00:00 Intro

01:40 Iran's Internet blackout

48:06 U.S. Weighs Expanding Private Companies’ Role in Cyberwarfare

57:35 Aligning cybersecurity programs to frameworks

There's an internet blackout in Iran. How are videos and images getting out? During Iran’s nationwide internet blackout imposed amid widespread anti-government protests, some citizens have been using Elon Musk’s Starlink satellite service to bypass state-controlled communication blackouts and share information with the outside world despite government efforts to restrict or jam such access.

Lawmakers to Restart Efforts to Revive Lapsed Cyber Intel Bill. U.S. lawmakers are preparing to revive and reauthorize the lapsed Cybersecurity Information Sharing Act, a key bill that facilitates sharing of cyber threat intelligence between the federal government and the private sector, with bipartisan momentum to include it in broader funding legislation as concerns grow about rising cyber threats and gaps left by the law’s expiration.

U.S. Weighs Expanding Private Companies’ Role in Cyberwarfare. The U.S. administration is considering a significant shift in cyber strategy that would allow private companies, beyond their current contractor roles, to directly participate in offensive cyber operations against foreign adversaries—a move that would require new legal authorities and raises legal, ethical and oversight concerns.

Should Our Security Controls Be More Like North Korea or Norway? Security programs work better when they resemble Norway’s balanced, trust-based model rather than North Korea’s heavy-handed, surveillance-first approach.

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Cloudy Outlook for Cyber Jobs as AI Fills Security Gaps. Cybersecurity hiring growth slowed to 7% in 2025 amid flat budgets and economic uncertainty, with firms shifting spend toward AI automation over expanding teams.

Coupang, Inc. (CPNG) Class Period Expanded in Pending Investor Securities Lawsuit - Hagens Berman. Hagens Berman expanded a securities class action against Coupang over alleged cybersecurity misstatements after massive data breach disclosures and losses.

Jaguar Land Rover wholesale volumes down 43% after cyberattack. Jaguar Land Rover’s September 2025 cyberattack cut Q3 wholesale volumes 43%, disrupted production, cost £196 million, and triggered UK government intervention.

Security Chiefs Plan New Uses for AI in 2026. Security leaders say AI sharply improved their defenses in 2025 and they plan to expand its use in 2026 for tasks like spotting vulnerabilities and automating identity checks.

Acting CISA director failed a polygraph. Career staff are now under investigation. CISA’s acting director failed a polygraph, triggering a DHS investigation and suspension of multiple career staff accused of misleading leadership.

Possible instances of SOC 2 Fraud. A whistleblower exposed an alleged SOC 2 fraud scheme where automation platforms and audit firms rubber-stamped fake compliance reports at scale.

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

Nation Cyber Strategy Forthcoming The Trump administration is preparing a new national cyber strategy that increasingly relies on private companies to conduct offensive cyber operations on behalf of the U.S. government.

Kirsten Davies Confirmed as Pentagon CIO The U.S. Senate confirmed Kirsten Davies as the Department of Defense’s Chief Information Officer, placing her in charge of modernizing and securing the Pentagon’s vast IT infrastructure.

North Korean IT Worker Caught Inside Amazon A North Korean operative was discovered working remotely in Amazon’s IT department after analysts flagged suspicious keystroke latency suggesting the employee was operating from overseas.

Australia Bans Social Media for Children Under 16 Australia passed a landmark law banning children under 16 from social media platforms, reigniting global debate over age verification, surveillance, and online privacy.

Venezuela Blames Cyberattack on the U.S. After Tanker Seizure Venezuela’s state oil company accused the United States of launching a cyberattack following tanker seizures, with disruptions severe enough that the company’s main website remains offline.

Microsoft Overhauls Bug Bounty Program Microsoft revamped its bug bounty program to make all vulnerabilities “in scope by default,” addressing long-standing complaints from security researchers about unclear reward boundaries.

Kevin Mandia Launches Armadin Former Mandiant CEO Kevin Mandia unveiled Armadin, a startup offering AI-powered red-teaming services designed to stress-test AI systems against emerging threats.

