🎧 In this RSA Conference 2025 special episode, we explore two critical frontiers shaping the future of cybersecurity.

First, Jon DiMaggio (Author of The Ransomware Diaries, Analyst1) breaks down the hidden supply chains behind ransomware gangs, including the economics of affiliate betrayal and the challenge of accurate attribution. He walks us through his methodology for identifying ransomware rebrands like BlackCat and RansomHub using evidence-based frameworks designed to eliminate human bias.

Then we’re joined by Matt Radolec (VP of Incident Response at Varonis), who brings a fresh perspective on talent development in cybersecurity. Drawing from his keynote "From Gamer to Leader," Matt argues that gamers possess untapped potential as cybersecurity professionals and it’s time to design leadership pipelines like quest lines.

From ransomware negotiations on underground forums to using AI-enhanced playbooks and transforming threat response teams into RPG-style guilds, this episode blends technical insight with cultural reflection.

Listen wherever you get your podcasts:

Apple: https://podcasts.apple.com/us/podcast/inside-ransomwares-supply-chain-attribution-rebrands/id1456143419?i=1000712483072

Spotify: https://open.spotify.com/episode/1pNUfaXt1gZyO1sLFVVLuZ

Web: https://www.domaintools.com/resources/podcasts/inside-ransomwares-supply-chain-attribution-rebrands-and-affiliate-betrayal/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Breaking-Badness-RSAC

In this week's episode of the Breaking Badness Cybersecurity Podcast we delve into the critical role of domains in modern cyber attacks. From sophisticated
nation-state operations to AI-powered phishing kits and malicious browser extensions, domains are the foundational infrastructure for threat actors.

Host @NotTheLinux is joined by four leading cybersecurity experts Joe Slowik, Robert Duncan, John Fokker and Vivek Ramachandran to break down how domains are weaponized and what organizations can do to defend themselves on this ever-evolving frontline.

Listen wherever you get your podcasts:

Apple: https://podcasts.apple.com/us/podcast/beyond-the-perimeter-how-attackers-use-domains/id1456143419?i=1000711183082

Spotify: https://open.spotify.com/episode/0trcyZliGZuEj591IVnZCu

YouTube: https://www.youtube.com/watch?v=CpcJXpWwfQo

Web: https://www.domaintools.com/resources/podcasts/how-attackers-use-domains-phishing-ai-and-how-to-fight-back/?utm_source=Mastodon&utm_medium=Social&utm_campaign=RSAC-Domains

For defending against phishing campaigns, you've got to have sensible security rules in place and a good overall security practice in your organization. You also need to be running EDR tools (EDR/XDR) and edge protection. These practices will all help, though they are not a silver bullet against the problem.

Be aware as a practitioner if DNS over HTTPS is becoming more present on your network. If you control your own DNS resolver, that's the best way to go.

DNS is really your friend as a security practitioner.

Listen to the full episode of the Breaking Badness Cybersecurity Podcast here: https://www.domaintools.com/resources/podcasts/morphing-meerkat-proton66-how-cybercrime-is-getting-easier/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Proton66

#DNS #cybersecurity #infosec #infosecurity #phishing #phishingprotection #phishingprevention

In this episode of Breaking Badness, @NotTheLinux sits down with @nohackme Global Security Advisor at @Splunk and former CISO for Pete Buttigieg’s 2020 presidential campaign. Mick shares his journey from aspiring Navy nuclear engineer to leading security in some of the highest-stakes environments, including the White House.

They explore how threat intelligence, storytelling, and mentorship shape the future of cybersecurity. From his early days in government to his work on the Splunk SURGe team, Mick opens up about what it takes to build secure systems, stronger teams, and more empathetic leadership in cybersecurity.

Listen wherever you get your podcasts:

Apple: https://podcasts.apple.com/us/podcast/building-secure-campaigns-and-better-humans/id1456143419?i=1000708453062

Spotify: https://open.spotify.com/episode/2Foec8jCvgblC1gZUq7uB4

YouTube: https://www.youtube.com/watch?v=WvBPvSbsI_g&ab_channel=DomainTools

Web: https://www.domaintools.com/resources/podcasts/building-secure-campaigns-and-better-humans-a-conversation-with-mick-baccio/?utm_source=Mastodon&utm_medium=Social&utm_campaign=RSAC-2025

✈️ Are you on your way to RSAC?

It's the perfect time to catch up on recent episodes of the Breaking Badness Cybersecurity Podcast (and we'll be recording with some amazing folks this week!)

Catch up on recent episodes like:
🔹Our DFIR Fireside Chats Parts I and II (featuring @danonsecurity, @hacks4pancakes, @DavidJBianco, and Sarah Sabotka!)
🔹How Russian Disinformation Campaigns Exploit Domain Registrars and AI (featuring Daniel Schwalbe and Scot Terban)
🔹From ValleyRAT to Silver Fox: How Graph-Based Threat Intel is Changing the Game (featuring Daniel Schwalbe and Wes Young)

And that's just three examples! There's plenty more wherever you get your podcasts.

