Every Tuesday at 9:30am CT / 10:30am ET

Live

The Untold Stories: North Korean Hacks, Exploited Vulnerabilities & Cybersecurity Legends

On this episode of Storm⚡️Watch, we break down a shocking scheme where a U.S. woman helped North Korean IT workers infiltrate American companies, along with GreyNoise’s latest intel on the active exploitation of a high-severity Palo Alto Networks PAN-OS vulnerability. We also chat with veteran cybersecurity journalist Denis Fisher about his career and dive into critical debates on vulnerability management and encryption policies.

February 18, 2025

Recent episodes

The Untold Stories: North Korean Hacks, Exploited Vulnerabilities & Cybersecurity Legends

February 18, 2025

When AI Attacks: Taxpayer Data, Beijing's Chatbots & LLM Hallucinations

On this episode of Storm Watch, we kick things off with a look at the Department of Government Efficiency (DOGE), led by Elon Musk, and its AI-driven analysis of federal systems, which raises major privacy concerns. Then, we dive into China's DeepSeek AI, which faces bans over pro-CCP biases, opaque training data, and cybersecurity issues. Finally, we wrap up with Splunk’s DECEIVE AI honeypot, exploring its deception-based threat detection and the risks of LLM hallucinations.

February 11, 2025

Mastercard's 4-Year DNS Nightmare, DHS Axes Cyber Board & New Botnet Wreaks Havoc

On this episode of Storm⚡️Watch, we uncover a DNS misconfiguration at Mastercard that exposed its infrastructure for over four years and explore the implications of disbanding key DHS advisory committees. We also dive into the emergence of the Murdoc Botnet targeting IoT devices, alarming trends in healthcare breaches, and what they reveal about the state of cybersecurity.

January 28, 2025

From Bans to Breaches: TikTok, PlugX, FortiGate, and Salt Typhoon

On this episode of Storm⚡️Watch, we dive into the dramatic conclusion of TikTok's U.S. saga, the rise of REDNote, and the Justice Department's takedown of PlugX malware in a major operation against China-backed hackers. We also analyze the fallout from the FortiGate configuration leak, recent Volt Typhoon activities, and the global implications of evolving cyber threats.

January 21, 2025

Ivanti's Blast Radius Expands, CFIUS Hack, & Censeye Automates Threat Hunting

On this episode of Storm⚡️Watch the team dives into the latest security developments, including Censys's groundbreaking automated hunting platform, Censeye, and a major breach at the US Treasury's CFIUS, attributed to Chinese state-sponsored actors. We also cover the expanding impact of Ivanti VPN exploits, the discovery of a weaponized LDAPNightmare proof-of-concept, advancements in phishing prevention, and the latest GreyNoise classifications for suspicious activity.

January 14, 2025

Chinese Hackers Strike Again: BeyondTrust & Salt Typhoon Breaches Expose Critical U.S. Infrastructure

On this episode of Storm⚡️Watch, we discuss the BeyondTrust breach, which exposed critical vulnerabilities impacting U.S. infrastructure, and the Salt Typhoon campaign, where Chinese state actors infiltrated major U.S. telecom companies. We also explore regulatory responses, insights from Censys and GreyNoise on internet scanners, and emerging threats like the Four-Faith Industrial Router exploit.

January 7, 2025

Meet the Team

boB Rudis

boB Rudis brings 30 years of data defense expertise to his role as VP of Data Science at GreyNoise Intelligence, focusing on internet threat research. Formerly at Rapid7 and Verizon, he authored the Data Breach Investigations Report. boB is a prolific online voice via Twitter (@hrbrmstr), his blog (rud.is/b), and contributions to the open-source realm, and has authored works on data security.

Glenn Thorpe

Glenn Thorpe, Sr. Director of Security Research at GreyNoise, began his 20+ year cybersecurity journey after a phishing scam sparked his passion. An expert in digital forensics and incident response, he consults on high-priority threats. Away from the office, he’s a weather enthusiast and avid shark diver.

Emily Austin

Emily helms the security research at Censys, analyzing threats and Internet trends. With a background in threat hunting and incident response, she applies data science to tackle security challenges, having expertise in anti-abuse and fraud detection.

Himaja Motheram

Himaja is a security researcher at Censys, investigating the impact of emerging vulnerabilities and exploring Internet phenomena. She specializes in tracking the Internet’s response to major incidents. Outside of work, she enjoys escape room puzzles and hiking.

Kimber Duke

Kimber Duke is a Researcher and Product Manager at VulnCheck, bringing a diverse skill set from a background in threat hunting, SOC management, and network security. In her off time, Kimber acts as the President of 801 Labs, a non-profit hackerspace based in Salt Lake City, which actively supports the local tech community by coordinating programming and projects.

The Untold Stories: North Korean Hacks, Exploited Vulnerabilities & Cybersecurity Legends

Recent episodes

The Untold Stories: North Korean Hacks, Exploited Vulnerabilities & Cybersecurity Legends

When AI Attacks: Taxpayer Data, Beijing's Chatbots & LLM Hallucinations

Mastercard's 4-Year DNS Nightmare, DHS Axes Cyber Board & New Botnet Wreaks Havoc

From Bans to Breaches: TikTok, PlugX, FortiGate, and Salt Typhoon

Ivanti's Blast Radius Expands, CFIUS Hack, & Censeye Automates Threat Hunting

Chinese Hackers Strike Again: BeyondTrust & Salt Typhoon Breaches Expose Critical U.S. Infrastructure

About