In this episode, DomainTools' Daniel Schwalbe is joined by Renee Burton (Infoblox), Raymond Dijkxhoorn (Surbl), and Peter Lowe (FIRST.org) to unpack the inaugural DomainTools Intelligence Report and what it reveals about DNS-based threats in 2024. The panel digs into evolving detection challenges, the pitfalls of domain scoring, the growing complexity of threat actor behavior, and why industry collaboration continues to lag.
They explore topics like aging domains, TLD abuse, data sharing barriers, and the creative lengths bad actors go to avoid detection. Whether you're building threat intel tools or blocking domains at the edge, this conversation is a must-listen for anyone in DNS-based security.
All content for Breaking Badness is the property of DomainTools and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In this episode, DomainTools' Daniel Schwalbe is joined by Renee Burton (Infoblox), Raymond Dijkxhoorn (Surbl), and Peter Lowe (FIRST.org) to unpack the inaugural DomainTools Intelligence Report and what it reveals about DNS-based threats in 2024. The panel digs into evolving detection challenges, the pitfalls of domain scoring, the growing complexity of threat actor behavior, and why industry collaboration continues to lag.
They explore topics like aging domains, TLD abuse, data sharing barriers, and the creative lengths bad actors go to avoid detection. Whether you're building threat intel tools or blocking domains at the edge, this conversation is a must-listen for anyone in DNS-based security.
Inside Ransomware’s Supply Chain: Attribution, Rebrands, and Affiliate Betrayal
Breaking Badness
44 minutes 47 seconds
5 months ago
Inside Ransomware’s Supply Chain: Attribution, Rebrands, and Affiliate Betrayal
In this RSA Conference 2025 special episode, we explore two critical frontiers shaping the
future of cybersecurity.
First, Jon DiMaggio (Author of The Ransomware Diaries, Analyst1) breaks down the hidden
supply chains behind ransomware gangs, including the economics of affiliate betrayal and the
challenge of accurate attribution. He walks us through his methodology for identifying
ransomware rebrands like BlackCat and RansomHub using evidence-based frameworks
designed to eliminate human bias.
Then we’re joined by Matt Radolec (VP of Incident Response at Varonis), who brings a fresh
perspective on talent development in cybersecurity. Drawing from his keynote "From Gamer to
Leader", Matt argues that gamers possess untapped potential as cybersecurity professionals
and it’s time to design leadership pipelines like quest lines.
From ransomware negotiations on underground forums to using AI-enhanced playbooks and
transforming threat response teams into RPG-style guilds, this episode blends technical insight
with cultural reflection.
Breaking Badness
In this episode, DomainTools' Daniel Schwalbe is joined by Renee Burton (Infoblox), Raymond Dijkxhoorn (Surbl), and Peter Lowe (FIRST.org) to unpack the inaugural DomainTools Intelligence Report and what it reveals about DNS-based threats in 2024. The panel digs into evolving detection challenges, the pitfalls of domain scoring, the growing complexity of threat actor behavior, and why industry collaboration continues to lag.
They explore topics like aging domains, TLD abuse, data sharing barriers, and the creative lengths bad actors go to avoid detection. Whether you're building threat intel tools or blocking domains at the edge, this conversation is a must-listen for anyone in DNS-based security.
