In this episode of Breaking Badness, we welcome back Tanya Janca, aka SheHacksPurple, to discuss her latest book, Alice and Bob Learn Secure Coding. Tanya dives deep into the fundamental principles of secure software development, the psychology behind developer incentives, and the often-overlooked importance of zero trust security.…

In this episode of Breaking Badness, we analyze two fascinating cybersecurity incidents that expose both corporate misconfigurations and hacker missteps. Security researcher Philippe Caturegli discovered a typo in MasterCard’s DNS records, which left the company open to traffic hijacking and data exposure. This long-overlooked flaw, dating back yea…

In this episode of Breaking Badness, Tricia Howard of Akamai joins Kali Fencl and Ian Campbell to dive deep into the intersection of gaming culture, mental health, and cybersecurity. Tricia shares her journey from theater arts to cybersecurity research, her love for gaming, and her experiences tackling emotional toxicity in digital spaces. The epis…

In this episode of Breaking Badness, we dive into the cybersecurity headlines making waves in 2025. We discuss the U.S. Treasury breach, allegedly orchestrated by Chinese hackers using third-party access. Learn about how lingering chat histories can expose sensitive data and the importance of digital spring cleaning.…

In this episode of Breaking Badness, we sit down with Tanya Janca, aka SheHacksPurple, a cybersecurity educator, and author of the best-selling book Alice and Bob Learn Application Security. Tanya shares her journey from software developer to AppSec expert, dives into the unique challenges of teaching secure coding, and discusses the impact of cybe…

Welcome to this special episode of the Breaking Badness Cybersecurity Podcast! We’re turning the spotlight on the books that have shaped the world of cybersecurity and inspired professionals in the field. As part of our ongoing book club series, this episode is a journey into storytelling, research, and the unique perspectives that make cybersecuri…

In this special episode of Breaking Badness, we wrap up 2024 with a countdown of the top episodes, puns, and cybersecurity moments that defined the year. From the hoodiest hacks to the goodiest wins, Kali, Tim, and Taylor reflect on critical insights, industry-changing events, and listener favorites. Tune in for discussions about evolving OT securi…

In this special 2025 Predictions episode of Breaking Badness, host Kali Fencl joins cybersecurity experts Sean McNee, Tim Helming, and Daniel Schwalbe to discuss the future of cyber threats and defense. From ransomware evolution and AI-powered attacks to quantum computing and “synthetic identity fraud,” the group compares their insights with predic…

In this episode of Breaking Badness, we dive into two fascinating stories shaping the cybersecurity landscape. First, we unpack the case of Gabriel Koo and his surprising acquisition of the domain us-east-1.com, a domain closely tied to AWS’s naming conventions. What insights can this seemingly simple purchase reveal about DNS misconfigurations and…

In this episode of Breaking Badness, we delve into the cybersecurity trends shaping the holiday season. We unpack the 60% surge in scam domain registrations targeting holiday shoppers, discuss the tactics of TAG-112, a Chinese state-sponsored threat group, and analyze their use of compromised websites to deliver Cobalt Strike malware. Plus, we shar…

In this episode of Breaking Badness, we dive into the critical challenges and innovations in healthcare cybersecurity with Ken Zalevsky, CEO of Vigilant Ops. From the vulnerabilities in medical devices to the revolutionary role of Software Bill of Materials (SBOMs), Ken shares his two decades of expertise in safeguarding patient safety and hospital…

In this episode of Breaking Badness, we explore two fascinating cybersecurity stories. First, we delve into the unusual case of an ex-Disney employee who hacked menu systems, creating chaos in the happiest place on Earth. Next, we discuss Sophos' five-year-long battle with a determined group of attackers targeting their firewalls. Tune in as we bre…

In this episode of the Breaking Badness Cybersecurity Podcast, Jason Haddix dives into his unique journey from red teaming and pentesting to leading security teams as a CISO in high-profile organizations, including a top gaming company. Jason unpacks the distinct challenges of securing a gaming company, where risks come not only from state actors b…

In this week’s episode of Breaking Badness, we dive deep into two major cybersecurity stories that are shaping today’s landscape. First, we explore the alarming capabilities of Locate X, a powerful smartphone tracking tool used by U.S. law enforcement without a warrant. How does it work, what are the privacy implications, and what can individuals d…

