Infosecurity Magazine Podcast

Infosecurity Magazine

Interested in the latest news from the Infosecurity sector and want to hear from the industry’s leading cybersecurity experts? Listen to our monthly podcasts to hear our award-winning editorial team discuss the latest trends and issues in information security. The team is regularly joined by cybersecurity experts who take a deep dive into the most important issues of the day and provide you with solutions and practices to help your business stay secure.

  1. Exclusive Interview with OpenClaw’s Security Advisor

    2D AGO

    Exclusive Interview with OpenClaw’s Security Advisor

    OpenClaw’s weak spots have not gone unnoticed and Australian pentester Jamieson O’Reilly, founder of DVULN, was among the first to call them out. Now, he’s been appointed OpenClaw’s security representative, tasked with hardening the project from within. In this exclusive Infosecurity interview (from 7.30), O’Reilly explains his journey from a critic, who created a ‘fake’ malicious OpenClaw skill called “What would Elon do?” to a custodian. He also shares why he still treats OpenClaw with caution and outlines the security roadmap he’s building to make the project safer without stifling innovation. O’Reilly’s vision goes beyond patches and firewalls. He advocates for treating OpenClaw skills, its modular tools, like mobile apps. This means standardized security reviews, supply chain checks and transparency requirements. He also highlights the need for better ways to analyze AI prompts and agent behavior. This reduces the risk of hidden threats in natural language interactions. If successful, his work could set a new bar for security in open-source AI projects. O’Reilly’s appointment signals a shift. The project is taking security seriously, but the road ahead is complex. For CISOs and developers, his insights offer a rare look at how to balance experimentation with real-world safeguards. Resources: • OpenAI's Promptfoo Deal Plugs Agentic AI Testing Gap, Infosecurity Magazine https://www.infosecurity-magazine.com/news/openai-promptfoo-deal-agentic-ai/ • Researchers Reveal Six New OpenClaw Vulnerabilities, Infosecurity Magazine https://www.infosecurity-magazine.com/news/researchers-six-new-openclaw/ • Researchers Find 40,000+ Exposed OpenClaw Instances, Infosecurity Magazine https://www.infosecurity-magazine.com/news/researchers-40000-exposed-openclaw/ • Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw, Infosecurity Magazine https://www.infosecurity-magazine.com/news/malicious-crypto-trading-skills/ • OpenClaw’s main website: https://openclaw.ai/blog/virustotal-partnership • OpenClaw’s GitHub page: https://github.com/openclaw/openclaw • OpenClaw’s Trust page outlining the project’s security roadmap: https://trust.openclaw.ai/ • OpenClaw Partners with VirusTotal for Skill Security, OpenClaw https://openclaw.ai/blog/virustotal-partnership

    59 min
  2. Ransomware Dethroned by Cyber Fraud: Insights from the WEF’s Cybersecurity Outlook 2026

    FEB 11

    Ransomware Dethroned by Cyber Fraud: Insights from the WEF’s Cybersecurity Outlook 2026

    For the fifth year running, the World Economic Forum’s Global Cybersecurity Outlook report has provided a critical snapshot of the evolving cyber threat landscape – and this year’s findings mark a turning point. Cyber-enabled fraud has now overtaken ransomware as the top cybersecurity concern for organizations worldwide, signaling a fundamental shift in how attackers operate and the risks businesses face. In this episode, we sit down (4.55) with Giulia Moschetta, a research and analysis specialist at the World Economic Forum's Centre for Cybersecurity and one of the report’s lead authors, and Akshay Joshi, head of the WEF’s Centre for Cybersecurity, to break down the findings and what they mean for the future of cybersecurity. The discussion explores why fraud, from sophisticated payment scams to AI-driven social engineering, has become the dominant threat, while ransomware, though still potent, is no longer the sole focus of cyber defenses. Resources: -Global Cybersecurity Outlook 2026, Centre for Cybersecurity, World Economic Forum: https://www.weforum.org/publications/global-cybersecurity-outlook-2026/ -“World Economic Forum: Cyber-Fraud Overtakes Ransomware as Business Leaders' Top Cybersecurity Concern,” Infosecurity Magazine: https://www.infosecurity-magazine.com/news/fraud-overtakes-ransomware-as-top/ -Unmasking Cybercrime: Strengthening Digital Identity Verification against Deepfakes, Cybercrime Atlas, World Economic Forum: https://reports.weforum.org/docs/WEF_Unmasking_Cybercrime_Strengthening_Digital_Identity_Verification_against_Deepfakes_2026.pdf -“World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks,” Infosecurity Magazine: https://www.infosecurity-magazine.com/news/wef-deepfake-faceswapping-security/

