Secure AF - A Cybersecurity Podcast

Got a question or comment? Message us here!The FBI is warning about Kali365, a new phishing‑as‑a‑service tool designed to steal Microsoft 365 credentials and enable account takeovers at scale. In this episode, we break down how it works, why it’s so effective, and what your SOC can do right now to detect and defend against it. 🎧 Tune in now at secureafpodcast.comSupport the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!What actually happens when a company gets hacked?In this episode, we break down real-world incident response, from initial access and ransomware tactics to forensic investigation and common mistakes that make things worse. If your organization had an incident tomorrow, would you know what to do?Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this episode of the #SOCBrief, we dive into the first confirmed case of an AI-powered zero-day exploit. With attackers leveraging AI to discover vulnerabilities, generate exploit code, and bypass defenses faster than ever, this marks a major shift in how threats are developed and deployed. We break down how the attack worked, what made the exploit unique, and the key detection and defense strategies SOC teams need to start adopting now to keep pace with AI-driven adversaries.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this episode of the #SOCBrief, we break down the ShinyHunters breach of Instructure’s Canvas LMS and what it means for security teams everywhere. From exploiting a lesser-monitored service to exfiltrating millions of records, this attack highlights the growing risk of third-party vendors and supply chain exposure. We walk through how the breach unfolded, key indicators of compromise, and the practical steps SOC teams can take to detect, monitor, and reduce vendor-related risk before it becomes a crisis.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!When the Canvas LMS went down, thousands of institutions came to a halt, right in the middle of finals. In this episode, we break down what really happened, what data may have been exposed, and why this incident is a wake-up call for every organization relying on SaaS platforms.From vendor risk and contract blind spots to business continuity failures, we unpack the real lessons security leaders need to hear, and what you should be doing right now to prepare for the next breach.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!MuddyWater is blurring the line between ransomware and espionage... using Chaos ransomware as a decoy to distract defenders while quietly stealing data and maintaining persistence. In this episode, we break down how this tactic works, what SOC teams should watch for, and how to detect the hidden activity beneath the noise.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Qilin ransomware is deploying a malicious DLL to disable EDR tools before encryption begins. In this #SOCBrief, we break down how the attack works, what to look for, and how defenders can respond. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Artificial intelligence is evolving faster than most organizations, and regulators, are prepared for. In this episode of the #SecureAFPodcast, we sit down with Chris Hood, a veteran technologist and financial industry leader, to explore how AI has evolved from early computing to today’s large language models and agentic systems.We discuss real‑world AI use in highly regulated environments, the benefits and risks of agentic AI, growing concerns around AI security and alignment, and why some experts believe general, and eventually superintelligence, may be closer than many expect, even if we’re not there yet.Along the way, the conversation takes a few intentional detours, as two seasoned technologists reflect on decades of computing history and how past technology shifts help frame today’s AI inflection point.From practical productivity gains to long‑term implications for security, jobs, and society, this conversation goes beyond hype to ask the hard questions security leaders should already be considering.This is Part 1 of a deeper discussion on AI, risk, and the future of human‑machine collaboration.Dive in here: secureafpodcast.comSupport the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!A malicious Axios NPM package highlights how quickly supply chain compromises can spread through trusted dependencies. In this #SOCBrief, we break down what happened, the risks to downstream applications, and what SOC teams should be monitoring to catch similar attacks early. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!A new ransomware group is blending in with legitimate tools. This #SOCBrief breaks down Black Shrantac and how to detect it early.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Cybersecurity success increasingly hinges on cognitive readiness, the ability to spot patterns fast, make the right calls under pressure, and perform amid chaos. On this episode of the SECURE AF PODCAST, Will Arnett sits down with Jessica Gulick, Founder and Commissioner of the U.S. Cyber Games, to discuss why cognitive training is critical, how esports players develop these skills instinctively, and why esports represents an untapped pipeline for elite cyber talent. They also dive into how AI elevates the importance of human cognition—and how security leaders can strengthen SOC morale by leading more like coaches.