The Cyber Resilience Brief: A SafeBreach Podcast

SafeBreach
  • 5.0 (2)
  • TECHNOLOGY
  • UPDATED BIWEEKLY

The Cyber Resilience Brief is your 15-minute pulse on how organizations can build stronger defenses and achieve true cyber resilience. Each episode dives into the practical realities of Breach and Attack Simulation (BAS), adversarial exposure validation, and the evolving strategies that keep modern enterprises secure. Hosted by Tova Dvorin and brought to you by SafeBreach — the leader in Adversarial Exposure Validation — this podcast features insights from cybersecurity leaders, integration partners, CISOs, technical experts, and forward-thinking customers. Whether you’re in the EU navigating DORA requirements, managing a global security program, or simply looking to better validate your defensive posture, The Cyber Resilience Brief delivers actionable guidance, partner perspectives, and the latest trends to help your business stay ahead. 🎧 Subscribe and join us as we explore what it takes to proactively defend, adapt, and thrive in today’s threat landscape.

  1. 2D AGO

    Ep. 46 - Blueprint Thieves: Inside Iran’s Industrial Espionage Machine

    In this episode of The Cyber Resilience Brief, we break down the modern reality of Iranian cyber warfare and industrial espionage. Host Tova Dvorin and offensive security engineer Adrian Culley analyze the tactics, techniques, and procedures (TTPs) of APT33, OilRig (APT34), and MuddyWater — three of the most active Iranian state-sponsored threat actors targeting energy, aviation, manufacturing, government, and critical infrastructure. From intellectual property theft and aerospace breaches to DNS tunneling, living-off-the-land techniques, cloud-based command-and-control (C2), and wiper malware, we unpack how these groups evolved into stealthy, high-end cyber espionage operators. You’ll also learn how adversarial exposure validation (AEV), breach and attack simulation (BAS), and continuous automated red teaming (CART) help security leaders validate defenses against real-world nation-state threats. If you're a CISO, security architect, threat intelligence analyst, or cyber resilience leader, this episode delivers actionable insight into defending against advanced persistent threats (APTs). Subscribe for expert analysis on cyber resilience, exposure management, and defending against state-sponsored cyber attacks.

    9 min

  2. FEB 11

    Ep. 45 - Teen Hackers, SIM Swaps & Russian Ransomware

    In Part 2 of our Russia cyber threat series, we unpack the Western cybercrime ecosystem powering Russian ransomware operations. We examine Scattered Spider, LAPSUS$, and Shiny Hunters, and how social engineering, SIM swapping, MFA bypass, and AI-driven voice spoofing are breaching Fortune 100 companies — without zero-days. Learn how access brokers commoditize breaches, why help desks are prime targets, and what this shift means for CISOs and security teams. If you’re only testing firewalls, you’re missing the real risk. Listen now to understand how modern ransomware campaigns succeed — and what your security program must test to stay ahead.

    10 min

  3. FEB 8

    Ep. 44 - DynoWiper: A Nation-State Wiper Targeting Poland’s Energy Sector

    In this special bonus episode of The Cyber Resilience Brief, host Tova Dvorin is joined by SafeBreach threat research expert Adrian Culley to examine DynoWiper, a destructive nation-state wiper malware observed targeting Poland’s energy sector. First detected in late December 2025, DynoWiper has been linked to attacks on Polish wind farms and combined heat and power (CHP) plants, signaling a shift away from financially motivated ransomware toward pure disruption of critical infrastructure. The episode explores: How DynoWiper operates without command-and-control infrastructureWhy attribution points to Russian state-linked actors, including FSB Centre 16 (Static Tundra) and GRU Unit 7445 (Sandworm)Why traditional, point-in-time security testing fails against internally staged attacksHow Continuous Threat Exposure Management (CTEM) and Adversarial Exposure Validation (AEV) help organizations identify and close exposure gaps before destructive payloads are deployedWhile activity has been observed in Poland, the tactics discussed are highly relevant to energy and critical infrastructure operators worldwide. Cyber resilience isn’t a one-time achievement — it’s a continuous process of validation.

    9 min

  4. FEB 4

    Ep. 43 - Russian Threat Actors: Useful Fools and Proxy Power

    In this episode, Tova Dvorin and Adrian Culley break down the realities of Russian intelligence and cyber security, separating myth from fact. They explore how Russian state actors rely on proxy actors and cybercriminal marketplaces rather than direct operations, and why attribution challenges make cyber attacks so difficult to trace. The discussion highlights the difference between state-sponsored cyber activity and financially motivated cybercrime—and why defenders must rethink traditional assumptions. The episode closes with a look at why continuous threat exposure management is critical for staying ahead of evolving cyber threats. Topics include: Russian cyber threats, proxy actors, attribution challenges, and modern cybersecurity strategy.