    31 min
  3. How 2025 Shaped the Future of Cybersecurity With Rebecca Taylor & Will Thomas

    12/09/2025

    How 2025 Shaped the Future of Cybersecurity With Rebecca Taylor & Will Thomas

    This year, cybercrime got a teenage makeover. Groups like Scattered Lapsus$ Hunters, part of the loose collective ‘The Com’ and filled with young, radicalized hackers, became a top threat. Their aggressive tactics led to high-profile breaches in 2025, including attacks on Marks & Spencer, the Co-op, and Jaguar Land Rover. Meanwhile, insider attacks exploded: employees secretly working for ransomware gangs, zero-day brokers selling to Russia, and a million-dollar-worth crypto heist at Coinbase. In 2025 we also saw AI evolve from being a futuristic threat to a threat which can power real malware, with AI tools like Claude helping criminals automate attacks at terrifying speed. We sat down with Rebecca Taylor, Threat Intelligence Knowledge Manage & Researcher at Sophos and Will Thomas, Senior Threat Intelligence Advisor at Team Cymru, to discuss 2025’s highs and lows in cybersecurity and cybercrime – and to make educated guesses on what to look for in 2026. Their prediction? That 2026 could bring live deepfake heists (imagine a fake CEO on a video call draining company funds) and nation-states weaponizing insiders for destructive cyberwar. This episode is sponsored by SailPoint.

    34 min
  4. Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

    11/04/2025

    Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

    Just in time for spooky season, this episode takes you into the darkest corners of the cyber underworld, where the real monsters aren’t ghosts or goblins, but ransomware gangs lurking in the shadows. We sat down with Matthew Maynard (3.42), a cybersecurity pro by day and a real-life cyber ghostbuster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves. While most bug bounty programs reward researchers for finding flaws, Matthew’s work is far more chilling (and thrilling). As part of threat intelligence programs like Halcyon’s Threat Research Intelligence Program (TRIP), he infiltrates ransomware gangs, extracts their secrets and helps shut down their operations before they strike. For CISOs and executives, Matthew’s experience offers a rare and critical perspective on how to shift from reactive fire-drills to proactive threat hunting. By leveraging dark web intelligence, undercover engagements, and threat actor profiling, security leaders can anticipate attacks, disrupt criminal operations, and even recover stolen data before it’s too late.

    34 min
  5. Can AI Solve the Vulnerability Problem in Critical Infrastructure?

    09/25/2025

    Can AI Solve the Vulnerability Problem in Critical Infrastructure?

    Generative AI is poised to revolutionize vulnerability discovery in critical infrastructure, but will it actually fix the problem, or just shift the burden? The recent AI Cybersecurity Challenge (AIxCC), a two-year competition sponsored by the US Defense Advanced Research Projects Agency (DARPA) and Advanced Research Projects Agency for Health (ARPA-H), crowned winners whose AI systems autonomously discovered and patched zero-day flaws in real-world code. Now, with models potentially going open-source, the implications for defenders, attackers and policymakers are seismic. In this episode, we sat down with Taesoo Kim, the leader of Team Atlanta, the AIxCC winning team, and Andrew Carney, program manager for the AIxCC at DARPA and ARPA-H. In the interview (13.56), they discuss why the commercialization of GenAI-powered vulnerability scanning tools could be just around the corner and how "self-healing infrastructure" might soon become a reality.

