Adventures of Alice & Bob

Today, James is joined by Vincent Scott, a former US Navy cryptologist and founder of Defense Cybersecurity Group. Vincent shares his raw and authentic experience while bridging intelligence gaps during the 9/11 crisis and navigating cyber warfare operations in the Gulf Wars. He also shares the culture challenges he experienced while transitioning from military to corporate cybersecurity, the broken windows approach to fixing small cyber cracks before they shatter, and the paradox of expensive tools failing to deliver without the right people.

Today, Marc is speaking with Dr. Jessica Barker, a cybersecurity culture expert and co-founder of Cygenta. Join us for some incredibly true stories, including a behind-the-scenes look at her royal honor ceremony at the historic Windsor Castle. You'll hear all the details - from battling nerves while practicing that all-important curtsy, to the opulent pomp and circumstance of receiving her honor from Prince William himself. But Jessica's tales from the front lines don't stop there. She'll also pull back the curtain on the shockingly sleazy underworld of romance scams, where con artists follow meticulously crafted "playbooks" full of psychological manipulation tactics to drain unsuspecting victims of their entire life savings through emotional exploitation. And brace yourself as she reveals how AI deepfakes are making phishing attacks even more devious and hard to detect. You'll learn how cybercriminals are leveraging this cutting-edge technology to generate hyper-realistic lures - from emails to videos - that could easily fool even cautious individuals.

This week, James is joined by Michael Perklin, information security expert and Chairman of the Board at C4. Listen in as Michael pulls back the curtain on the current cryptocurrency landscape. This episode is a roller-coaster ride, spanning Michael's career journey from trying to debunk Bitcoin as a "scam" to realizing its brilliance and founding one of the first Bitcoin security consultancies. You'll be on the edge of your seat as he recounts high-stakes experiences like securing Ethereum's historic initial coin offering, hunting down insider threats at ShapeShift, and guiding the company's pioneering transition into a decentralized autonomous organization (DAO). Get ready for a whirlwind of stories that showcase the challenges, opportunities, and mind-bending possibilities of blockchain technology.

Today, Marc is joined by Hector Monsegur, the infamous hacker formerly known as Sabu. In this episode, Hector takes us on a journey through his past, from his early inspirations drawn from hacker films to his pivotal role in the LulzSec hacking collective. With raw honesty, he delves into the motivations and mindsets that fueled his involvement in hacktivism, shedding light on the complexities and ethical dilemmas surrounding digital activism. Hector's story is a testament to the transformative power of embracing one's passion, and his insights offer a rare glimpse into the psyche of a cyber outlaw-turned-cybersecurity professional.

Microsoft is one of the world's largest and most security-focused companies. Yet in late 2022, a sophisticated threat actor known as Midnight Blizzard breached their systems in Azure through a forgotten test account. Join James Maude and Marc Maiffret together as they dive into the technical details of the Blizzard attack, how machine identities and misconfigured OAuth apps provided the foothold, and the lessons learned about protecting corporate cloud environment. James & Marc also discuss actionable ways to reduce risk, the limitations of relying only on detection, and why unified visibility over all identities is key for a proactive defense.

Today James is joined by Terry Cutler, Founder of Cyology Labs. Terry Cutler is a modern magician, but you won’t find him on a Vegas stage. As a professional hacker and "Cyologist," Cutler uses social engineering and technical wizardry to pull off digital feats like taking down a corporate network by leaving USB drives in the bathroom. In this fascinating interview, he makes cyber threats disappear before your eyes as he recounts tales of infiltrating systems to improve security defenses.

Get the explosive inside scoop on two brazen hacks from the hacking guru and cyber warfare expert simply known as “The Grugq.” He joins James to dissect an elaborate phishing campaign that compromised Qatar's national news agency. You'll learn how hackers fabricated academic awards as a ploy to infiltrate key targets. The Grugq also unravels the Coinbase hack that could have been an unparalleled crypto heist. He reveals how the culprits were obsessed with deploying a flashy new zero-day exploit, when lower-tech tricks already had executives firmly ensnared. This is a rare chance to analyze major cyber attacks play-by-play alongside one of the world's top hacking experts. Buckle up for a wild ride!