Join Kali Fencl as she dives deep into a conversation with cybersecurity veteran The Gibson. With 25+ years in InfoSec, The Gibson shares his journey from coding as a child to shaping threat intelligence and privacy-first technology today. In this episode, they discuss hacker ethics, the influential hacker groups Loft and Cult of the Dead Cow, the …

In this episode of Breaking Badness, Kali, Tim, and Taylor discuss two major stories shaking up the cybersecurity world. First, a researcher has discovered how attackers are exploiting Whois data to grant themselves unprecedented superpowers in the digital space. Second, the Internet Archive suffers a breach possibly exposing 31 million accounts, r…

In this episode of Breaking Badness, we dive deep into the evolving world of Endpoint Detection and Response (EDR) and its critical role in modern cybersecurity. With threats advancing and the sheer volume of endpoint data skyrocketing, AI and deep learning are becoming gamechangers in threat detection and prevention. Join us as Carl Froggett, CIO …

In this episode of Breaking Badness, we dive deep into the critical world of API security and governance, uncovering key strategies to keep data safe in today’s threat landscape. Special guests Matthias Friedlingsdorf (iVerify), Tristan Kalos (ESCAPE), and Aqsa Taylor (Gutsy) join the conversation to share their experiences with detecting advanced …

In this episode of Breaking Badness, we dive into the rapidly evolving world of cybersecurity with three industry leaders: Raymond Dijkxhoorn, CEO of SURBL; Nabil Hannan, Field CISO atNetSPI; and Jason Mar-Tang, Field CISO at Pentera. They explore the critical role of domain reputation in combating phishing and spam, how AI is reshaping both offens…

In this special Black Hat edition of Breaking Badness, Part 2 of a 5 Part Series, we dive deep into the world of vulnerability management, cyber resilience, and supply chain security. Our expert guests—Jacob Graves, Director of Solution Architecture at Gutsy, Theresa Lanowitz, Chief Evangelist at Level Blue, Pukar Hamal, CEO at SecurityPal, and Vin…

In this special Black Hat edition of the Breaking Badness Cybersecurity Podcast, Part 1 of a 5 Part Series, we dive deepinto how artificial intelligence is transforming the cybersecurity landscape. Our guests—Mark Wojtasiak (VP of Product at Vectra AI), Carl Froggett (CIO at Deep Instinct), Dan Fernandez(Staff Product Manager at Chainguard), and Ma…

In this special research edition of Breaking Badness, hosts Kali Fencl, Tim Helming, Sean McNee, and guest Sasha Angus from Sylla Intel dive deep into the world of cybercriminal campaigns targeting retailers. They explore how bad actors exploit the growing threatlandscape, discussing specific fraud tactics, infrastructure reuse, and ways organizati…

Kali Fencl and Daniel Schwalbe sat down with Lesley Carhart, aseasoned incident responder specializing in Operational Technology (OT) cybersecurity at Dragos, in person at BlackHat USA 2024. Lesley shares their journey, from their uniquebackground in avionics and electronics to becoming a leading expert in the field. We explore the evolving landsca…

Kali Fencl, Daniel Schwalbe, and Tim Helming discuss Brian Krebs’ article on namespace collisions and the risks associated with new generic TLDs (gTLDs) along with facial recognition and privacy concerns at major sporting events저자 DomainTools

Kali Fencl, Daniel Schwalbe, and Malachi Walker discuss all things Hacker Summer Camp. What sessions were their favorites? How did they beat the heat? Listen to the episode and find out!저자 DomainTools

This week we compromised domains targeting DeFi protocols along with the JFrog research team's findings regarding a leaked access token with admin access to Python repositories저자 DomainTools

We're thrilled Tanya Janca (aka SheHacksPurple) joined us this week on the podcast! She and Kali Fencl discuss secure guardrails, Semgrep Academy, the process of writing two books, gardening, and so much more.저자 DomainTools

In this episode of the Breaking Badness Cybersecurity Podcast, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vulnerabilities impacting your phone's 5G connection along with the new owner of the popular Polyfill JS project injecting malware into more than 100,000 sites.저자 DomainTools

Jake Bernardes, Field CISO of Anecdotes, joins the Breaking Badness Cybersecurity Podcast in this week’s episode! We’re sharing Jake’s background and path within infosec along with what’s intriguing him about the industry currently, how conferences and in-person events can still play a role in community involvement, and we’ll touch briefly on Ameri…