Microsoft Finally Kills a Long-Broken Cipher. Microsoft announced it will disable an obsolete cryptographic cipher that has been exploited for decades, closing a long-standing security hole across Windows systems.

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro

02:33 Shai Hulud 2.0

17:12 Max severity React vulnerability

29:23 CrowdStrike catches insider feeding information to hackers

46:24 Anthropic disruptes AI-orchestrated cyber campaign

52:35 Uncertain economy takes effect on cyber teams

Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact

Researchers report that Shai-Hulud 2.0 is an ongoing npm supply-chain worm that has compromised hundreds of packages and tens of thousands of GitHub repositories and siphoned secrets through CI/CD pipelines.

Critical React Server Components Vulnerability CVE-2025-55182

React vulnerability React Server Components (RSC) — tracked as CVE-2025-55182 — is a critical (CVSS 10.0) flaw that allows unauthenticated attackers to execute arbitrary code on servers just by sending a crafted HTTP request to vulnerable packages.

CrowdStrike catches insider feeding information to hackers

CrowdStrike caught an insider who had secretly shared screenshots of internal systems with hackers linked to Scattered Lapsus$ Hunters — though the company says no breach of its infrastructure occurred and no customer data was compromised.

Comcast's 2025 Cybersecurity Threat Report

Comcast Business’s 2025 Cybersecurity Threat Report finds that over the 12-month period ending May 31, 2025 the company recorded 34.6 billion cyber events — including 4.7 billion phishing attempts, 9.7 billion “drive-by” compromise attacks, 44,000 DDoS attacks, and 19.5 billion resource-development activities.

Disrupting the first reported AI-orchestrated cyber espionage campaign

Anthropic reports disrupting what it assesses to be the first large-scale, AI-orchestrated cyber espionage campaign, in which a Chinese state-linked group jailbroke Claude Code to autonomously conduct reconnaissance, exploit vulnerabilities, and exfiltrate data across dozens of global targets with minimal human involvement.

Uncertain Economy Takes Toll on Cybersecurity Teams

Economic uncertainty has hit corporate cyber operations: Artico Search and IANS Research report that cybersecurity budgets rose just 4% in 2025 (a five-year low), hiring growth slowed to 7% (down from 12% in 2024), and many security-teams are grappling with tighter budgets, fewer hires, and slower wage growth.

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro

01:50 Louvre password

08:54 Trump budget cuts

20:35 Google AI threat report

36:56 Nevada didn’t pay ransom

48:25 Moved the needle

58:38 L3Harris Trenchant boss stole exploits, sold to Russia

62:00 Ransomware remediation firm employees go rogue

63:40 Cybersecurity Is A Digital Identity Problem And We Must Deal With It

The password for the Louvre’s video surveillance system was “Louvre”

The Louvre Museum reportedly had a video-surveillance server password of simply “LOUVRE” as early as 2014..

Trump budget cuts, agency gutting, leave Americans and economy at greater risk of being hacked, experts warn

Budget cuts under Donald Trump’s administration are slashing funding and staff at key federal cybersecurity agencies like CISA, increasing the risk of U.S. vulnerability to cyberattacks.

GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools | Google Cloud Blog

Adversaries are now deploying AI-enabled malware (such as self-modifying code) and exploiting underground AI tool markets across the full attack lifecycle.

Nevada didn’t pay ransom in statewide cyberattack, spent $1.5M on response

The State of Nevada did not pay the ransom after a statewide cyberattack, opting instead to spend approximately $1.5 million on response efforts.

How an ex-L3Harris boss stole and sold cyber exploits to Russia

A former L3Harris division boss admitted to stealing eight zero-day exploits from network and selling them to a Russian cyber-tool broker.

Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says

A Chicago-based ransomware response firm is under indictment after employees allegedly conducted five ransomware attacks of their own.

Cybersecurity Is A Digital Identity Problem And We Must Deal With It

Cybersecurity failures increasingly stem from weak or mis-managed digital identities, and organizations must shift their focus from endpoints to identity-first strategies.