Today James is joined by Dr. Ryan Louie who shares captivating stories from the frontlines of psychiatry and insights on protecting mental health in our tech-driven world. Join us as they explore the psychological parallels between social engineering attacks and persuasive techniques used in medicine. Dr. Louie also shares his account of a pivotal moment early in his career that shaped his approach to patient care. Don't miss his enlightening perspective on how breaches of health data violate the deepest levels of patient privacy.

Get inside the mind of hacker Ymir Vigfusson as he sits down with James to recount his early days of finding exploits in SSH and owning an Icelandic ISP at age 14. Learn how he navigated the ethical lines of hacking and later used his talents for good by teaching others. Also, we'll hear the method behind his current zero trust startup after a life spent understanding how things break.

From finding body parts in a warehouse to shaping data privacy legislation in Congress, Michelle Dennedy has never backed down from the unexpected plot twists along her remarkable journey. The chief privacy trailblazer joins Marc today to discuss the real-life stories behind her role in “The Usual Suspects”, her national human microchipping debate on Dr. Phil, the high school pact that led to a career defending consumer data rights, and so much more. Michelle brings her signature wit and wisdom to every tall tale. Get ready for a wild ride with this privacy rebel.

What's it like to rob banks and government facilities for a living? Find out today when James sits down with professional ethical hacker and social engineer FC (aka Freakyclown) to discuss the wild stories from his 30+ year career circumventing security systems. From stealing helicopters and gold bullion, to building secret offices and making friends with targets, hear tales of exploits that sound stranger than fiction in today's episode. FC also shares hard lessons learned and practical advice for improving security.

Today, James finds himself engaged in a captivating conversation with Dr. Cathy Ullman, Principal Technology Architect, Security at University at Buffalo. In their discussion, Dr. Ullman regales James with gripping accounts of her experiences combating the notorious Nimda Virus, a pernicious file-infecting computer worm. She also delves into her firsthand encounters with the tumultuous era of Code Red and other early internet worms, sharing invaluable insights gained from navigating these cybersecurity crises. She also talks about working with law enforcement on cyber investigations and touches on her unconventional career journey through philosophy, forensics and beyond.

Today James is speaking with Eliza-May Austin, CEO & Co-Founder of th4ts3cur1ty.company. Drawing on her experience with a TeamViewer supply chain attack early in her career, Eliza explains how she built her company's SIEM solution to help businesses of all sizes defend against threats coming through trusted third parties. She also discusses the benefits of purple teaming and shares some amusing moments from working night shifts in cybersecurity, including testing if she can still do roly-polies and giving herself a concussion!

Okta provides identity and access management to some of the world's biggest brands. But what happens when Okta itself comes under attack? In this episode, James sits down with BeyondTrust CTO Marc Maiffret to discuss how BeyondTrust discovered a breach of Okta’s Support Unit, escalated concerns, and gathered the necessary evidence to spur Okta into action. Join us for a rare inside look at how a major provider was compromised, and what we can learn to better defend our own systems.

In this episode James hosts Lynn Dohm, Executive Director of WiCyS (Women in Cybersecurity). Lynn shares the origin story of WiCyS, from humble beginnings as an NSF-funded conference to today's thriving global community empowering women at all stages of their cybersecurity careers. Join us as they discuss systemic issues like the “leaky pipeline,” how to create inclusive spaces in security, and overcoming barriers that cause women to leave the field. Lynn talks data, gives advice for cybersecurity leaders looking to recruit, retain and advance women, and much more! Tune-in to be inspired by the superheroes at WiCyS who are making a global impact for women in cybersecurity.