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Iranian-affiliated APT actors are actively targeting U.S. critical infrastructure, specifically PLCs powering essential operations across water, energy, and manufacturing.This #SOCBrief breaks down the latest CISA alert, how attackers are exploiting OT environments, and what security teams need to be watching for right now. From key indicators to practical defense strategies, this is your wake-up call to treat OT as a high-value target.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Chrome just became the attack surface of the week.We’re breaking down the latest zero-day exploits, what attackers are doing with them, and how SOC teams can respond before it turns into something bigger. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Healthcare security isn’t just about networks anymore. In this episode, we dive into the complex world of connected medical devices, the challenges of securing them, and why organizations need a more holistic approach to cybersecurity.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Your firewall could be the entry point. A critical Cisco FMC zero-day is being used in real-world ransomware attacks, turning security tools into launchpads. In this episode, we cover what’s happening, how attackers are exploiting edge devices, and how SOC teams can stay ahead.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Suspected Chinese state-linked hackers breached an FBI surveillance network ... not by breaking through the front door, but through a third-party provider.In this episode of the #SOCBrief, we break down how the attack happened, why supply chain vulnerabilities are one of the biggest risks facing SOC teams today, and what this means for organizations of all sizes. From compromised vendor access to real-world detection strategies, we’re covering how attackers are exploiting trusted connections, and how you can stay one step ahead.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Qilin is quickly becoming one of the most dominant ransomware groups in the world, and it’s not because of groundbreaking tactics. It’s because of their business model.In this episode, we break down how Qilin operates as a ransomware-as-a-service group, why affiliates are flocking to them (hint: 80–85% payouts), and how that’s fueling explosive growth across industries worldwide. From real-world attack patterns to how they gain access and evade detection, we’re diving into what makes this group so effective, and why organizations should be paying attention. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this episode of the #SOCBrief, we break down BugSleep, a new backdoor malware tied to the Iranian threat group MuddyWater, and how it’s being used in targeted spear-phishing campaigns against organizations. Learn how the malware works, what indicators SOC teams should watch for, and practical steps to detect and defend against these evolving attacks. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!A massive breach has shaken the telecom world. In this episode of the #SOCBrief, we break down the alleged TELUS hack claimed by the ShinyHunters threat group, what data may have been stolen, and why the potential exfiltration of massive datasets could have far-reaching consequences for organizations worldwide. From OAuth tokens and API keys to customer PII and enterprise systems, we explore how attacks like this unfold and what organizations should be on the lookout. 🎧 Tune in now at secureafpodcast.comSupport the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!A.I. conversations are everywhere ... but how can businesses realistically use it today? In this episode of Secure AF, we introduce Vector Pulse A.I. and discuss how A.I. can help organizations automate workflows, improve operational efficiency, and support smarter decision-making. We also dive into the growing excitement (and concerns) around A.I., common mistakes companies make when adopting it, and practical advice for leaders looking to explore A.I. responsibly.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Geopolitical tensions are rising ... and cyber threats aren’t far behind. In this episode of the #SOCBrief, we break down the escalating U.S.-Iran conflict, the potential cyber retaliation from Iranian threat actors, and the steps SOC teams can take now to stay ahead of attacks and protect critical systems.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Open-source intelligence (OSINT) isn’t just for threat actors ... it’s a powerful advantage for SOC teams too. In this episode, we break down how publicly available data can help you uncover exposed assets, detect vulnerabilities early, and shrink your attack surface before attackers do.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!This episode of the #SOCBrief goes beyond day-to-day cybersecurity news and dives into what SOC success actually looks like from the leadership side. Andrew and CISO Jonathan Kimmitt discuss how SOC teams can communicate risk, create meaningful deliverables, use metrics effectively, and gain leadership buy-in for security decisions.From risk profiles to reporting and real-world decision making, this episode focuses on turning SOC activity into measurable organizational value. 📊Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!AI can categorize images, analyze logs, and surface patterns faster than any human ever could, but it doesn’t understand context, legality, or nuance. In this episode, we discuss how AI is transforming criminal forensics and SOC investigations while examining the ethical, legal, and operational guardrails that must stay in place. As organizations adopt more AI-driven tools, the real challenge isn’t capability ... it’s maintaining responsible human control. 