Apple: https://podcasts.apple.com/us/podcast/breaking-badness/id1456143419

Spotify: https://open.spotify.com/show/5FMbQIxkeBYHMOdpRzsZeM

YouTube: https://www.youtube.com/channel/UCpXt1El9Nh2u8Wvu-Tspsow

Web: https://www.domaintools.com/resources/podcasts/?utm_source=Mastodon&utm_medium=Social&utm_campaign=RSAC-Podcasts

#Cybersecurity #CyberConversations #RSAC

How do you identify a cybersecurity incident?

@hacks4pancakes sees a lot of copy/paste incident responses on the Internet - you really need to understand what matters to your business. Sarah Sabotka argues that this is where CTI comes in to support incident response to see what we can enrich. Per@DavidJBianco, the Identify stage is all about going from raw data up and to engaging your incident response plan.

Catch the full discussion from this past week's episode of the Breaking Badness Cybersecurity Podcast here: https://podcasts.apple.com/us/podcast/dfirside-chat-lessons-from-the-frontlines-of/id1456143419?i=1000703745188

#cybersecurity #incidentresponse #dfir

In this special DNS Masterclass episode of Breaking Badness, hosts @tw_pierce take a deep dive into the Domain Name System (DNS) often dubbed the backbone and battleground of the Internet.

From its humble beginnings with host files to its critical role in modern security, the episode unpacks DNS’s evolution, vulnerabilities, and impact on Infosec.

Listen here: https://www.domaintools.com/resources/podcasts/dns-masterclass-attacks-defenses-and-the-day-the-internet-was-saved/?utm_source=Mastodon&utm_medium=Social&utm_campaign=Breaking-Badness

#DNS #CyberSecurity #Infosec

The latest episode of the Breaking Badness Cybersecurity Podcast is here!

In this episode, host @NotTheLinux welcomes Wes Young of CSIRT Gadgets and @danonsecurity, CISO and head of investigations at DomainTools, dive into a recent DomainTools Investigations (DTI) analysis involving ValleyRAT and Silver Fox, and how new tools are enabling faster, more accessible analysis for junior and seasoned analysts alike. Whether you're a threat intel veteran or an aspiring analyst, this episode is packed with hard-earned lessons, technical insights, and future-forward thinking.

They also unpack the evolution of threat intelligence from early higher-ed days of wiki-scraped snort rules to today’s graph-powered AI analysis. Wes shares the origin story behind his platform AlphaHunt, how it's being used to automate and enhance threat detection, and why community sharing remains essential even in an era of advanced tooling.

🎧 Listen here: https://www.domaintools.com/?utm_source=Mastodon&utm_medium=Social&utm_campaign=DTI-Breaking-Badness

How can organizations better prepare against cyber espionage attacks?

Tim Helming from the Breaking Badness Cybersecurity Podcast explains.

Listen to the full episode wherever you get podcasts:

Apple: https://podcasts.apple.com/us/podcast/apt-41s-vpn-exploits-the-great-firewalls-leaky-secrets/id1456143419?i=1000699951705

Spotify: https://open.spotify.com/episode/7ze7ixRYBCnzOPmSpoSdoP

YouTube: https://www.youtube.com/watch?v=Dpf_p8HVp58&ab_channel=DomainTools

Web: https://www.domaintools.com/resources/podcasts/apt-41s-vpn-exploits-the-great-firewalls-leaky-secrets/

In this episode of Breaking Badness, @NotTheLinux, @ColonelPanic, and @tw_pierce dive into two major cybersecurity stories: the exploitation of a VPN vulnerability by Chinese APT 41 and the newly discovered “Wall Bleed” flaw in the Great Firewall of China.

APT 41 has been using a critical VPN vulnerability to infiltrate operational technology (OT) organizations, targeting industries like aerospace and defense. Meanwhile, researchers have uncovered a flaw in China's DNS injection system, which inadvertently leaks internal data—an ironic twist for a government known for its strict internet censorship.

Join us as we break down these exploits, their impact on cybersecurity, and what they reveal about modern cyber espionage. We also discuss best practices for securing VPNs, firewall vulnerabilities, and the ethical implications of studying censorship technologies.

Listen wherever you get podcasts:

Apple: https://podcasts.apple.com/us/podcast/apt-41s-vpn-exploits-the-great-firewalls-leaky-secrets/id1456143419?i=1000699951705

Spotify: https://open.spotify.com/episode/7ze7ixRYBCnzOPmSpoSdoP

YouTube: https://www.youtube.com/watch?v=Dpf_p8HVp58&ab_channel=DomainTools

Web: https://www.domaintools.com/resources/podcasts/apt-41s-vpn-exploits-the-great-firewalls-leaky-secrets/?utm_source=Mastodon&utm_medium=Social&utm_campaign=breaking-badness