On this bittersweet episode, host James Maude is joined by our outgoing podcast host Karl Lankford for an in-depth look back at his incredible tenure on The Adventures of Alice and Bob. As Karl hangs up the headphones, we get the inside scoop on the wit and wisdom that made him a fan favorite during his time on the mic. From hair-raising plane rides to secret server room speakeasies, James and Karl reminisce about the wild adventures, guest interviews, and laughs shared over the past year and a half. Karl reflects on lessons learned through hosting duties, his passion for helping others, and excitement for the next chapter. We'll miss you, Superhost Karl!

Today James is speaking with Troy Fisher, an ethical hacker at IBM Security who educates using Rubik's cubes and draws from early experience battling major malware like the ILOVEYOU virus outbreak. Join us as Troy discusses facing major malware incidents early in his career and puzzling his way into a role in ethical hacking. We'll also hear how Troy uses Rubik's cubes to demonstrate hacking concepts, how his background in music and performance aids compelling security education, and more stories from his eclectic career path on this episode of The Adventures of Alice and Bob podcast.

Today's episode is hosted by James Maude. He is joined by Patrick Hynds and Duane Laflotte, CEO and CTO, respectively, of Pulsar Security. Tune-in as Patrick and Duane discuss their journey from the early days of hacking to leading offensive security teams and advising enterprises on defense strategies. They take us through an inside look at unconventional hacking techniques including compromising networks by exploiting default credentials on printers and manipulating thermostats to damage infrastructure. Patrick and Duane also detail social engineering tactics like sending spoofed emails from compromised printers to hack their way into networks. They share perspectives on the evolution of cyber threats over 20+ years, the importance of patch management, and mentoring the next generation of ethical hackers.

Today's episode is hosted by James Maude. He is joined by John Fokker, Head of Threat Intelligence at Trellix. John is an internationally recognized cybercrime expert with leadership experience across law enforcement, military, and industry. Tune-in as John discusses his journey from the Dutch Marines to leading cybercrime investigations for the Dutch Police. John provides an inside look at high-profile cybercrime takedowns, including hunting down the notorious REvil ransomware group. He also shares perspectives on the evolution of cyber threats, the ransomware economy, and building global public-private partnerships to combat cybercrime.

Today's episode is hosted by Karl Lankford. He is joined by Chris Roberts A.K.A "Dr. Dark Web", and CISO at Boom Supersonic. Chris has been described as a hacker, cyber researcher, and even a Scottish cybersecurity warlock! Today Chris discusses his memorable experiences at conferences, ethical challenges in cybersecurity, and his personal moonshot for improving security. He also shares stories about hacking cows and camels and reflects on building security into the first commercial supersonic jet.

Today’s compilation episode is a very special edition of "After Hours with Alice & Bob." Our three hosts, James, Karl, and Marc, recorded live from the annual Go Beyond customer conference in Miami, Florida. They had lively discussions with a variety of guests over adult beverages...and nothing was off-limits when it came to our guest's stories around cybersecurity!

Today, James is speaking with Jason Haddix, the renowned cybersecurity expert and CISO of BuddoBot. Get ready for an engaging conversation about the world of secrets management, the aftermath of the Lapsus$ breach at Ubisoft, and the dark web's impact on modern adversaries. Jason also shares captivating stories, including his experience accidentally setting off emergency alerts in LA and his eye-opening journey into the hidden corners of the dark web.

Today, James and Marc are thrilled to welcome Katie Moussouris, the founder and CEO of Luta Security. Prepare yourself for an extraordinary conversation on bug bounty programs, the intricacies of vulnerability disclosures, and the influence of regulations and governance within cybersecurity. Katie also shares some amazing stories including her swift response to a teardrop attack during her tenure at the Human Genome Project and her ingenious two cell phone hack of the well-known social audio app, "Clubhouse."

In today's episode James is joined by Cris Thomas, a true cybersecurity maverick that is more famously known as "Space Rogue." Join us as Cris delves into the fascinating origins of L0pht, a pioneering hacker collective that left an indelible mark on the industry. Cris also shares invaluable insights on securing networks, debunks hacking culture myths, sheds light on unconventional cybersecurity risks that often go unnoticed, and discusses his new book, Space Rogue: How the Hackers Known As L0pht Changed the World.