💻🔍Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!No phishing. No user interaction. Just exposed services and a missing authentication check. In this episode of the #SOCBrief, we dive into the SmarterMail RCE flaw already being exploited in the wild and why mail servers continue to be prime ransomware targets. We cover indicators to hunt for, detection tips, and practical steps SOC teams can take to reduce risk fast. 🛡️Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Attackers are hiding remote access trojans (RATs) inside malicious MSI installers disguised as legit software, and it’s surging in early 2026. We break down how these phishing attacks bypass EDR, what to look for, and how SOC teams can stop them before they turn into full-blown breaches. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Romance scams spike around Valentine’s Day ... and they’re more dangerous than you think. In this episode, we break down how scammers build emotional trust, isolate victims, and turn relationships into financial and emotional traps. Learn the warning signs, the psychology behind the scams, and how to protect yourself and the people you love 💞.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!This week’s #SOCBrief covers a dangerous double-hit: a Microsoft Office security bypass and a Fortinet FortiCloud authentication flaw, both exploited in the wild. Andrew walks through what the CVEs mean, how attackers are abusing trusted tools, and the patching and hunting steps SOC teams should take immediately.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Ransomware is kicking off 2026 at full speed. We break down the top active groups right now, how they’re getting in, what infrastructure they’re targeting, and the key indicators your SOC should be watching to stay ahead. 🔐⚠️Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Insider threats don’t start with malware ... they start with access. From disgruntled employees to overlooked contractors, this episode breaks down real-world cases, common patterns, and how organizations can better protect what matters most. 🎧🛡️Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!CISA has officially retired 10 emergency directives ... marking real progress for federal cybersecurity 🚀 But for the private sector, these “old” vulnerabilities are still very much in play ⚠️ In this #SOCBrief, we break down what was retired, why it matters, and what your SOC should do next.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Kick off 2026 by hitting reset on your SOC 📊. In this episode of the #SOCBrief, we break down key January priorities, from annual security posture reviews and rule tuning to training refreshers and forward planning, so your team starts the year resilient, aligned, and ready for what’s next. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!When the threat isn’t external, it’s personal. This episode breaks down insider threats and corporate espionage: how trusted access turns into real risk, what warning signs to watch for, and how organizations can protect themselves. 🔐⚠️Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!🎙️ In this episode, CISO Jonathan Kimmitt steps in to break down the latest cybersecurity threats impacting organizations during the holiday season and beyond. From ransomware spikes during understaffed weekends to holiday-themed phishing, critical Patch Tuesday vulnerabilities, and emerging AI-powered social engineering, Kimmitt covers what security leaders need to know as we head into 2026.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this special end-of-year SOC Brief, Andrew breaks down the biggest threat-actor and ransomware trends that shaped 2025,  and what cybersecurity teams should be preparing for in 2026. From AI-powered ransomware and supply-chain attacks to the growing blur between nation-state operations and cybercrime, this episode connects the data, the patterns, and the predictions that matter most heading into the new year. ✨Tune in at secureafpodcast.com to hear what’s evolving, what’s accelerating, and where defenders have a real chance to shift the advantage before 2026 begins.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!This week’s SOC Brief dives into why the holidays are prime time for cyberattacks 🎄 from surging phishing attempts to sloppy vendor configs, alert fatigue, staffing gaps, and the seasonal spike in ransomware activity. Andrew and Dylan break down what SOCs should be watching for, how to prep, and how to stay covered even when headcount is low. Stay ahead of the threats this holiday season.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!🎉🎙️ EPISODE 100 IS LIVE! We’re celebrating 100 episodes of the Secure AF Podcast!This special edition features CEO Donovan Farrow and CISO Jonathan Kimmitt as they look back on the history of Alias Cybersecurity, the growth of this show, and the journey that brought us here. And we wouldn’t be here without you, the listeners who made this possible. 