non-extradition countries.Anecdotes on “burner laptops” and espionage myths are shared, emphasizing a need for realistic threat modeling.InfoStealers and SaaS Security:Rising threats from InfoStealer malware, which targets stored credentials, are explored.A specific case involving Snowflake and ServiceNow platforms highlights vulnerabilities tied to single-factor authentication and API misuse.Debate on whether such findings should be within the scope of bug bounty programs arises.Shift Toward Hybrid and On-Prem Models:Discussion on whether critical applications are moving back on-premises due to high cloud costs, especially for AI workloads.The hosts argue the shift is likely economic rather than security-driven.EU Product Liability Directive:The EU’s new directive introduces potential liability for software developers and companies, even extending to individual coders.The implications for open source and global software markets are debated, with concerns about increased costs for doing business in the EU.CrowdStrike vs. Delta Lawsuit:The CrowdStrike-Delta legal battle is analyzed, focusing on issues like the discovery of risk registers and internal chats, and how this might expose Delta's cybersecurity weaknesses.Potential ripple effects for CrowdStrike's reputation and customer base are considered.Closing Thoughts:The episode ends with reflections on regulatory landscapes, including GDPR and how enforcement levels shape software innovation and compliance strategies.The hosts tease ongoing developments in the CrowdStrike case as a topic to watch closely.This episode combines high-level geopolitical discussions with detailed analysis of pressing cybersecurity trends, offering a mix of technical insights and industry perspectives.

(00:00) Intro (5:15) The CISO job market: present and future (25:57) Handling beg bounties and VDP (41:30) Quantum cryptography – how important is cryptography, really? Stories: “Chinese Researchers Reportedly Crack Encryption With Quantum Computer” - https://www.pcmag.com/news/chinese-researchers-reportedly-crack-encryption-with-quantum-computer Hosts:Jerry Perullo: https://www.linkedin.com/in/perullo/Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/Sounil Yu: https://www.linkedin.com/in/sounil/Producer: Tillson Galloway (linkedin.com/in/tillson)

(00:00) Intro & NIST’s new password complexity requirements(13:19) CUPS vulnerability: critical or a distraction(31:26) Federal standards for cybersecurity in health care: should legal responsibility fall on individuals?(47:30) What constitutes a hack vs a breach?Stories:“NIST Drops Password Complexity, Mandatory Reset Rules” - https://www.darkreading.com/identity-access-management-security/nist-drops-password-complexity-mandatory-reset-rules“Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution” - https://thehackernews.com/2024/09/critical-linux-cups-printing-system.html“Wyden and Warner Introduce Bill to Set Strong Cybersecurity Standards for American Health Care System” - https://www.finance.senate.gov/chairmans-news/wyden-and-warner-introduce-bill-to-set-strong-cybersecurity-standards-for-american-health-care-systemHosts:Jerry Perullo: https://www.linkedin.com/in/perullo/Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/Sounil Yu: https://www.linkedin.com/in/sounil/

(00:00) Intro (02:24) Exploding pagers: are psychological attacks worse than breaches? (20:21) Are credit card breaches still a concern in 2024? (24:57) Infostealer delivered through GitHub Issues: how are trustworthy services being abused? (31:45) Founder mode: when is it time to switch from "founder mode" to "manager mode?"(44:02) Is open-source more secure than closed-source? Stories and books mentioned: “Israel planted explosives in Hezbollah's Taiwan-made pagers, say sources” - https://www.reuters.com/world/middle-east/israel-planted-explosives-hezbollahs-taiwan-made-pagers-say-sources-2024-09-18/ Darkwire, by Joseph Cox - https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/?lens=publicaffairs Kingpin, by Kevin Poulsen - https://www.kingpin.cc/ “Clever 'GitHub Scanner' campaign abusing repos to push malware” - https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/ “Founder Mode” - https://paulgraham.com/foundermode.html “On Pioneers, Settlers, Town Planners and Theft” - https://blog.gardeviance.org/2015/03/on-pioneers-settlers-town-planners-and.html Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/

Listen as CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the value of security exams and question the relevance of certain certifications in today’s industry. Then, they debate into the vulnerability disclosure process, exploring how CVEs impact companies outside the SaaS world and whether CISA’s "Secure by Design" initiative is truly effective across industries. Finally, they discuss security misprioritization, from school systems to corporate desktops, and the evolving role of account management in protecting digital crown jewels.StoriesLinkedIn Post on ISC2 exams - https://www.linkedin.com/posts/mlockhart_hate-to-see-how-isc2-has-devolved-over-the-activity-7234368996647604225-tKVp“Is the vulnerability disclosure process glitched? How CISOs are being left in the dark” - https://www.csoonline.com/article/3491353/is-the-vulnerability-disclosure-process-a-glitch-in-itself-how-cisos-are-being-left-in-the-dark.htmlLinkedIn Post on Chrome DevTools blocked in schools - https://www.linkedin.com/posts/perullo_im-lucky-enough-to-have-my-6th-grade-daughter-activity-7237092980996632577-5T6200:00 Intro01:00 ISC2 Exams20:39 VDP and Secure by Design35:29 Security controls49:06 Admin accounts

