#215 - Inside cyber warfare, intelligence, and investment with Hank Thomas, Managing Partner and Founder at Strategic Cyber Ventures
On episode 215 of the Cybersecurity Defenders Podcast, Hank Thomas, Managing Partner and Founder at Strategic Cyber Ventures, shares his journey from Army intelligence officer to cyber-focused venture capitalist. But the most pressing part of the conversation is his call for a structural overhaul in how the US military handles cyber operations.Thomas argues that cyber is no longer a niche; it is the starting point for modern conflict. Yet cyber capability remains fragmented across service branches, leading to inefficiencies, talent drain, and even internal competition for resources. He makes the case for a separate, fully resourced cyber force, similar to the creation of the Air Force and Space Force, to truly secure the digital domain.He also shares concerns about government overreliance on contractors in critical cyber roles, the need for agile decision-making authority during cyber operations, and why AI must be deployed responsibly to defend a fractured critical infrastructure landscape.
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Since March 2025, Volexity has tracked an escalation in sophisticated phishing campaigns executed by two suspected Russian threat actors, UTA0352 and UTA0355, targeting the Microsoft 365 accounts of individuals connected to Ukraine and human rights organizations. A recent security assessment by watchTowr uncovered a pre-authenticated Remote Code Execution (RCE) vulnerability in Commvault’s on-premise Backup and Recovery solution (Innovation Release 11.38.20). CISA has added two SonicWall vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, indicating an escalation in exploitation activity against the vendor’s SMA series of secure remote access appliances. Bot traffic has overtaken legitimate human use on the internet, with the latest data showing that automated traffic now accounts for 51% of all internet activity—of which 37% is classified as malicious.
--------
31:47
#213 - Building cybersecurity products with Jonathan Haas, Product at Vanta
On this episode of the Cybersecurity Defenders Podcast we speak with Jonathan Haas, Product at Vanta, about building cybersecurity products.Jonathan’s work focuses on making security compliance faster and more accessible, helping teams move from months-long processes to efficient workflows that take just days. Before Vanta, he was the co-founder and CEO of cybersecurity startup ThreatKey, and before that he held key roles at Snapchat, DoorDash, and Carta, where he built and refined compliance systems during times of rapid growth.Outside of work, Jonathan explores San Francisco on foot, experiments with sourdough pizza recipes, and is cooking a dish from every country in the world. He brings a product philosophy rooted in solving real problems, blending data with user stories, and fostering inclusive teams.You can read his blog, Haas on Saas, here.
--------
32:11
#212 - Intel Chat: RSA 2025
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.During a talk at RSA, DHS Secretary Kristi Noem provided an update on the future direction of the Cybersecurity and Infrastructure Security Agency (CISA) under the new Trump administration.During the panel discussion titled “AI and Cyber Defense: Protecting Critical Infrastructure” which brought together federal research leaders to talk about how AI and automation are being leveraged to address mounting cyber risks across the U.S. critical infrastructure landscape. A new report titled The Rise of State-Sponsored Hacktivism provides a detailed analysis of how hacktivist operations have become an increasingly prominent feature of geopolitical cyber conflict.
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Researchers at Trend Micro have uncovered a new campaign by the Fog ransomware group, notable for its use of DOGE-themed ransom notes aimed at mocking victims rather than just extorting them.In the wake of May 2024’s Operation Endgame, which dismantled some of the most prominent malware droppers such as IcedID, Pikabot, SystemBC, Smokeloader, and Bumblebee, law enforcement agencies across Europe and North America have moved into a new phase targeting end users of these platforms.Zscaler researchers have recently observed Mustang Panda—also known by aliases like Bronze President, Stately Taurus, and TA416—upgrading its toolset as part of an ongoing espionage campaign, with a recent operation targeting an organization in Myanmar. Atomic macOS Stealer (AMOS), identified as one of the most impactful macOS-targeting infostealers of 2024, leverages deceptive application installers and phishing tactics to gain access to victim machines.
An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.