The Daly Threat Report with Joe Daly

Korbein Schultz: “The 'Jason Bourne' Breach” How does a 25-year-old insider bypass billions of dollars in elite government cybersecurity? With a $42,000 payout, a serious "Jason Bourne" complex, and a personal smartphone. In this episode, we dive into the shocking case of Korbein Schultz, a U.S. Army intelligence analyst recently sentenced to seven years in prison for selling highly classified military secrets to an individual tied to the Chinese government. Manipulated by a foreign handler who baited him with promises of wealth and fed his cinematic spy fantasies, Schultz handed over the U.S. military's playbook. His leaks included technical manuals for the F-22A fighter jet, details on missile defense systems like HIMARS, and critical tactical lessons for the defense of Taiwan. But the real story isn't just what he stole—it's how he stole it. Instructed by his handler in Hong Kong, Schultz didn't use a sophisticated cyber exploit; he simply pulled out his personal phone and took photographs of confidential documents directly off his computer screen. Joined by Shawnee Delaney, a former DIA case officer, CEO of Vaillance Group, and espionage expert, we unpack the psychology of the modern insider threat and the terrifying reality of the "analog loophole." In this episode, we cover: - The "Spot and Assess" Playbook: How foreign adversaries use freelance platforms to identify targets and exploit the egos of cleared professionals. - The Contagion Effect: Schultz’s calculated attempt to recruit a friend at the U.S. Indo-Pacific Command (INDOPACOM) and expand his spy ring from the inside,. - The Ultimate Blind Spot: Why the world's most advanced network firewalls are completely useless against an unauthorized camera lens in a secure room. Network security is only half the battle. If your organization cannot confidently detect the physical presence of a rogue device in your secure spaces, your data is already at risk. Learn how Bastille gives organizations real-time visibility into unauthorized phones and devices sitting in restricted zones, closing the analog loophole before the camera app even opens. Visit bastille.net to learn more.

Jack Teixeira - “The Discord Insider” How does a 22-year-old IT specialist perpetrate one of the most significant and consequential violations of the Espionage Act in American history? He ignores the rules and brings his personal smartphone to work. In this episode we are joined by Shawnee Delaney, CEO of Vaillance Group, former case officer for the DIA, and expert on insider threats. We unpack the devastating case of Jack Teixeira, a Massachusetts Air National Guardsman recently sentenced to 15 years in federal prison for leaking highly classified National Defense Information. Despite possessing a Top-Secret security clearance and having signed a lifetime binding non-disclosure agreement, Teixeira repeatedly bypassed physical security restrictions to photograph printouts of sensitive intelligence inside secure government facilities. His motivation was not financial gain or ideology; rather, defense lawyers noted he was an isolated, autistic individual who sought to boost his ego and impress anonymous friends on a private Discord server for gun and military enthusiasts. In this episode we cover: - The Motive Behind the Leak: How social isolation, bullying in his military unit and high school, and the desire to impress anonymous friends on Discord drove a 22-year-old Air National Guardsman to leak Top-Secret National Defense Information. - Bypassing Security Protocols: The alarming reality of how Teixeira smuggled his personal smartphone into secure facilities to photograph classified printouts, despite his considerable training and being explicitly warned by superiors on two separate occasions. - The Velocity of Digital Espionage: Tracing the rapid spread of sensitive intelligence—including assessments of the Russia-Ukraine conflict, Taiwan's defense capabilities, and internal allied arguments—from a small gaming chatroom to global pro-Kremlin Telegram channels. Tune in to discover why traditional "honor system" policies and background checks are no longer enough, and why protecting classified information today requires active, physical device detection technology to secure your airspace and catch rogue hardware before the camera app is ever opened. To learn more visit bastille.net.

Kevin Mallory - “The Micro-SD Spy” In early 2017, Kevin Patrick Mallory—a former CIA undercover operative and DIA senior intelligence officer who once held a Top Secret clearance—was $230,000 in debt and falling months behind on his mortgage. Desperate for a lifeline, he answered a LinkedIn message from a Chinese intelligence officer posing as a think tank representative. This single exchange sparked a devastating betrayal that ultimately led to Mallory’s 20-year federal prison sentence for espionage. In this episode, we sit down with a former case officer and espionage expert, and current CEO of Vaillance group Shawnee Delaney, to dissect the modern tradecraft that made Mallory's breach possible—and why it proves that standard facility security is no longer enough. In this episode, we cover: - The Human Element: How a floundering career and crushing debt made a highly vetted intelligence officer a ripe target for foreign recruitment. - The Invisible Tradecraft: A deep dive into the Samsung Galaxy "covcom" device and how malicious insiders are weaponizing everyday, compact electronics to securely communicate with foreign adversaries. - The Failure of Traditional Perimeters: Why standard visual checks, fences, and badge scanners are completely blind to hidden micro SD cards and powered-down smartphones. - Securing the RF Environment: How Bastille’s advanced wireless airspace cyber security technology provides the mandatory layer of defense needed to detect unauthorized electronics inside restricted zones before classified data ever leaves the room. Tune in to understand how the frontline of physical security has shifted, and why taking control of your facility's digital and radio frequency environment is the only way to catch the modern spy. To learn more visit bastille.net

In this episode of The Daily Threat podcast from NVIDIA GTC, host Joe Daley interviews cybersecurity veteran Paul Kalatayud about emerging wireless security challenges in AI data centers. Paul, a five-time Fortune 100 CISO with 26 years of experience, discusses how AI has evolved from a technical to a business conversation and the implications for physical security. The conversation covers three main wireless security threats: unintentional vulnerabilities from manufacturers adding smart features, intentional surveillance attempts, and adversarial attacks through compromised supply chains. Paul shares real-world examples, including a customer who unknowingly received RFID door locks with enabled Bluetooth capabilities they never requested. The discussion explores how AI data centers may face stricter compliance requirements similar to critical infrastructure, and Paul advises security practitioners to treat wireless security monitoring like traditional vulnerability scanning to understand their complete attack surface.

