In this episode of Breaking Badness, we explore two fascinating cybersecurity stories. First, we delve into the unusual case of an ex-Disney employee who hacked menu systems, creating chaos in the happiest place on Earth. Next, we discuss Sophos' five-year-long battle with a determined group of attackers targeting their firewalls. Tune in as we break down the insider threat at Disney, the lessons learned from Sophos' transparency, and what it all means for the future of cybersecurity....

In this episode of the Breaking Badness Cybersecurity Podcast, Jason Haddix dives into his unique journey from red teaming and pentesting to leading security teams as a CISO in high-profile organizations, including a top gaming company. Jason unpacks the distinct challenges of securing a gaming company, where risks come not only from state actors but also from clout-seeking young hackers. He shares valuable insights on building scalable security programs, secrets management, and the...

In this week’s episode of Breaking Badness, we dive deep into two major cybersecurity stories that are shaping today’s landscape. First, we explore the alarming capabilities of Locate X, a powerful smartphone tracking tool used by U.S. law enforcement without a warrant. How does it work, what are the privacy implications, and what can individuals do to protect their data? We then shift gears to APT29’s latest campaign as discovered by Amazon, uncovering how this well-known threat actor...

Join Kali Fencl as she dives deep into a conversation with cybersecurity veteran The Gibson. With 25+ years in InfoSec, The Gibson shares his journey from coding as a child to shaping threat intelligence and privacy-first technology today. In this episode, they discuss hacker ethics, the influential hacker groups Loft and Cult of the Dead Cow, the evolution of hacktivism, and the groundbreaking work on privacy-focused projects like Veilid. Tune in for insights on hacking culture,...

In this episode of Breaking Badness, Kali, Tim, and Taylor discuss two major stories shaking up the cybersecurity world. First, a researcher has discovered how attackers are exploiting Whois data to grant themselves unprecedented superpowers in the digital space. Second, the Internet Archive suffers a breach possibly exposing 31 million accounts, raising questions about the security of trusted online platforms. Join the team as they break down these complex stories, share lessons...

In this episode of Breaking Badness, we dive deep into the evolving world of Endpoint Detection and Response (EDR) and its critical role in modern cybersecurity. With threats advancing and the sheer volume of endpoint data skyrocketing, AI and deep learning are becoming game changers in threat detection and prevention. Join us as Carl Froggett, CIO at Deep Instinct, and Melissa Bischoping, Senior Director of Security at Tanium, discuss the past, present, and future of EDR, the impact of...

In this episode of Breaking Badness, we dive deep into the critical world of API security and governance, uncovering key strategies to keep data safe in today’s threat landscape. Special guests Matthias Friedlingsdorf (iVerify), Tristan Kalos (ESCAPE), and Aqsa Taylor (Gutsy) join the conversation to share their experiences with detecting advanced threats like Pegasus, the importance of API governance, and the powerful role bug bounty programs play in identifying critical vulnerabilities....

In this episode of Breaking Badness, we dive into the rapidly evolving world of cybersecurity with three industry leaders: Raymond Dijkxhoorn, CEO of SURBL; Nabil Hannan, Field CISO at NetSPI; and Jason Mar-Tang, Field CISO at Pentera. They explore the critical role of domain reputation in combating phishing and spam, how AI is reshaping both offensive and defensive cybersecurity strategies, and the growing threat of ransomware in today’s digital landscape. With insights from BlackHat and...

In this special Black Hat edition of Breaking Badness, Part 2 of a 5 Part Series, we dive deep into the world of vulnerability management, cyber resilience, and supply chain security. Our expert guests—Jacob Graves, Director of Solution Architecture at Gutsy, Theresa Lanowitz, Chief Evangelist at Level Blue, Pukar Hamal, CEO at SecurityPal, and Vinay Anand, Chief Product Officer at NetSPI discuss the increasing complexity of managing vulnerabilities, the critical importance of reducing mean...

In this special Black Hat edition of the Breaking Badness Cybersecurity Podcast, Part 1 of a 5 Part Series, we dive deep into how artificial intelligence is transforming the cybersecurity landscape. Our guests—Mark Wojtasiak (VP of Product at Vectra AI), Carl Froggett (CIO at Deep Instinct), Dan Fernandez (Staff Product Manager at Chainguard), and Marcus Ludwig (CEO of Ticura)—join us to explore the evolution of Endpoint Detection and Response (EDR), the growing threats posed by generative...

In this special research edition of Breaking Badness, hosts Kali Fencl, Tim Helming, Sean McNee, and guest Sasha Angus from Sylla Intel dive deep into the world of cybercriminal campaigns targeting retailers. They explore how bad actors exploit the growing threat landscape, discussing specific fraud tactics, infrastructure reuse, and ways organizations can defend themselves. From pandemic-driven scams to sophisticated brand impersonation schemes, this episode offers valuable insights for...

Kali Fencl and Daniel Schwalbe sat down with Lesley Carhart, a seasoned incident responder specializing in Operational Technology (OT) cybersecurity at Dragos, in person at BlackHat USA 2024. Lesley shares their journey, from their unique background in avionics and electronics to becoming a leading expert in the field. We explore the evolving landscape of OT cybersecurity, the challenges of protecting legacy systems, and the critical importance of building strong relationships between...

Kali Fencl, Daniel Schwalbe, and Tim Helming discuss Brian Krebs’ article on namespace collisions and the risks associated with new generic TLDs (gTLDs) along with facial recognition and privacy concerns at major sporting events

Kali Fencl, Daniel Schwalbe, and Malachi Walker discuss all things Hacker Summer Camp. What sessions were their favorites? How did they beat the heat? Listen to the episode and find out!

This week we compromised domains targeting DeFi protocols along with the JFrog research team's findings regarding a leaked access token with admin access to Python repositories

We're thrilled Tanya Janca (aka SheHacksPurple) joined us this week on the podcast! She and Kali Fencl discuss secure guardrails, Semgrep Academy, the process of writing two books, gardening, and so much more.

In this episode of the Breaking Badness Cybersecurity Podcast, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vulnerabilities impacting your phone's 5G connection along with the new owner of the popular Polyfill JS project injecting malware into more than 100,000 sites.

Jake Bernardes, Field CISO of Anecdotes, joins the Breaking Badness Cybersecurity Podcast in this week’s episode! We’re sharing Jake’s background and path within infosec along with what’s intriguing him about the industry currently, how conferences and in-person events can still play a role in community involvement, and we’ll touch briefly on American history.

This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vishing attacks against CISA along with a threat campaign targeting Snowflake customer database instances.

It is the final episode of our mini-series from RSAC 2024! Join Kali as she speaks with Aqsa Taylor, Director of Product Management at Gutsy! They'll discuss Aqsa's path to infosec, the importance of governance strategy and how to achieve a cleaner security posture, women in cybersecurity, and how to break into the field.

It's the penultimate episode of our RSAC mini series! We're speaking with Zack Schuler of NINJIO in the first half of the episode and in the second, we speak with Lawrence Gentilello of Optery.

We're halfway through our RSAC mini series! We're speaking with Joe Slowik of MITRE in the first half of the episode and in the second, Kali is joined by Daniel Schwalbe to speak with David Goldschlag of Aembit.

In our second iteration of our mini-series, we'll speak with Ben April of Maltego and Allan Liska of Recorded Future. We'll cover topics such as AI, the LockBit ransomware gang, cybersecurity comic books, and more!

In our first episode of our mini-series, we'll speak with Jori VanAntwerp of EmberOT and Steve Stone of Rubrik Zero Labs. We'll cover topics like IT and operational technology and how ransomware is impacting the healthcare space.