    13 min

  5. JAN 27

    Ep. 42 - Iran’s Cyber Shadow War: IRGC, MOIS, and the Battle for Control

    Episode 2 of 6 – Iran’s Cyber Program Explained In Iran’s Cyber Shadow War: IRGC, MOIS, and the Battle for Control, we continue our deep-dive into Iran’s cyber operations by exposing the internal power struggle driving its most dangerous digital attacks. Iran does not operate a single, unified cyber command. Instead, two rival organizations—the Islamic Revolutionary Guard Corps (IRGC) and the Ministry of Intelligence and Security (MOIS)—run competing cyber missions with very different goals, tactics, and tradecraft. One favors loud, destructive attacks designed to intimidate and disrupt. The other specializes in quiet cyber espionage, long-term access, and intelligence collection. In this episode, we break down how this rivalry fuels Iranian state-sponsored cyber activity, why both agencies often target the same victims, and how their competition creates real risk for Western governments, critical infrastructure, energy, finance, and private enterprises. We also explore Iran’s use of contractor-based hacking groups, providing speed, innovation, and plausible deniability—while making attribution and defense significantly harder. For CISOs and security teams, this episode explains what Iran’s divided cyber command means for detection, dwell time, and continuous adversarial exposure validation—and why defenders must be prepared for both stealthy intrusions and sudden, destructive attacks. 🎧 In this episode:• Iran’s cyber shadow war explained• IRGC vs. MOIS: rivalry, missions, and tactics• State-sponsored hacking and contractor ecosystems• Cyber espionage vs. cyber disruption• What Iran’s internal competition means for defenders This is Episode 2 of a 6-part series unpacking how Iran builds, deploys, and evolves its cyber power—and what organizations must do to stay ahead.

    11 min

  6. JAN 21

    Ep. 41 - Iran’s Cyber Awakening: From Stuxnet to Shamoon and Beyond

    How did Iran evolve from a regional actor into one of the world’s most disruptive cyber threat forces? In the first episode of our Iran threat series, we trace the pivotal moments that shaped Iran’s modern cyber doctrine — from the Stuxnet attack on Natanz to the rise of destructive wiper malware like Shamoon and today’s era of stealthy, persistent access operations. Host Tova Dvorin is joined by Adrian Culley, Offensive Cyber Security Engineer at SafeBreach, to unpack how Iran turned humiliation into capability, embraced a contractor-based APT model, and weaponized cyber operations as a tool of retaliation and asymmetric warfare. You’ll learn: Why Stuxnet was Iran’s cyber “Big Bang” moment How Shamoon marked the birth of destructive, message-driven attacks The evolution from noisy disruption to long-term persistence Why Iranian APTs target financial services, energy, and supply chains What today’s geopolitical instability means for Western enterprises and critical infrastructure How CTEM, BAS, and Continuous Automated Red Teaming (CART) help organizations detect and stop Iranian threat actors before they strike If you’re a CISO, security leader, or threat intelligence professional, this episode explains why guessing is no longer an option — and why continuous adversarial exposure validation is now essential to defending against Iranian cyber operations.

    12 min

  7. JAN 14

    Ep. 40 - CRINK: The Cyber Threat Accelerating Right Now

    China. Russia. Iran. North Korea. As geopolitical tensions escalate—especially involving China and Iran—their cyber activity isn’t slowing down. It’s converging. In this episode of The Cyber Resilience Brief, Tova Dvorin and Adrian Culley unpack CRINK: an intelligence-community term rarely used in the commercial market, but critical for defenders to understand now. CRINK isn’t a formal alliance so much as it’s a shared playbook. Chinese pre-positioning, Russian disruption, Iranian sabotage, and North Korean cybercrime combine into a full-spectrum, asymmetric threat targeting critical infrastructure and enterprises. If your security strategy relies on alerts, assumptions, or patching alone, you’re already behind. This episode explains why—and how to move from guessing to proving your defenses work.

    16 min

  8. JAN 12

    Ep. 39 - The Shadow War is Already Here: How CISOs Must Prepare for Cyber Conflict

    The Shadow War is already underway — and it’s being fought in cyberspace. In this episode of The Cyber Resilience Brief, host Tova Dvorin and cybersecurity strategist Adrian Culley explore how escalating global tensions are redefining modern warfare and what that means for CISOs and security teams today. We break down how nation-state cyber threats from Russia, China, Iran, and North Korea are operating in a state of persistent engagement — planting access, stealing data, disrupting critical infrastructure, and preparing for future conflict. Learn why reactive security is no longer enough and how Breach and Attack Simulation (BAS), Continuous Automated Red Teaming (CART), and Adversarial Exposure Validation (AEV) help organizations defend against advanced persistent threats. The Shadow War isn’t coming — it’s already here.

    12 min
See All (46)

Ratings & Reviews

5
out of 5
2 Ratings

About

The Cyber Resilience Brief is your 15-minute pulse on how organizations can build stronger defenses and achieve true cyber resilience. Each episode dives into the practical realities of Breach and Attack Simulation (BAS), adversarial exposure validation, and the evolving strategies that keep modern enterprises secure. Hosted by Tova Dvorin and brought to you by SafeBreach — the leader in Adversarial Exposure Validation — this podcast features insights from cybersecurity leaders, integration partners, CISOs, technical experts, and forward-thinking customers. Whether you’re in the EU navigating DORA requirements, managing a global security program, or simply looking to better validate your defensive posture, The Cyber Resilience Brief delivers actionable guidance, partner perspectives, and the latest trends to help your business stay ahead. 🎧 Subscribe and join us as we explore what it takes to proactively defend, adapt, and thrive in today’s threat landscape.

Information