This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss vishing attacks against CISA along with a threat campaign targeting Snowflake customer database instances.저자 DomainTools

It is the final episode of our mini-series from RSAC 2024! Join Kali as she speaks with Aqsa Taylor, Director of Product Management at Gutsy! They'll discuss Aqsa's path to infosec, the importance of governance strategy and how to achieve a cleaner security posture, women in cybersecurity, and how to break into the field.…

It's the penultimate episode of our RSAC mini series! We're speaking with Zack Schuler of NINJIO in the first half of the episode and in the second, we speak with Lawrence Gentilello of Optery.저자 DomainTools

We're halfway through our RSAC mini series! We're speaking with Joe Slowik of MITRE in the first half of the episode and in the second, Kali is joined by Daniel Schwalbe to speak with David Goldschlag of Aembit.저자 DomainTools

In our second iteration of our mini-series, we'll speak with Ben April of Maltego and Allan Liska of Recorded Future. We'll cover topics such as AI, the LockBit ransomware gang, cybersecurity comic books, and more!저자 DomainTools

In our first episode of our mini-series, we'll speak with Jori VanAntwerp of EmberOT and Steve Stone of Rubrik Zero Labs. We'll cover topics like IT and operational technology and how ransomware is impacting the healthcare space.저자 DomainTools

We're back on the road at RSA 2024 talking with thought leaders in the infosecurity space! Be sure to check in weekly as we share nine interviews with folks from Recorded Future, Gutsy, Maltego, Aembit, MITRE, EmberOT, Optery, Rubrik, and NINJIO.저자 DomainTools

This week on the Breaking Badness Cybersecurity podcast, Kali Fencl is joined by CEO of DomainTools, Tim Chen, and Executive Chairman of the Silverado Policy Accelerator and co-founder of CrowdStrike, Dmitri Alperovitch to discuss his book, “World on the Brink: How America Can Beat China in the Race for the 21st Century.”…

In this edition of Voices from Infosec, we're talking with Founder and CEO of Zatik Security, Kymberlee Price! We'll cover her path to infosec, the origins of her organization and its goals, and her passions outside of the industry.저자 DomainTools

This week Kali Fencl, Tim Helming, and Ian Campbell discuss mercenary spyware attacks along with the US, Philippines, and Japan entering into a cyber intel sharing alliance.저자 DomainTools

Kali Fencl, Tim Helming, and Ian Campbell discuss spoofed domains and the American Girl brand along with @Proofpoint’s findings regarding distribution of malware on YouTube.저자 DomainTools

Episode 185 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss Brian Krebs’ article on thread hijacking along with the latest alert from CISA that affects XZ Utils.저자 DomainTools

This week Kali Fencl, Tim Helming, and Austin Northcutt discuss threat actors using DDP sites for phishing, credential harvesting, and more along with Wired’s reporting of how researchers discovered how to open 3 million hotel keycard locks저자 DomainTools

Episode 183 of Breaking Badness is here! This week Kali Fencl, Ian Campbell, and Austin Northcutt do a deep dive on the AlphV/BlackCat ransomware gang.저자 DomainTools

Episode 182 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss Palo Alto’s latest findings on Bifrost along with the rise of laid off tech workers turning to cybercrime.저자 DomainTools

Episode 181 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss CISA’s caution against a hacked VPN getaway along with Guardio Security’s discovery of a large subdomain hacking campaign.저자 DomainTools

This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss China’s involvement with I-Soon along with DNSSEC and the #KeyTrap vulnerability저자 DomainTools

Episode 179 of Breaking Badness is here! This week Kali Fencl, Kelly Molloy, and Ian Campbell discuss Cory Doctorow’s recent blog post about his experience getting scammed along with the decade-long issue of email sent to .ml addresses rather than .mil ones.저자 DomainTools

Episode 178 of Breaking Badness is here! This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the US disabling of Volt Typhoon along with AnyDesk’s recent cyberattack.저자 DomainTools

In the latest episode of Breaking Badness, Kali Fencl, Austin Northcutt, and Yelisey Bohuslavskiy discuss a string of mortgage brokers who have been hit with ransomware over the past several months. What are the targeting patterns? Who are the victims?저자 DomainTools

This week on the Breaking Badness podcast, Allan Liska and Jon DiMaggio join Kali Fencl to discuss Jon’s book, The Art of Cyberwarfare, along with other favorite cybersecurity picks!저자 DomainTools