In this episode of The Daly Threat podcast, host Dr. Brett Walkenhorst interviews Scott Stapp, a retired Air Force general and former CTO at Northrop Grumman, about the security risks posed by smartphones on Navy ships. Stapp explains how adversaries can now use commercial satellite constellations like Starlink and advanced RF collection capabilities to geolocate military vessels through sailor's personal devices. He emphasizes that just one active smartphone can compromise the location of an entire aircraft carrier, even when the ship is attempting to hide during critical operations. The discussion covers the challenges of enforcing device policies among thousands of sailors, the importance of operational security (OPSEC) education, and practical solutions like Faraday bags and RF detection systems. Stapp stresses that military organizations must invest in self-detection capabilities to identify their own RF signatures before adversaries can exploit them, and highlights the need for faster adaptation to emerging technology threats in defense operations.

In this episode of the Daly Threat Podcast, host Joe Daly sits down with Dale “Woody” Wooden of Weathered Security to unpack one of the most misunderstood topics in secure-facility design: RF shielding. Despite its reputation—and its cost—shielding is rarely the airtight solution facility owners expect.

🎙️ The Daly Threat Report: "Stuttgart Spy Ring" What if your parking lot became a battlefield in the RF spectrum? In this five-minute tactical intelligence brief, Joe Daly (Bastille) and Shawnee Delaney (Vaillance Group) dissect a Russian-directed surveillance operation conducted outside Stuttgart Army Airfield. This episode explores how a modified civilian vehicle became a mobile SIGINT (signals intelligence) collection platform—used to harvest wireless identifiers from Ukrainian soldiers training on missile systems. These identifiers were allegedly used to track and target those individuals after they returned to Ukraine. 🔍 Topics covered: The use of IMSI catchers, Wi-Fi Pineapples, and multi-protocol surveillance Why traditional network security can't detect RF-based collection operations The real-world risks of protocol correlation attacks in secure facilities 📡 This case isn't about firewalls—it’s about invisible RF threats bypassing every conventional control. Key question for security leaders: If a foreign adversary set up a mobile SIGINT platform outside your perimeter today, would your current security stack detect it? 📍 For technical breakdowns, case studies, and detection tools, visit ⁠Bastille.net/thedalythreatreport⁠. Subscribe, share, and rethink what your perimeter really means.

🎙️ The Daly Threat Report: "A Pocket Full of Secrets"\ What happens when wireless policy fails, and the threat is already inside the perimeter? In this five-minute micro-brief, Bastille’s Joe Daly breaks down the Michael Schena espionage case—a real-world example of insider threat tradecraft that evaded technical security for nearly three years. Joined by Shawnee Delaney (CEO, Vaillance Group and former U.S. intelligence officer), Joe explores how Schena allegedly used a personal smartphone to photograph and exfiltrate classified documents from inside a secure facility—undetected. They discuss the evolving techniques of foreign intelligence services, the limitations of current wireless security postures, and the urgent need for real-time detection tools in SCIFs, defense sites, and R&D environments. 🔍 Topics covered: How Schena was recruited and operated using classic espionage methods The staggering lack of wireless intrusion detection in secure environments Critical takeaways for insider threat programs and physical airspace security 📍 Learn more at ⁠Bastille.net/thedalythreatreport⁠ and connect with Shawnee Delaney at VaillanceGroup.com. Listen now—and ask yourself: Would your technical controls catch an unauthorized phone in your secure facility?

🎙️ The Daly Threat Report:"The Nearest Neighbor Attack" Your network is secure—but is your neighbor's? In this episode, Joe Daly (Bastille) and Shawnee Delaney (Vaillance Group) break down the "Nearest Neighbor Attack," where Russian APT28 actors bypassed hardened defenses by exploiting wireless proximity and compromising nearby businesses. Using dual-homed systems, guest Wi-Fi weaknesses, and wireless bridging, these attackers moved laterally—without ever touching a firewall. This operation showcases the future of persistent access: lateral RF-based infiltration, invisible to traditional network monitoring tools. 🔍 Topics covered: How Fancy Bear exploited neighboring infrastructure using dual-homed wireless devices Why firewalls and MFA are powerless against RF propagation and protocol pivots Actionable steps for monitoring and securing your wireless airspace 🌐 This episode is a wake-up call: Your threat perimeter now includes every RF-capable device within radio range—whether you own it or not. 📍 Visit ⁠Bastille.net/thedalythreat⁠ for technical analysis, detection frameworks, and more insights into defending against advanced persistent threats. Subscribe, share, and expand your threat model—because the attack vector just moved across the street.