    41 min
  6. ToolShell Deep Dive: The SharePoint Exploit Crisis Uncovered

    07/28/2025

    ToolShell Deep Dive: The SharePoint Exploit Crisis Uncovered

    In this special episode of the Infosecurity Magazine podcast, we dive deep into the rapidly evolving story surrounding Microsoft SharePoint On-Premises. Recent disclosures have revealed a series of vulnerabilities now being exploited in targeted campaigns, with Chinese threat actors at the centre but other threat actors joining in the attacks. This episode breaks down the complexities of the incident, the ongoing exploitations and the broader implications for security practitioners. Stay updated as this story unfolds and equip yourself with valuable insights to better understand and defend against emerging cyber threats. Our discussion includes: Timeline of events surrounding the ToolShell Microsoft SharePoint on-prem vulnerability (02.20) Interview with Charles Carmakal, CTO at Mandiant, now part of Google Cloud (06.38). Charles details these critical vulnerabilities and steps towards patching and what some orgnaizations may be missing, leaving them vulnerable to compromise. Interview Lorri Janssen-Anessi, Director of External Cyber Assessments at BlueVoyant. With extensive experience from her time at the NSA and the Department of Homeland Security, Lorri provides an in-depth perspective on the impact these attacks are having and what they mean for organizations today. (17.18) Sing up to receive Infosecurity Magazine's weekly newsletter here.

    42 min
  7. Unpacking Trump's Cybersecurity Executive Order

    07/14/2025

    Unpacking Trump's Cybersecurity Executive Order

    In this Infosecurity podcast episode, the team dive into the details of Donald Trump's June 2025 Cybersecurity Executive Order (EO). This EO revises previous orders from both Barack Obama and Joe Biden, while also removing a host of requirements from Biden's January 2025 EO. From software supply chains and quantum computing to the research and testing of AI for cyber defense, this new order covers a wide array of critical cybersecurity topics. To unpack the details of the latest EO We sit down with Nick Reese, the co-founder and COO of Frontier Foundry, a Professor at New York University and a member of the Homeland Security Advisory Board at the George Washington University. Reese brings invaluable experience from his time as Director for Emerging Technology Policy at the US Department of Homeland Security (2019-2023). In our discussion, we break down the intricate details of the executive order, helping us understand its provisions and the nuances of the changes it introduces to the cybersecurity landscape. Sing up to receive Infosecurity Magazine's weekly newsletter here.

    32 min
  8. Your Guide to Infosecurity Europe: Insider Tips from Leading Cybersecurity Experts

    05/20/2025

    Your Guide to Infosecurity Europe: Insider Tips from Leading Cybersecurity Experts

    In this episode of the Infosecurity Magazine podcast we dive into the exciting world of Infosecurity Europe. Two veteran cybersecurity pros share their expert advice on how to get the most out of your visit to one of the industry's premier events. Heather Lowrie, former CISO and co-founder of Resilionix, and Jon Davies, Director - Cyber, KPMG share their perspectives on emerging cybersecurity themes to expect at the event and their reflections on how Infosecurity Europe has evolved over the years. We touch on how to navigate the diverse offerings at Infosecurity Europe, the value of engaging in Table Talks and Masterclasses and how to best plan your visit. This episode is packed with valuable insights to help you maximize your experience at Infosecurity Europe. Infosecurity Europe returns from 3rd to 5th June, 2025, at London’s Excel, celebrating its 30th anniversary. Registration is now open at infosecurityeurope.com. Find out more about Infosecurity Europe via the website here. https://www.infosecurityeurope.com/en-gb/lp/register-now.html?utm_source=advert&utm_medium=referral&utm_campaign=infosecurity_magazine&utm_content=&utm_term= Discover more from our sponsor, Vanta, here. https://www.vanta.com/demo-uk?utm_campaign=emea_generic&utm_source=info-security&utm_medium=podcast Sing up to receive Infosecurity Magazine's weekly newsletter here. https://www.infosecurity-magazine.com/my-account/login/

    25 min
See All (93)

About

Interested in the latest news from the Infosecurity sector and want to hear from the industry’s leading cybersecurity experts? Listen to our monthly podcasts to hear our award-winning editorial team discuss the latest trends and issues in information security. The team is regularly joined by cybersecurity experts who take a deep dive into the most important issues of the day and provide you with solutions and practices to help your business stay secure.

Information

  • Creator
    Infosecurity Magazine
  • Years Active
    2019 - 2026
  • Episodes
    93
  • Rating
    Clean
  • Copyright
    © All rights reserved
  • Show Website
    Infosecurity Magazine Podcast

You Might Also Like