Decipher Security Podcast

In this special episode, Dennis Fisher and Lindsey O'Donnell-Welch are joined by Brian Donohue of Red Canary to preview the RSA conference talks they're excited about and to try to make sense of some of the session titles that are maybe a little indecipherable.

Lindsey O'Donnell-Welch turns the tables on Decipher editor-in-chief Dennis Fisher in this episode of Memory Safe to find out how his background covering crime prepared him for the cybersecurity beat, why Ferris Bueller's Day Off is his favorite hacker movie, and how much the security world has changed in the last 20 years.

In this week's Source Code podcast, we go over findings from a newly released Ransomware Task Force report and give an update on the types of data accessed in the Change Healthcare ransomware attack.

The Salvation Army’s Lachlan McGill, general manager of cyber risk and compliance, and Euan Moore, security operations manager, talk about their experiences building a strong cybersecurity foundation, navigating the organization’s unique challenges and fostering a culture around security awareness.

In this week’s Source Code podcast, we discuss new reporting from Change Healthcare parent UnitedHealth Group that the massive ransomware attack has cost the company $872 million so far. We also talk about recent research about Sandworm, which has been designated by Mandiant as APT44.

Cody Stokes, a security leader at Procellis Technology, joins Dennis Fisher to talk about his time in the Marine Corps, the challenges of breaking into the cybersecurity field, and the fulfillment he gets from helping to protect users.

In this week’s Memory Safe episode, Sherrod DeGrippo of Microsoft talks about her first experiences with hacker culture, why a Stanley Kubrik movie shows a glimpse of what AI is, and how she makes sure that “threat intelligence hits the right note.”

Dan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST's National Vulnerability Database and the CVE ecosystem.

Rick Gordon of Tidal Cyber joins Dennis Fisher to discuss his path from the US Naval Academy to submarine officer to Wall Street and finally to the cybersecurity industry, where he's worked for the last 25 years. Dennis and Rick also talk about the importance of the community aspect of cybersecurity and why it's vital to the collective defense.

In this week's Source Code news wrap podcast, we talk about a report by the U.S. Treasury Department looking at AI-specific cybersecurity risks in the financial sector, CISA's newly released Notice of Proposed Rulemaking document for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), and recently discovered activity linked to APT29.

Jack Cable, senior technical advisor at the Cybersecurity and Infrastructure Security Agency (CISA), talks about his past experiences with bug bounty programs, CISA’s Secure By Design initiative and its efforts to help secure the open-source software ecosystem.

Brian Donohue of Red Canary joins Dennis Fisher to talk about some of the surprising findings from the company's new 2024 Threat Detection Report, including why identity based attacks continue to work so well and how attackers are approaching the shift to the cloud.

In this week's Source Code podcast, we talk about Patch Tuesday updates and the HHS investigation into the ransomware attack on Change Healthcare.

Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch talk about the BlackCat ransomware attack on Change Healthcare that has crippled the company and affected the ability of thousands of health care providers, pharmacies, and hospitals to get paid and submit claims.

Daniel Cuthbert, global head of cybersecurity research at Banco Santander, joins Dennis Fisher to talk about getting his first computer, a ZX Spectrum that he still owns (!), finding his way into hacking through IRC, his passion for photography, and his surprising alternate career path.

In this week's Source Code podcast we talk about how threat actors are using malware that allows them to maintain a better foothold on compromised Ivanti appliances, and we discuss advisories from the U.S. government about APT28, APT29 and the BlackCat ransomware group.

Alex Delamotte, threat researcher at SentinelLabs, talks about the importance of actionable threat intelligence, how threat actors are leveraging cloud services, and the upcoming Net Gala, a hacker and tech-themed art exhibition.

In this week's Source Code podcast, we discuss the LockBit ransomware takedown operation and a critical, actively exploited ScreenConnect flaw.

Jennifer Leggio, a longtime security industry executive who has served in many different roles, joins Dennis Fisher to talk about the shift in thinking among those in the security community, technical gatekeeping in security, her new consulting venture Moveable Feast, and finding your niche.

Dennis Fisher and Lindsey O'Donnell-Welch discuss the disruption of the LockBit ransomware operation by the FBI, Europol, and UK authorities, what it means for victims, and how it fits into the government's larger strategy to target cybercrime groups.