The Cybersecurity Defenders Podcast

Matt Bromiley breaks down how AI is transforming (and should be transforming) SOC workflows. Whether you're already using AI tools or wondering where to start, this is the conversation you don't want to miss. Matt is a security engineer at Prophet Security, refining Prophet AI to enhance automated alert triage, investigation, and response. His work ensures that customers can cut through the noise and focus on real threats - without getting bogged down by manual analysis. Learn more at prophetsecurity.ai Matt is a cybersecurity leader and educator with over 14 years of experience leading incident response efforts and advancing detection and response capabilities across enterprise environments. His career has spanned hands-on operations, high-pressure breach response, and the strategic development of scalable cybersecurity programs. Matt also serves as an instructor with the SANS institute, delivering advanced training in incident management and host- and network-based incident response. On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. Join the live discussions by registering at limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. allied intelligence agenciestwo of its employeesparticularly for iPhone userstargeting the npm ecosystemSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. exploited in the wilddomain resurrection.detection and response (EDR) systemsacross the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community sit down with Jared Atkinson and dive into BloodHound. Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog at www.invoke-ir.com. On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. Join the live discussions by registering at https://limacharlie.io/defender-fridays

On this episode of the Cybersecurity Defenders Podcast we speak with Peter Ruta, Founder / CEO, Arcanna.ai. Peter is a Romanian-born entrepreneur and technology expert with over 13 years of experience in the industry. His interest in technology was sparked after following a military path, and he went on to secure key jobs in prominent tech companies such as Cisco. In 2015, Peter decided to pursue his passion for entrepreneurship and founded Siscale AI INC. He then went on to develop Arcanna AI, a product that leverages the latest advancements in artificial intelligence to deliver cutting-edge solutions to clients. Alongside his highly knowledgeable team, Peter has successfully grown Siscale AI into a thriving company with a strong reputation for innovation and excellence. Throughout his career, Peter has been recognized for his inquisitive, analytical mind and his ability to grasp complex situations quickly. He is known for his professionalism, results-oriented approach, and unwavering determination in the face of challenges. Peter is a natural leader who inspires his team to achieve their full potential and never loses sight of his goals. Learn more at https://www.arcanna.ai/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers. • AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys. • At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as part of their malware arsenal. • Microsoft has released an in-depth technical analysis of PipeMagic, a modular backdoor linked to ransomware operations carried out by Storm-2460, a financially motivated threat group associated with RansomEXX. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Ezra Woods, Security Engineer at Grand Canyon Education, shares insights on current attack trends and practical defensive strategies you can use to protect your environment with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community. On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. Join the live discussions by registering at https://limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/ • A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel’s eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1 • Microsoft’s Microsoft Active Protections Program, or MAPP, is designed to shorten the time between vulnerability discovery and patch deployment by giving trusted security vendors early access to vulnerability details. https://nattothoughts.substack.com/p/when-privileged-access-falls-into • US law enforcement, in coordination with multiple international partners, has taken action against the BlackSuit ransomware group — also known as Royal — resulting in the seizure of four servers, nine domains, and approximately $1 million in cryptocurrency. https://www.darkreading.com/vulnerabilities-threats/blacksuit-ransomware-infrastructure-law-enforcement Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Christopher Luft, Co-Founder and CCO of LimaCharlie, and Dr. Mike Saylor, CEO of Blackswan Cybersecurity, sat down with the Defender Fridays community for Black Hat week wrap up and a deep dive building secure environments for IR. Dr. Mike Saylor is an accomplished, outcome-driven and solution-focused business professional and entrepreneur with 30+ years of Consulting, IT Audit & Risk, Cyber Security & Incident Response experience. Uniquely qualified as a leader with a solid knowledge of operations, strategy and management, Dr. Mike has enjoyed repeated success guiding highly skilled, cross functional teams in areas of intelligence, security, technology, and audit & compliance. Dr. Mike is an experienced public speaker, writer, and researcher on topics of technology, security, and cybercrime. He stays current with changes in the industry through professional affiliations and continuing professional development. Learn more about Blackswan Cybersecurity at blackswan-cybersecurity.com On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. Join the live discussions by registering at limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. indirect prompt injectionmodel’s security posturewidespread software vulnerabilitiessecure enclave hardwareand tribal governmentsSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and Jeremy Snyder, Founder and CEO of FireTail.ai, sat down with the Defender Fridays community to discuss the hurdles of maintaining secure processes while adding AI to your workflow. Jeremy is the founder and CEO of FireTail.ai. Jeremy was an IT and cybersecurity practitioner for over 10 years before transitioning into product and sales roles in cloud security and cyber. Jeremy once went three days without seeing another human, but saw lots of reindeer. Another time, Jeremy was kicked off a train in central Sweden. Find out more at FireTail.ai. On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. Join the live discussions by registering at limacharlie.io/defender-fridays. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Center for Internet Security (CIS)SaaS and browser-based accessKnown Exploited Vulnerabilities (KEV) catalogenergy and smart infrastructurecybersecurity firm ZscalerSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. authentication tokensissued patches on July 8critical national infrastructure (CNI)JavaScript-based mining for Monero

Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. ISE Passive Identity Connectorransomware infectionsoperating within its borders100 series devices

Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. IntelBrokerceasing all activityBrazilian Central Bankcomplete compromisePatch Tuesday

Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience. You can sign up to join us for the live sessions at limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Two critical local privilege escalation vulnerabilities in the Sudo utility—CVE-2025-32462 and CVE-2025-32463—have been disclosed by the Stratascale Cyber Research Unit. Google Chrome and Mozilla Firefox are both facing distinct, serious threats this week—Chrome from a zero-day vulnerability under active exploitation and Firefox from a campaign of malicious browser extensions targeting cryptocurrency users. The Medusa ransomware group, active since late 2021, has maintained a consistent and aggressive operational tempo into 2025. Cloudflare has rolled out a significant change to how websites handle AI crawlers, positioning itself as the first internet infrastructure provider to block AI-driven scraping by default.