Decipher Security Podcast

Decipher
  • 4.4 (9)
  • TECHNOLOGY
  • UPDATED WEEKLY

Every week, Dennis Fisher and Lindsey O'Donnell-Welch, the editors of Decipher, bring you exclusive, in-depth conversations with security researchers, CISOs, founders, and security experts to hellp you understand the threat landscape and better protect your organizations.

  1. 16H AGO

    Cisco SD-WAN Zero Day, Google Disrupts Chinese Campaign, and More Cyber on The Pitt

    This week Lindsey rejoins Dennis to talk about the attacks targeting a zero day in Cisco's Catalyst SD-WAN Controller (2:17), Google's disruption of a China-linked cyber espionage campaign targeting telecom infrastructure (6:30), and the new cyber developments on everyone's favorite tech show, The Pitt (13:13)!

    32 min
  2. China Targets Dell Flaw, New Ivanti Exploitation, and Cyber Shenanigans on The Pitt!

    FEB 20

    China Targets Dell Flaw, New Ivanti Exploitation, and Cyber Shenanigans on The Pitt!

    It's a light news week, but we have some fun content for you! This week, we talk about our latest hacker movie episode--STAR WARS--which is up on the site and all of our feeds now (0:25), then we dig into a nasty hard-coded. credential bug in Dell RecoverPoint for Virtual Machines that Chinese threat actors are exploiting (4:20), and then we move on to an active campaign targeting two vulnerabilities in Ivanti EPMM that is hitting organizations across the U.S., Canada, and other countries (08:33). Finally, we talk a little about an interesting cybersecurity plot line on HBO's show The Pitt (12:15). Spoiler warning: If you're not caught up on this show, there's a minor spoiler, but nothing you haven't really seen in the previews.  Support the show

    19 min
  3. The Hacker Movie Canon: Star Wars

    FEB 18

    The Hacker Movie Canon: Star Wars

    STAR WARS isn't just one of the more successful and iconic movies of all time and the basis for a worldwide sci-fi empire, it's also a true hacker story. Wade Baker and Rich Mogull, two Star Wars scholars, join Dennis Fisher to break down the Empire's pathetic perimeter defenses, R2D2's arc as a wily hacker, and how the movie hinges on a data breach. Support the show

    1h 5m
  4. Six Zero Days From Microsoft, One From Apple, and a CSI: Cyber Throwback

    FEB 13

    Six Zero Days From Microsoft, One From Apple, and a CSI: Cyber Throwback

    This week was a cornucopia of zero days. We talk about the six (!) actively exploited vulnerabilities that Microsoft patched this week in its February update (2:46), then we discuss the one that Apple fixed in iOS 26.3, a vulnerability that has been used in what the company calls an "extremely sophisticated attack" against a few individuals (7:24). That's a clear indication that the vulnerability has likely been used in operations involving commercial spyware vendors. Finally, we give a little love to the long lost TV show CSI: Cyber, which starred James Van Der Beek, and the cameo that two famous hackers had on one episode (12:40).  The old Threatpost CSI: Cyber running chat discussion Support the show

    18 min
  5. How to Stay Ahead of Attackers With watchTowr's Ryan Dewhurst

    FEB 9

    How to Stay Ahead of Attackers With watchTowr's Ryan Dewhurst

    Attackers are moving faster and faster every day, and the challenge of keeping pace is a daunting one. But it's not impossible. watchTowr's Ryan Dewhurst joins Dennis Fisher to talk about how the "magic" of computers first captured his imagination when he was young, how defenders can learn  from attackers' tactics and adapt, and how the AI revolution is accelerating vulnerability disclosure and exploitation. Support the show

    49 min
  6. Dumping Edge Security Devices, the SystemBC Botnet, and the Joy of Joybubbles

    FEB 6

    Dumping Edge Security Devices, the SystemBC Botnet, and the Joy of Joybubbles

    This week we talk about the new CISA Binding Operational Directive that sets a deadline for removing end of support edge security devices from federal government networks (1:15), then we discuss the new research from Silent Push on the new variant of the SystemBC botnet (6:45), and finally we have a movie recommendation for you: Joybubbles, the fascinating new documentary about phone phreaker Joe Engressia Jr. Support the show

    17 min
  7. Fortinet and WinRAR Exploitation, Google's IPIDEA Disruption, and Our Favorite Cybersecurity Creators

    JAN 30

    Fortinet and WinRAR Exploitation, Google's IPIDEA Disruption, and Our Favorite Cybersecurity Creators

    It was a busy week in the cybers! Today we start with the targeted exploitation of another Fortinet vulnerability (CVE-2026-24858) that enables simple authentication bypass (1:15), then we discuss Google's disruption of a large residential proxy network called IPIDEA that has been abused by hundreds of threat actors (5:40), then we talk about the continued attacks on an older WinRAR bug by both cybercrime and APT groups (10:11). Finally, we shout out some of our favorite fellow creators in security community: the Three Buddy Problem podcast, John Hammond, and Matt Johansen.  Support the show

    21 min
  8. The RedVDS Takedown, Yet Another Chinese APT Emerges, and the StackWarp AMD Bug

    JAN 16

    The RedVDS Takedown, Yet Another Chinese APT Emerges, and the StackWarp AMD Bug

    This week, we talk about how Microsoft disrupted a long-running, large-scale cybercrime-as-a-service platform called RedVDS that has been active since 2019 and was used in high-volume phishing and BEC scams (1:00), then we discuss the research from Cisco Talos on another (!) Chinese APT called UAT-8837 that is targeting critical infrastructure organizations in North America (6:06), and finally there's the clever new StackWarp vulnerability in AMD processors that was disclosed this week (9:44). RedVDS takedown Cisco Talos report StackWarp Support the show

    17 min
See All (331)

Ratings & Reviews

4.4
out of 5
9 Ratings

About

Every week, Dennis Fisher and Lindsey O'Donnell-Welch, the editors of Decipher, bring you exclusive, in-depth conversations with security researchers, CISOs, founders, and security experts to hellp you understand the threat landscape and better protect your organizations.

Information

You Might Also Like