💜Additional links:Seccon information and tickets: https://seccon.com/Hacker Gift Guide: https://aliascybersecurity.com/blog/2025-ethical-hackers-holiday-gift-guide/Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!This episode dives into one of the darkest issues cybersecurity intersects with: stalking. Kimmitt and Peters discuss real cases, modern cyberstalking tactics, privacy failures, the challenges of protective orders, and what victims can do to stay safe. If you've ever wondered how digital footprints turn into real-world danger, or how to protect yourself, this episode is essential. 🛡️Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!Get an inside look at how weekly threat-intel briefings really work in a mature security program. 🔍⚡ In this special episode, vCISO Jonathan Kimmitt breaks down how raw intel turns into real risk decisions, what trends are hitting organizations right now, and how SOC teams can brief leadership in a way that actually drives action. Stay sharp, stay informed, and stay secure. 🔐Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!A new zero-day is already under active exploitation. This week’s SOC Brief breaks down the React2Shell vulnerability (CVE-2025-55182), how attackers moved within hours of disclosure, and what SOC teams need to do now to reduce exposure and stay ahead of fast-moving threats. 🔐🚨Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this #SecureAF episode, Tanner and Dylan share real-world IR stories, common attack vectors, SOC fatigue during holiday PTO, and the #1 thing every organization should do before stepping away for the season. If you’ve ever wondered why cyber incidents always seem to hit when everyone is off work, this one explains it. 🎁💻Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this episode of the #SOCBrief, we dig into how world events can trigger cyber fallout that lands directly on the desks of security teams. From ransomware crews capitalizing on instability to hacktivists launching DDoS attacks and opportunistic actors going after vulnerable sectors, we talk through why geopolitical tension often leads to increased cyber activity. We break down real patterns, recent trends, and the warnings SOCs should be paying attention to right now ... plus practical defensive steps you can take to stay ahead of emerging threats. ⚠️💻Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!📱 This #SecureAF episode covers the everyday questions and concerns people have when they think something unusual is happening with their devices or accounts. Hickman and Peters talk through typical scenarios, common misunderstandings, and the foundational steps that help people regain control of their accounts.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!This week’s #SOCBrief dives into the FortiWeb zero-day that’s letting attackers create admin accounts with a single unauthenticated HTTP request. With exploitation spiking and Fortinet pushing out a quiet fix, SOC teams are under pressure to lock down configs, audit firewalls, and patch fast. We break down what happened, who’s affected, and how to defend before attackers pivot deeper into your network.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!We’re back with the Hacker Holiday Gift Guide, and this year’s lineup is stacked with RF gadgets, Wi-Fi tools, red-team essentials, and quirky cyber gifts Tanner swears by. Whether you’re shopping for a pentester, a tinkerer, or someone who just loves breaking things (legally), these picks won’t miss. Get ready to level up your holiday shopping.Read here ➡️ https://aliascybersecurity.com/blog/2025-ethical-hackers-holiday-gift-guide/Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!A new zero-day. 63 flaws. Endless patching chaos. This week’s #SOCBrief breaks down Microsoft’s November Patch Tuesday and what it means for your SOC. We’ll cover the top critical CVEs, patching priorities, and how to keep your systems resilient before attackers strike.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!This week, we’re digging into a case where ransomware negotiators allegedly became the attackers themselves, leveraging insider access to hit organizations they were supposed to help. This one raises real questions about trust, vendor oversight, and the human element in incident response. We break down what happened and what SOC teams can take away from it.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!In this episode, we break down the real mechanics of social engineering, from phishing emails and text scams to vishing calls and full-on physical pen tests. We share stories from the field, including how attackers build trust, why confidence is often more effective than technical skill, and what happens when social engineering meets the physical world. If you’ve ever wondered how someone can just walk right in and blend into a company they don’t work for… this one’s for you. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!🎙️ A new threat is making waves ... Atroposia RAT, a remote access trojan that doesn’t just infiltrate systems but scans them for vulnerabilities to exploit further. In this episode, we break down how this modular malware operates, how it hides, and why its built-in scanner is a game-changer for attackers. Learn the detection cues, patching priorities, and defensive measures SOC teams need to stay ahead.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here!“I’m not a robot.” 🤖Hackers are exploiting fake “I’m not a robot” CAPTCHA pages to deliver malware. Host Andrew Hickman breaks down how this ClickFix attack uses social engineering to steal data and evade detection. Tune in to learn key defense tactics and how to keep your team protected.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.