Welcome to Cyber Pulse episode 15!

Our guest this episode is Simon Hartley. Simon is a Cybersecurity Practice Lead at IBM Consulting. He specializes in product security, connected vehicles, and automotive security. He supports clients in cybersecurity, quantum safety, and AI, delivering compelling products with trust, safety, and security. He is an advisor to the SAE and contributor to their cybersecurity books.

Previously, he worked with Quantinuum to quantum harden US critical infrastructure. He successfully introduced a mobile security platform with CIS Mobile after working with Apple and Samsung to harden their platforms for US Government needs. Simon was a co-founder of automotive startup RunSafe Security, VP at startup Kaprica Security, and held executive roles with HP, Red Hat, and Capgemini. He is a CISSP, with a BS in Physics, MS in Law & Cybersecurity, MBA, and a Purdue doctoral candidate in cybersecurity.

In this episode we talk about Simon's journey in cyber, automotive security issues and solutions, quantum computing timelines and its potential effects on critical infrastructure, mobile security and government hardening, and get some advice for those looking to get into the field.

In our News Pulse, we look at EDR-Freeze: New Attack Technique Puts Security Software Into a Coma.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 14!

Welcome back to Cyber Pulse. Today we're diving deep into one of the most fascinating cybersecurity incidents of 2025 – a threat actor installed Huntress EDR on their own attack infrastructure.

In this episode we talk about EDR, cyber-criminals, what was revealed, attacker research, AI use in cyber attacks, and how we can better defend going forward
:
- Huntress Blog: "Rare Look Inside Attacker Operation"
- Infosecurity Magazine: "Threat Actor Accidentally Exposes AI-Powered Operations"
- Technical Tools Mentioned:▪ Huntress EDR Platform
- Censys (censys.io)
- Evilginx Framework
- ROADtools Token eXchange
- Make.com Automation Platform
- LunaProxy/Nstbrowser Residential Proxies

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 13!

Welcome to a special episode of Cyber Pulse. Today we don't have a guest for you - instead we are focusing on the Tea Dating app leak. We'll discuss what happened, why it was uniquely bad, and what you can do to protect yourself going forward. Let's get started!

In this episode we talk about data privacy, the Forensic Aspects of the Tea leak, User Impact & Legal Fallout, Implications for Other Apps, What Tea Did Right (and Wrong), What Was Exposed, Why the Tea Leak is Unique, How to Protect Yourself Going Forward

Sources used: Hackread, Digital Watch Observatory, Security Affairs, FOX 7 Austin, CPO Magazine, Security Affairs, The New Yorker, The Washington Post

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 12!

Our guest this episode is Dr. Kim Wuyts. Dr. Wuyts is a leading privacy engineer with over 15 years of experience in security and privacy. Her mission is to raise privacy awareness and get organizations to embrace privacy engineering best practices. She is a guest lecturer, experienced speaker, and invited keynote at international privacy and security conferences such as RSA, OWASP Global AppSec, Troopers, CPDP, and IAPP DPC. In the last few years, Kim has been delivering privacy awareness and privacy threat modeling training at many events, including academic guest lectures and internal company training. Kim is also a co-author of the Threat Modeling Manifesto, program co-chair of the International Workshop on Privacy Engineering (IWPE), and a member of ENISA's working group on Data Protection Engineering.

In this episode we talk about Privacy, threat modeling, the LINDDUN privacy threat modeling framework, the differences between privacy and security, GDPR, and the future of privacy threat modeling

In our news Pulse we look at the latest from Salt Typhoon's nine month breach of the US National Guard systems.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

It's Pride Month, and in this episode of Cyber Pulse, we reach halfway around the globe to interview the amazing Lesley Carhart. They are a US Air Force veteran, DEFCON Hacker of the Year, and currently Director of Incident Response for North America at the industrial cybersecurity company Dragos, Inc., leading response to and proactively hunting for threats in customers’ ICS environments.

They share how they got started, the critical differences in Incident Response in OT environments from typical IT environments, how to avoid common mistakes when working with ICS, some guidance on how to break into the field, and why they had to move to Australia.

Topics discussed: Digital Forensics and Incident Response (DFIR), DFIR in Industrial Control Systems (ICS) and Operational Technology (OT) environments, key Incident Response differences between IT and OT environments, getting into ICS/OT

In our News Pulse, Godfather malware is using virtualization to steal data from legit banking apps.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html
Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

In this episode of Cyber Pulse, we team up with #CyberChats' host Kennedy Taylor to interview Tennisha Martin, Founder and Executive Director of BlackGirlsHack, a nonprofit that's opening pathways into cybersecurity for Black women and girls across the country. With a background in electrical and computer engineering from Carnegie Mellon and over 15 years of experience in government consulting, Tennisha brings both technical expertise and a deep commitment to equity in tech.

