Exposing Your Attack Surface on Purpose: API Chaos, AI Risk, and Quantum Reality
Exposing Your Attack Surface on Purpose: API Chaos, AI Risk, and Quantum Reality by DomainTools
--------
23:49
Zero-Knowledge Threats, Shadow AI, and the Future of Cyber Attribution
In this RSA Conference 2025 special episode, we dive into the evolving world of cyber
attribution, AI-powered threat tactics, and real-world incident response in AWS and GCP
environments.
Our guests include:
● Tal Darsan and Etay Maor from Cato Networks, discussing stealthy attacker techniques,
AI-powered evasion, and lessons from ransomware groups like Medusa, Play, and
Hunters International.
● Yonaten Khen from Hunters, who walks us through how his team discovered a privilege
escalation vulnerability in Google Workspace and what it reveals about modern cloud
attacks.
--------
40:17
Inside Ransomware’s Supply Chain: Attribution, Rebrands, and Affiliate Betrayal
In this RSA Conference 2025 special episode, we explore two critical frontiers shaping the
future of cybersecurity.
First, Jon DiMaggio (Author of The Ransomware Diaries, Analyst1) breaks down the hidden
supply chains behind ransomware gangs, including the economics of affiliate betrayal and the
challenge of accurate attribution. He walks us through his methodology for identifying
ransomware rebrands like BlackCat and RansomHub using evidence-based frameworks
designed to eliminate human bias.
Then we’re joined by Matt Radolec (VP of Incident Response at Varonis), who brings a fresh
perspective on talent development in cybersecurity. Drawing from his keynote "From Gamer to
Leader", Matt argues that gamers possess untapped potential as cybersecurity professionals
and it’s time to design leadership pipelines like quest lines.
From ransomware negotiations on underground forums to using AI-enhanced playbooks and
transforming threat response teams into RPG-style guilds, this episode blends technical insight
with cultural reflection.
--------
44:47
Beyond the Perimeter: How Attackers Use Domains, Phishing & AI and How to Fight Back
Welcome to a special RSAC 2025 episode of the Breaking Badness Cybersecurity Podcast!
Today, we delve into the critical role of domains in modern cyber attacks. From sophisticated nation-state operations to AI-powered phishing kits and malicious browser extensions, domains are the foundational infrastructure for threat actors.
Host Kali Fencl is joined by four leading cybersecurity experts Joe Slowik, Robert Duncan, John Fokker and Vivek Ramachandran to
break down how domains are weaponized and what organizations can do to defend themselves on this ever-evolving frontline
--------
1:08:24
It Takes a Village to Secure AI
In this episode of Breaking Badness, we sit down with Raji Vannianathan, a cybersecurity leader at Microsoft driving the charge on AI security and safety. Raji shares her experience leading the team responsible for managing the end-to-end lifecycle of AI vulnerability disclosures, building proactive safety frameworks, and cultivating a global community of AI security researchers.
From developing Microsoft's AI Bug Bar to launching the "Guardians of AI Safety" Discord
community, she brings both vision and practical strategies to a rapidly evolving field.
We discuss the shifting threat landscape as threat actors begin to leverage generative AI, the
critical need for shared language and cross-functional collaboration, and how Microsoft is
thinking about trust, transparency, and incident response in the AI era. If you’re navigating the
challenges of AI risk, vulnerability coordination, or ethical deployment, this is an essential listen.
Where timely and relevant security meets puns and witty banter. Our goal is to keep defenders apprised of pertinent news and trends in under forty-five minutes.
South Africa