In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Thai police conducted a major raid on the Antai Holiday Hotel in central Pattaya late on Monday night, June 16th, uncovering a joint operation involving both ransomware distribution and illegal gambling.Canada’s national cybersecurity agency has confirmed that a Chinese state-sponsored group known as Salt Typhoon successfully targeted a Canadian telecommunications company earlier this year, exploiting a Cisco vulnerability.The Department of Homeland Security (DHS) has issued a National Terrorism Advisory System bulletin warning of an elevated risk of cyberattacks and potentially violent extremism in response to escalating geopolitical tensions between the U.S. and Iran.Security researchers have confirmed that recent social engineering campaigns exploiting Zoom are the work of BlueNoroff, a North Korean state-sponsored APT group known for targeting financial entities, particularly in the cryptocurrency and online gambling sectors.
--------
27:22
--------
27:22
#225 - Defender Fridays: EDR, DFIR & endpoint triage with Brian Carrier, CEO of Sleauth Kit Labs
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience.You can sign up to join us for the live sessions at limacharlie.io/defender-fridays
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A new malware strain known as OtterCookie, developed by the North Korean APT group Lazarus, has been dissected in a detailed technical analysis by offensive security expert Mauro Eldritch. Attackers are currently exploiting a critical vulnerability in the Langflow platform — an open-source Python-based web app used to build AI workflows and agents — to deliver a new botnet called Flodrix.A new campaign from an emerging threat group named Water Curse is targeting the software supply chain by leveraging GitHub repositories that masquerade as legitimate security tools. The threat actor known as Scattered Spider, also tracked as UNC3944 by Google and Mandiant, has apparently shifted its operational focus from the retail sector to the US insurance industry, according to a new alert from Google’s Threat Intelligence Group.
--------
31:45
--------
31:45
#223 - Defender Fridays: Maintaining the human touch in security operations with Hayden Covington, SOC SecOps Lead at BHIS
Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and the audience.You can sign up to join us for the live sessions at limacharlie.io/defender-fridays
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Over an eight-month period beginning in July of last year, China-backed threat actors carried out a coordinated campaign that included attempts to breach cybersecurity vendor SentinelOne.CISA has added two newly confirmed exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild.OpenAI has banned ChatGPT accounts linked to state-sponsored threat actors, including groups affiliated with governments in China, Russia, North Korea, Iran, and others.A critical vulnerability in Wazuh Server, CVE-2025-24016 (CVSS 9.9), is being actively exploited by threat actors to deliver multiple Mirai botnet variants for distributed denial-of-service (DDoS) operations.
An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.
Polska