She shares what inspired her to create BlackGirlsHack, how the organization is helping to bridge access gaps, and why building diverse cyber talent pipelines is critical to the future of the field. We also explore her work as a mentor, ethical hacking advocate, and educator — and why representation matters from entry-level to the executive suite.

Whether you're breaking into cyber, mentoring others, or rethinking what inclusive leadership looks like, this conversation offers practical insight and powerful inspiration.

Topics discussed: cybersecurity education, cybersecurity, diversity, opportunity, cyber kids, cyber careers

In our news Pulse, Microsoft's Recall app is back, and why this is bad for your privacy and security.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 9!

Our guest this episode is Laura Bell Main, a global leader in developing secure software, and experienced keynote and conference speaker, presenting at BlackHat USA, RenderATL, and leading international software development and cyber security conferences. With over twenty years of experience in software development and cyber security, she is the co-author of "Agile Application Security" (O’Reilly Media)  and "Security for Everyone" (Holloway). Her work has been featured in many international publications, including  WIRED and MIT Tech Review. As the CEO of SafeStack, a leading secure development education platform, she helps software development leaders worldwide engage their entire team in building secure software.

In this episode we talk about how Laura Bell Main got started in AppSec, the beautiful chaos of software, the biggest challenge in app sec, balancing security with the need for rapid software development, the most common security mistakes developers make, helping engineering teams understand the risks they pose, practical ways organizations can improve their secure development practices, one security principle every developer should follow, emerging trends in AppSec, and the skills the next generation of security professionals should be focusing on.

In our news Pulse, DaVita, a major U.S. kidney dialysis provider, has confirmed a ransomware attack that hit parts of its network over the weekend, potentially disrupting operations.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 8!

Our guest this episode is Chloé Messdaghi, a recognized expert in Responsible AI and cybersecurity, focused on creating secure, ethical, and transparent AI systems. She collaborates with companies, governments, and NGOs to advocate for stronger cybersecurity and Responsible AI policies, and has advised on key legislation, including work with the White House. Named a Power Player by Business Insider and SC Media, Chloé is a respected speaker and thought leader dedicated to advancing technology and social progress.

In this episode we talk about AI transparency, minimizing bias, data and privacy concerns, the moral and ethical dilemmas and security risks of AI, overreliance on AI, and the challenges of being a woman in the male-dominated tech field.

In our news Pulse, we celebrate Women's History Month by shining a spotlight on the incredible women shaping technology and cybersecurity, and organizations like Girls Who Code, Women in Cybersecurity (WiCyS), and the Cybersecurity and Infrastructure Security Agency (CISA) are creating opportunities to close the gender gap.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 7!

Our guest this episode is John Hammond, cybersecurity researcher, educator and content creator. As part of the Adversary Tactics team at Huntress, John spends his days analyzing malware and making hackers earn their access. He has developed training material and information security challenges for events such as PicoCTF and competitions at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the US Naval Academy, and other online events including the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality showcasing programming tutorials, CTF video walk-throughs and other cyber security content.

In this episode, we talk about threat actors moving away from malware, how to stay aware of the threat landscape, skills to focus on for career growth, the benefits of justhacking.com and other training sites, why you need soft skills in technical jobs, living off the land, getting into content creation, which are the best security conferences, and how we can increase awareness for those not in the field.

In our news Pulse, we celebrate Black History Month by recognizing the invaluable contributions of African Americans to the fields of information technology and cybersecurity, naming just a few of the people who have not only advanced technology but have also been instrumental in creating a safer and more secure digital world.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 6!

Our guest this episode is Tanya Janca, best-selling author of ‘Alice and Bob Learn Application Security,’ Head of Community and Education at Semgrep, and founder of We Hack Purple, an online learning academy, community, and podcast that revolved around teaching everyone to create secure software.

In this episode we talk about Tanya's new book 'Alice and Bob Learn Secure Coding.' This book covers multiple learning styles for every topic and can take you from Novice to Expert. Learn the top coding mistakes and how to avoid them, the importance of secure coding when cyber-crime is in the billions annually, some secure coding misconceptions, and why SOC and GRC need to understand secure coding. All of this brought to you with humor, insight, and real world examples in 10 coding languages and eight frameworks.

