🎧 In this RSA Conference 2025 special episode, we explore two critical frontiers shaping the future of cybersecurity.

First, Jon DiMaggio (Author of The Ransomware Diaries, Analyst1) breaks down the hidden supply chains behind ransomware gangs, including the economics of affiliate betrayal and the challenge of accurate attribution. He walks us through his methodology for identifying ransomware rebrands like BlackCat and RansomHub using evidence-based frameworks designed to eliminate human bias.

Then we’re joined by Matt Radolec (VP of Incident Response at Varonis), who brings a fresh perspective on talent development in cybersecurity. Drawing from his keynote "From Gamer to Leader," Matt argues that gamers possess untapped potential as cybersecurity professionals and it’s time to design leadership pipelines like quest lines.

From ransomware negotiations on underground forums to using AI-enhanced playbooks and transforming threat response teams into RPG-style guilds, this episode blends technical insight with cultural reflection.

Listen wherever you get your podcasts:

Apple: https://podcasts.apple.com/us/podcast/inside-ransomwares-supply-chain-attribution-rebrands/id1456143419?i=1000712483072

Spotify: https://open.spotify.com/episode/1pNUfaXt1gZyO1sLFVVLuZ

Web: https://www.domaintools.com/resources/podcasts/inside-ransomwares-supply-chain-attribution-rebrands-and-affiliate-betrayal/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Breaking-Badness-RSAC

In this week's episode of the Breaking Badness Cybersecurity Podcast we delve into the critical role of domains in modern cyber attacks. From sophisticated
nation-state operations to AI-powered phishing kits and malicious browser extensions, domains are the foundational infrastructure for threat actors.

Host @NotTheLinux is joined by four leading cybersecurity experts Joe Slowik, Robert Duncan, John Fokker and Vivek Ramachandran to break down how domains are weaponized and what organizations can do to defend themselves on this ever-evolving frontline.

Listen wherever you get your podcasts:

Apple: https://podcasts.apple.com/us/podcast/beyond-the-perimeter-how-attackers-use-domains/id1456143419?i=1000711183082

Spotify: https://open.spotify.com/episode/0trcyZliGZuEj591IVnZCu

YouTube: https://www.youtube.com/watch?v=CpcJXpWwfQo

Web: https://www.domaintools.com/resources/podcasts/how-attackers-use-domains-phishing-ai-and-how-to-fight-back/?utm_source=Mastodon&utm_medium=Social&utm_campaign=RSAC-Domains

For defending against phishing campaigns, you've got to have sensible security rules in place and a good overall security practice in your organization. You also need to be running EDR tools (EDR/XDR) and edge protection. These practices will all help, though they are not a silver bullet against the problem.

Be aware as a practitioner if DNS over HTTPS is becoming more present on your network. If you control your own DNS resolver, that's the best way to go.

DNS is really your friend as a security practitioner.

Listen to the full episode of the Breaking Badness Cybersecurity Podcast here: https://www.domaintools.com/resources/podcasts/morphing-meerkat-proton66-how-cybercrime-is-getting-easier/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Proton66

#DNS #cybersecurity #infosec #infosecurity #phishing #phishingprotection #phishingprevention

In this episode of Breaking Badness, @NotTheLinux sits down with @nohackme Global Security Advisor at @Splunk and former CISO for Pete Buttigieg’s 2020 presidential campaign. Mick shares his journey from aspiring Navy nuclear engineer to leading security in some of the highest-stakes environments, including the White House.

They explore how threat intelligence, storytelling, and mentorship shape the future of cybersecurity. From his early days in government to his work on the Splunk SURGe team, Mick opens up about what it takes to build secure systems, stronger teams, and more empathetic leadership in cybersecurity.

Listen wherever you get your podcasts:

Apple: https://podcasts.apple.com/us/podcast/building-secure-campaigns-and-better-humans/id1456143419?i=1000708453062

Spotify: https://open.spotify.com/episode/2Foec8jCvgblC1gZUq7uB4

YouTube: https://www.youtube.com/watch?v=WvBPvSbsI_g&ab_channel=DomainTools

Web: https://www.domaintools.com/resources/podcasts/building-secure-campaigns-and-better-humans-a-conversation-with-mick-baccio/?utm_source=Mastodon&utm_medium=Social&utm_campaign=RSAC-2025

✈️ Are you on your way to RSAC?

It's the perfect time to catch up on recent episodes of the Breaking Badness Cybersecurity Podcast (and we'll be recording with some amazing folks this week!)

Catch up on recent episodes like:
🔹Our DFIR Fireside Chats Parts I and II (featuring @danonsecurity, @hacks4pancakes, @DavidJBianco, and Sarah Sabotka!)
🔹How Russian Disinformation Campaigns Exploit Domain Registrars and AI (featuring Daniel Schwalbe and Scot Terban)
🔹From ValleyRAT to Silver Fox: How Graph-Based Threat Intel is Changing the Game (featuring Daniel Schwalbe and Wes Young)

And that's just three examples! There's plenty more wherever you get your podcasts.

Apple: https://podcasts.apple.com/us/podcast/breaking-badness/id1456143419

Spotify: https://open.spotify.com/show/5FMbQIxkeBYHMOdpRzsZeM

YouTube: https://www.youtube.com/channel/UCpXt1El9Nh2u8Wvu-Tspsow

Web: https://www.domaintools.com/resources/podcasts/?utm_source=Mastodon&utm_medium=Social&utm_campaign=RSAC-Podcasts

#Cybersecurity #CyberConversations #RSAC

How do you identify a cybersecurity incident?

@hacks4pancakes sees a lot of copy/paste incident responses on the Internet - you really need to understand what matters to your business. Sarah Sabotka argues that this is where CTI comes in to support incident response to see what we can enrich. Per@DavidJBianco, the Identify stage is all about going from raw data up and to engaging your incident response plan.

Catch the full discussion from this past week's episode of the Breaking Badness Cybersecurity Podcast here: https://podcasts.apple.com/us/podcast/dfirside-chat-lessons-from-the-frontlines-of/id1456143419?i=1000703745188

#cybersecurity #incidentresponse #dfir