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Intro

00:50 AWS Outage

20:48 F5 Breach

41:06 Risk Management vs. Security Engineering

58:19 Moving the Needle Part 3

F5 Hack Blamed on China

Chinese state-backed hackers allegedly breached U.S. cybersecurity firm F5, gaining year-long access to its systems and BIG-IP source code, prompting security fears and causing the company to warn of revenue impacts and falling shares.

AWS Outage

A race condition in Amazon DynamoDB’s DNS management system caused widespread outages across the US-EAST-1 region on October 19–20, 2025, disrupting DynamoDB, EC2, NLB, and multiple dependent AWS services until recovery was completed the next afternoon.

The CISO Dilemma: Risk Management vs. Security Engineering

This post argues that quantitative risk management (QRM) in cybersecurity is a deceptive comfort mechanism that lets executives rationalize insecurity, urging CISOs to reject financialized “risk buy-downs” and instead demand true security engineering and systemic architectural integrity.

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Highlight

03:44 Oracle E-Business Suite Zero-Day

14:49 UK government to be guarantor for Jaguar Land Rover cyberattack

25:54 "Moved the needle" Part 2

48:18 12 Security Problems Practitioners Want Solved

1:02:53 National Risk of Losing the CISA 2015 Act?

Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign

Mandiant and Google Threat Intelligence Group uncovered a large-scale CL0P-linked extortion campaign exploiting a zero-day (CVE-2025-61882) in Oracle E-Business Suite to steal data from organizations before patches were released.

https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitation

UK government to be guarantor for Jaguar Land Rover loan as it recovers from cyberattack

The UK government is guaranteeing a £1.5 billion loan to Jaguar Land Rover to support its recovery and supply chain after a major cyberattack forced the automaker to halt production earlier this month.

https://therecord.media/jaguar-land-rover-loan-guarantor-cyberattack

12 Security Problems Practitioners Want Solved

Leen and Lockstep Ventures released a “Requests for Security Startups” report outlining twelve practitioner-driven problem areas—from preventative security and identity sprawl to AI-native assistants and continuous compliance—calling for builders to create practical, AI-powered, and workflow-integrated solutions that solve real security pain points.

https://www.leen.dev/beyond-the-noise

When Cyber Visibility Fades: The National Risk of Losing the CISA 2015 Act—and How Organizations Can Stay Secure Without It

The expiration of the Cybersecurity Information Sharing Act of 2015 has reduced national cyber visibility and weakened public–private threat intelligence sharing, prompting experts to warn that organizations must strengthen internal risk management and collaboration to stay secure.

https://www.carson-saint.com/when-cyber-visibility-fades-the-national-risk-of-losing-the-cisa-2015-act-and-how-organizations-can-stay-secure-without-it

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)

00:00 Highlight

00:43 Intro

06:40 "Moved the needle" awards

37:05 Scattered Lapsus$ and Jaguar Hack

44:39 One Token to Rule Them All - Entra pwned

1:02:21 H-1B visa changes and their effect on the cyber industry

Scattered Lapsus$ and Jaguar Hack

Jaguar Land Rover has extended its production pause until October after a cyberattack crippled its IT systems. The company is struggling to recover operations at Range Rover plants.

https://www.wsj.com/business/jaguar-land-rover-extends-production-pause-until-october-following-cyberattack-0e39b7e8

One Token to Rule Them All

A deep dive into how attackers can obtain Global Admin across all Entra ID tenants using Actor tokens — the mechanics, prerequisites, and mitigation strategies.

https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

What to Know About Changes to the H-1B Visa Program

The U.S. is proposing major H-1B visa changes, including a $100,000 annual fee per visa starting in 2026, a move aimed at prioritizing higher-wage hires but likely to hit startups and global tech talent hard.

https://www.wsj.com/us-news/h1b-visa-changes-explained-45b818e9?mod=djemCybersecruityPro

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (Founder, http://githoundexplore.com/)