Join former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu as they debate the impact of SSN leaks, discuss the effectiveness of recently implemented ransom payment bans in Miami, and recently reported AWS misconfigurations. Then, listen as they debate passkeys, vulnerability management, and board reporting.00:00 Intro 02:17 Social Security Number breach 14:48 Ransomware payment bans 21:47 AWS environments 39:55 Passkeys 52:30 Maturity assessmentsStories: “2.9 billion people may have had Social Security numbers, other financial data compromised. What it means for you” - https://www.cnbc.com/2024/08/15/billions-people-social-security-numbers-and-data-stolen-allegedly.html “Hack on North Miami Tests Ransom Payment Bans” - https://www.wsj.com/articles/hack-on-north-miami-tests-ransom-payment-bans-077be398 “AWS environments compromised through exposed .env files” - https://www.csoonline.com/article/3488207/aws-environments-compromised-through-exposed-env-files.html "An AWS Configuration Issue Could Expose Thousands of Web Apps" - https://www.wired.com/story/aws-application-load-balancer-implementation-compromise/Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/

Speaking live at the Evanta CISO Summit in Atlanta in June 2024, host Jerry Perullo talks candidly about why CISOs are failing to land Board Director roles.

Join former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu as they discuss upcoming lawsuits related to the recent CrowdStrike outage, switching costs, overhyped security vulnerabilities and their effect on practitioners' responsibilities, fake employees from North Korea, the information stealers and the state of password managers, and the increasing threat of deepfakes.Stories“CrowdStrike is sued by shareholders over huge software outage” - https://www.reuters.com/legal/crowdstrike-is-sued-by-shareholders-over-huge-software-outage-2024-07-31/“Delta CEO says CrowdStrike-Microsoft outage cost the airline $500 million” - https://www.cnbc.com/2024/07/31/delta-ceo-crowdstrike-microsoft-outage-cost-the-airline-500-million.html“Microsoft And AWS Outages: A Wake-Up Call For Cloud Dependency“ - https://www.forbes.com/sites/emilsayegh/2024/07/31/microsoft-and-aws-outages-a-wake-up-call-for-cloud-dependency/“Microsoft confirms Azure, 365 outage linked to DDoS attack” - https://www.cybersecuritydive.com/news/microsoft-azure-365-outage-ddos/722920/“Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue” - https://www.darkreading.com/endpoint-security/millions-of-devices-vulnerable-to-pkfail-secure-boot-bypass-issue“Who Knew? Domain Hijacking Is So Easy” - https://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/“Security Firm Alarmed to Discover Their Remote Employee Is a North Korean Hacker” - https://futurism.com/the-byte/security-firm-remote-employee-north-korean-hacker“The Evolution and Rise of Stealer Malware” (Josh Lefowitz/Flashpoint) https://www.linkedin.com/posts/activity-7209733860715098114-ZgYQ / https://flashpoint.io/blog/evolution-stealer-malware/‘I Need to Identify You': How One Question Saved Ferrari From a Deepfake Scam - https://www.bloomberg.com/news/articles/2024-07-26/ferrari-narrowly-dodges-deepfake-scam-simulating-deal-hungry-ceo“AI-Powered Deepfake Tools Becoming More Accessible Than Ever” - https://www.trendmicro.com/en_us/research/24/g/ai-deepfake-cybercrime.html

In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent Crowdstrike outages, PR in the recent Wiz acquisition rumors, stakeholder value in Rapid7, and the SEC dropping charges in the SolarWinds case.Stories: - Activist Jana has a stake in Rapid7. There are two paths to bolster value at the cybersecurity company: https://www.cnbc.com/2024/06/29/two-paths-for-jana-to-bolster-shareholder-value-at-rapid7.html - Google Near $23 Billion Deal for Cybersecurity Startup Wiz: https://www.wsj.com/business/deals/google-near-23-billion-deal-for-cybersecurity-startup-wiz-622edf1a - Most SEC charges dismissed in SolarWinds hack case: https://www.axios.com/2024/07/18/sec-solarwinds-cyberattack-case-dismissal Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/

Join former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu as they reflect on the state of cybersecurity investments in 2024, debate the importance of configuration vs. code security, and discuss the importance of governance in risk management.Stories:‘There’s A Lot Of Noise’ — VCs Trying To Find Clarity In Cluttered Cyber AI Landscape: https://news.crunchbase.com/cybersecurity/venture-funding-ai-wiz-ma-rsa/Wiz raises $1B at a $12B valuation to expand its cloud security platform through acquisitions: https://techcrunch.com/2024/05/07/wiz-raises-1b-at-12b-valuation-expanding-through-acquisitions/CyberArk Signs Definitive Agreement to Acquire Machine Identity Management Leader Venafi from Thoma Bravo: https://www.cyberark.com/press/cyberark-signs-definitive-agreement-to-acquire-machine-identity-management-leader-venafi-from-thoma-bravo/A review of zero-day in-the-wild exploits in 2023: https://blog.google/technology/safety-security/a-review-of-zero-day-in-the-wild-exploits-in-2023/Hosts:Jerry Perullo: https://www.linkedin.com/in/perullo/Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/Sounil Yu: https://www.linkedin.com/in/sounil/