In our news Pulse, a new hacking group known as the "Belsen Group" has leaked the data from over 15,000 FortiGate devices onto the dark web - configuration files, IP addresses, digital certificates, and VPN credentials.

Topics discussed: Importance of Secure Coding, Polymorphism, Top Coding Mistakes, Secure Coding Misconceptions, SOC and GRC and Secure Coding

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html
Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 4!

Our guest this episode is Tim Medin, CEO of Red Siege Information Security. Tim is also a Senior Instructor and course author (SEC560) at SANS. Tim has gained information security experience in a variety of industries including previous positions in control systems, higher education, financial services, and manufacturing. Tim is the creator of the Kerberoasting, a widely utilized Red Team penetration test technique to extract Kerberos tickets.

We talk about what penetration testing is, why it's important to business, how to fail faster to be better, how you can get started in the field, and hear some stories from Tim's past.

In our News Pulse, how hackers are using corrupted Word documents to evade security.

Topics discussed: penetration testing, kerberoasting, hacking, company security, getting into the field.

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse Special Holiday episode!

Our guest this episode is Kennedy Taylor, the amazing host of #CyberChats. She is experienced in Governance Risk and Compliance (GRC), Information Risk Management (IRM), and Cybersecurity Supply Chain Risk Management, with a Master's from Georgetown University.

We talk about simple things everyone can do to make their online holiday shopping and regular shopping safer, more secure, and make themselves less vulnerable.

Topics discussed: Stick to Trusted Retailers, Use Secure Payment Methods, Watch Out for Too-Good-to-Be-True Deals, Be Cautious with Public Wi-Fi, Enable Two-Factor Authentication, Use Strong, Unique Passwords, Be Wary of Email Phishing Scams, Monitor Your Accounts, Avoid Excessive Sharing of Personal Info, Keep your Device Updated

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse episode 3!

Our guest this episode is Tanya Janca, best-selling author of ‘Alice and Bob Learn Application Security,’ Head of Community and Education at Semgrep, and founder of We Hack Purple, an online learning academy, community, and podcast that revolved around teaching everyone to create secure software.

We talk about application security (app sec), what it is, why it's important, and how to use it to keep evil hackers from doing unintended things with your software. Also, how you can develop your skills in app sec and secure coding. During the show, we bring up a Netflix movie on the Ashley Madison hack; it's title is "Ashley Madison: Sex, Lies & Scandal."

In our News Pulse, we talk about threat actors using a new ZIP file concatenation attack to deliver malware to Windows systems without being detected.

Topics discussed: Application Security (app sec), Secure Coding, Web Application Security, Common Security Issues, ZIP file concatenation attack

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Welcome to Cyber Pulse!

Our guest this episode is Robert Lee, CEO and co-founder of Dragos. We discuss the importance of Operational Technology, Industrial Control Systems, and Supervisory Control and Data Acquisition systems in our cyber world. What is OT/ ICS? Why is OT and ICS important to modern society? How is security for these systems different? Have there been any major attacks on industrial systems?

Also in this episode, GoldenJackal's malware toolset for infecting air-gapped systems.

Topics discussed: Operational Technology (OT), Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), IT vs OT, Infrastructure attacks, OT/ ICS security, GoldenJackal APT

Never miss an episode by signing up for our podcast newsletter at: https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at: https://cryptologicfoundation.org/community/cyberpulse-questions-suggestions.html

Hello, and welcome to our kick-off episode of Cyber Pulse!

Welcome to Cyber Pulse, the latest podcast from the creators of CyberChats, brought to you by the National Cryptologic Foundation. If you're passionate about cybersecurity, intrigued by the evolving landscape of cyber threats, or simply want to stay ahead of the curve in this fast-paced digital world, you're in the right place.

Cyber Pulse is more than just a podcast—it's your go-to source for deep dives into the most pressing issues in cybersecurity today. We’re here to pulse-check the heartbeat of the cyber world, delivering expert insights, thought-provoking discussions, addressing both the technical and ethical challenges of cybersecurity, and giving you actionable takeaways that you can apply directly to your work and life.

Each episode will bring you candid conversations with leading voices in the cyber community, from industry innovators and government officials to top academics and frontline cybersecurity professionals. We’ll explore the challenges that keep them up at night and the strategies they’re using to safeguard our digital future.

Topics discussed: Cyber Pulse launch

Never miss an episode by signing up for our podcast newsletter at:
https://cryptologicfoundation.org/community/cyberpulse-subscribe.html

Send us your questions and episode suggestions at:
https://cryptologicfoundation.org/community/cyberpulse-podcast.html