Got a question or comment? Message us here! “I’m not a robot.” 🤖 Hackers are exploiting fake “I’m not a robot” CAPTCHA pages to deliver malware. Host Andrew Hickman breaks down how this ClickFix attack uses social engineering to steal data and evade detection. Tune in to learn key defense tactics and how to keep your team protected. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! This week on the #SOCBrief, Andrew breaks down RondoDox, a rapidly growing botnet campaign taking aim at routers, DVRs, and IoT devices worldwide. With over 50 vulnerabilities across 30+ vendors, this “shotgun” exploitation strategy is fueling massive DDoS and crypto-mining attacks. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! In this week’s #SOCBrief, Hickman and Peters break down Obscura ... a new ransomware variant making waves with aggressive evasion tactics, process terminations, and domain controller targeting. We cover what’s known so far, the risks it poses to businesses, and the key defenses every SOC should prioritize. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! What’s the real difference between a penetration test and a red team engagement, and how can each benefit your SOC? In this episode, Andrew is joined by Tanner, to unpack how pentests uncover vulnerabilities, how red teams stress-test defenders, and why every organization should be leveraging these exercises. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! This week on #SecureAFPodcast, we’re recapping #SECCON 2025. From the keynote to the villages and everything in between, join us for a look back at the highlights, takeaways, and community moments that made this year’s conference our best yet. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! Ransomware is evolving faster than ever, from double extortion tactics to lightning-fast attack chains. In this episode, we break down how these threats work, why every organization is a target, and the layered defenses SOCs can use to detect and stop attacks early. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! In this episode of The #SOCBrief, we break down the rising FileFix attack, a new social engineering technique using steganography to deliver info-stealing malware. Learn how attackers disguise malicious PowerShell commands, the risks this poses for browsers, messengers, and crypto wallets, and the proactive defenses SOCs can use to detect and contain these threats before they escalate into larger breaches. Support the show Watch full episodes at you...

Got a question or comment? Message us here! 🔎 This episode of The #SOCBrief dives into the world of dark web monitoring in digital forensics and incident response. Learn why leaked credentials are a top threat, how to safely detect exposures, and what steps SOC teams can take to stay proactive. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! 💡 This week on The SOC Brief, we’re breaking down incident response (IR) ... why it’s essential, how to build a strong plan, and what SOC teams can do to turn chaos into control. From preparation and containment to recovery and lessons learned, learn how a solid IR strategy saves time, money, and reputation. 👉 Tune in now at secureafpodcast.com Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, S...

Got a question or comment? Message us here! Fresh off the chaos of DEF CON 33, Tanner, Hickman, and Will break down the four-day hacker conference, from the eye-opening hacker villages and mind-bending talks to Hickman’s clutch CTF victory and Will’s bold dive into the Social Engineering Community’s Vishing Competition. No sleep, all signal. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! In this episode, we break down the emerging Crypto24 ransomware attacks that use living-off-the-land techniques to bypass EDR. We’ll explore how these attacks unfold and the defensive strategies SOCs and organizations can use, like layered security, enhanced monitoring, and rapid response, to stay ahead of evolving threats. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get...

Got a question or comment? Message us here! This week, we’re unpacking the phishing wave hitting SaaS platforms ... from social engineering to OAuth abuse and AI voice spoofing. Learn why people remain the #1 attack vector and how to stay one step ahead. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! On this episode of the #SOCBrief, we break down attacks on SonicWall firewalls. A wave of ransomware, possibly exploiting zero-day vulnerabilities, is compromising even fully patched systems. Learn how SOCs can respond fast and stay ahead. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! This week’s SOC Brief unpacks how a misconfigured cloud bucket exposed 72,000+ user images from the Tea app, complete with geolocation metadata and real IDs. From national security risks to doxxing fallout, we break down what went wrong and what your security team must do to avoid the same mistakes. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Got a question or comment? Message us here! A critical zero-day (CVE-2025-53770) is actively targeting on-premises SharePoint servers AND it’s already been used to compromise over 100 organizations. In this #SOCBrief, Andrew and Tanner break down how the exploit works and what steps your team should take now. If your SharePoint instance is public-facing and unpatched ... assume compromise. 🎧 Tune in for insights, mitigation tips, and what to look for in your logs. Links: https://m...

Got a question or comment? Message us here! In this week’s #SOCBrief, we break down why offboarding policies are ABSOLUTELY critical for security teams. Overlooked items from abandoned accounts to old VPN access can leave backdoors wide open. Learn how SOCs monitor, contain, and shut down lingering access, and why communication between HR, IT, and cybersecurity is essential. 🎙️ Tune in. secureafpodcast.com Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Appl...

Got a question or comment? Message us here! 🎙️ NEW! Aligned by Design: CISO x Legal Introducing! A fresh new series that explores the intersection of cybersecurity and legal strategy. Join Alias CISO Jonathan Kimmitt and privacy attorney Tom Vincent as they unpack what happens when technology, compliance, risk, and law collide. From real-world experiences to the nuances of the term "breach", these two break down the how, why, and what now? behind every security decision and legal gray a...

Got a question or comment? Message us here! Hackers just unleashed the largest DDoS attack in history, peaking at 7.3 Tbps and 4.8 billion packets per second. In just 45 seconds, it pummeled its target with the data equivalent of over 9,000 HD movies, a powerful reminder of how far attack capabilities have evolved. 🎧 Tune in to today’s SOC Brief for insights on DDoS attacks and how to up your defenses. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Po...

Got a question or comment? Message us here! In this episode of The SOC Brief, the team unpacks a critical zero-day vulnerability in Google Chrome (CVE-2025-6554) that’s being actively exploited. Learn how attackers use type confusion bugs to hijack browser memory, what makes this exploit so dangerous, and why it’s targeting high-value organizations. Discover actionable steps for updating Chrome, securing endpoints, and training users to spot phishing attempts before they lead to compromise. 🎧...

Got a question or comment? Message us here! In this episode, our security engineers break down the latest cybersecurity headlines, from the real scoop behind the “16 billion password” leak to the rise of hacker groups like Scattered Spider. 🕷️ We discuss how attackers bypass MFA, why exploited data keeps resurfacing, and what organizations can do to protect sensitive data. Plus, we dive into industrial control system risks and why basic cybersecurity hygiene matters more than ever. 🛡️ Suppor...