In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss malicious Chrome extensions, the cybersecurity job market, mouse jigglers and security policy, and the impact of the recent ransomware wave. They share insights from their experiences, exploring the challenges of managing browser security policies, job burnout, and banning ransom payments.Stories:Millions under threat from malicious browser extensions — what to do: https://www.tomsguide.com/news/millions-under-threat-from-malicious-browser-extensions-what-to-doDemand for better cybersecurity fuels a booming job market: https://www.washingtonpost.com/business/2024/06/21/cybersecurity-job-demand-boot-camps/Wells Fargo Fires Over a Dozen for ‘Simulation of Keyboard Activity’: https://www.bloomberg.com/news/articles/2024-06-13/wells-fires-over-a-dozen-for-simulation-of-keyboard-activityLondon hospitals cancel nearly 1,600 operations and appointments in one week due to hack: https://www.theguardian.com/technology/article/2024/jun/14/london-hospitals-cancelled-nearly-1600-operations-and-appointments-in-one-week-due-to-hackCyberattacks crippled thousands of car dealers. Here's what to know. https://www.washingtonpost.com/business/2024/06/21/car-dealers-cyberattack-cdk-global/Ticketmaster hackers send death threats to cybercrime investigators: https://www.thetimes.com/uk/technology-uk/article/ticketmaster-hackers-death-threats-cybercrime-unc5537-msjgqw92wCVE-2024-5806: Progress MOVEit Transfer Authentication Bypass Vulnerability: https://www.tenable.com/blog/cve-2024-5806-progress-moveit-transfer-authentication-bypass-vulnerabilityHosts:Jerry Perullo: https://www.linkedin.com/in/perullo/Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/Sounil Yu: https://www.linkedin.com/in/sounil/

In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent wave of cyber-attacks using Snowflake and the model of shared fate. They debate the effectiveness of banning ransom payments and explore the complexities of cybersecurity regulation, using recent events involving UnitedHealth and Jerry's former employer as case studies. The conversation also touches on the ethical dilemmas CISOs face when interacting with venture capital, highlighting personal experiences and the fine line between advisory roles and conflicts of interest.Stories:UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion: https://cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortionSEC Charges Intercontinental Exchange and Nine Affiliates Including the New York Stock Exchange with Failing to Inform the Commission of a Cyber Intrusion: https://www.sec.gov/news/press-release/2024-63Why cybercriminals are targeting small businesses: https://www.marketplace.org/2024/05/30/why-cybercriminals-are-targeting-small-businesses/UnitedHealth leaders 'should be held responsible' for installing inexperienced CISO, senator says: https://therecord.media/unitedhealth-ciso-wyden-letter-sec-ftcThe Gili Ra’anan model: Questions emerging from Cyberstarts' remarkable success: https://www.calcalistech.com/ctechnews/article/b1a1jn00hcHosts:Jerry Perullo: https://www.linkedin.com/in/perullo/Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/Sounil Yu: https://www.linkedin.com/in/sounil/

Joined by fellow Interim CISO veterans Yael Nagler of Yass Partners and Aurobindo Sundaram of RELX, host Jerry Perullo reflects on his experience as the Interim CISO of Silicon Valley Bank and explores the challenges of the role from hiring manager and candidate perspectives.Yael Nagler: https://www.linkedin.com/in/yaelnagler/Aurobindo Sundaram: https://www.linkedin.com/in/aurobindosundaram/

Returning from 6 months as the interim CISO of Silicon Valley Bank, host Jerry Perullo speaks about Board/CISO interaction on the FS-ISAC Insights podcast. Full video interview at fsisac.com/insights

Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber trial. Whether you've been running bounty programs for years or just learned of them last week, this conversation will take you from basics straight into the most interesting and controversial bits.

Sounil Yu joins the #lifeafterCISO podcast and shares the idea of "retiring many times". Sounil is the renowned author of the Cyber Defense Matrix and lauded by the CISO community for his ability to step back and view problems in a new light. Host Jerry Perullo and Sounil go on to look at the Equifax breach from a new angle, talk about CISO accountability, and finally offer up their early thoughts on the Twitter whistleblower report.01:43 Returning to work as a CISO10:30 Do CISOs spend too much time on tech?11:38 CDM and the Equifax breach15:00 CISO accountability19:45 The Twitter whistleblower complaintLearn more about Sounil and his work at https://www.cyberdefensematrix.com/