This very special episode is brought to you from the Adventures of Alice and Bob podcast booth at the Go Beyond Conference in sunny Miami, FL. Karl and Marc are reunited with the remarkable 16-year-old hacker, Bianca Lewis, who also delivered an amazing keynote speech at the event. They also got the chance to hang out with the visionary Sam Elliot, Head of Product Management at BeyondTrust.

In today’s episode, James is speaking with Cyber-Anthropologist Lianne Potter, known as "The Anthrosecurist," who serves as the Head of SecOps at ASDA. Lianne shares valuable insights about building trust in cybersecurity teams, breaking free from functional fixedness to find solutions, and “improving” cybersecurity practices with her improv comedy skills.

Today’s episode is hosted by Karl Lankford. He is joined by Scott Behrens, Principal Security Engineer of Information Security at Netflix. Scott discusses the challenges of building a security program at Netflix, how threat modeling helps to identify vulnerabilities before they are exploited, and how he was able to bring down Netflix with a $2 Denial of Service (DoS) attack.

Today's episode is hosted by James. He is joined by former USA Most Wanted Cybercriminal, Brett Johnson, who was dubbed "The Original Internet Godfather" by the Secret Service. Brett shares his experience of creating the notorious cybercrime forum, ShadowCrew, and his eventual capture by the police at Disney World. He also discusses his remarkable journey of transforming from a hacker to a reformed cybersecurity advocate.

Today’s episode is hosted by Karl. He is joined by Shir Tamari, Head of Research at Wiz. Shir tells us how he conquered over 700 Counter-Strike 1.6 servers when he was just a kid in Israel and how his team at Wiz discovered major cloud vulnerabilities like the ChaosDB and the OMIGOD exploits.

Today’s episode is hosted by Karl. He is joined by “The People Hacker” Jenny Radcliffe, world-renowned social engineer and CEO of Human Factor Security. Jenny shares her stories of accessing buildings, bypassing security, and even coming face-to-face with a lion after hours (yes, she broke into a zoo as a kid)! Hear how Jenny uses her signature blend of psychology, con-artistry, and crafty manipulation to hack people and identify deception indicators!

Today’s episode is hosted by James. He is joined by Jason Youzwak, Security Researcher at Peraton Labs. Join us as Jason discusses how an overly-successful pen test earned him the affectionate nickname “tick mark”. Jason also tells us about one of his favorite hobbies: plunging into the frigid waters of Coney Island. Don’t get cold feet now, let’s dive in!

Today’s episode is hosted by James. He is joined by Ryan Kovar, Distinguished Security Strategist at Splunk. Join us as Ryan discusses how he accidentally disabled internet for an entire fleet during his time in the military and how a simple pen test burned over $600,000 of pies. Crust us, you knead to hear this episode.

Today’s episode is hosted by Karl. He is joined by Ted Harrington, Executive Partner at ISE (Independent Security Evaluators). Your mission, should you choose to accept: Listen as Ted discusses how to think like a hacker and how his team of ethical hackers overcame statistical improbability to predict the keys to over 700 Ethereum wallets.

Today’s episode is hosted by James. He is joined by Bianca Lewis, the 16-year-old Founder and CEO of Girls Who Hack. Bianca shares her first experience speaking at a cybersecurity convention, how she hacked a voting machine at DEFCON 26, and how it led her to start Girls Who Hack, an organization focused on teaching girls the skills of hacking. Move over Barbie, we’re not kidding around. Produced by ProSeries Media

Today’s episode is hosted by Karl. He is joined by Bill Graydon, Principal Researcher at GGR Security. Bill unlocks his secrets on physical pen testing, how he sizes up a building’s security prior to a break-in, and shares his story about getting caught red-handed and using social engineering to defeat security guards! Does the house always win? Find out on this episode of Adventures of Alice & Bob. Produced by ProSeries Media

Today’s episode is hosted by James. He is joined by Paula Januszkiewicz, CEO and Founder of CQURE. Today, Paula talks about why she started CQURE, why sharing information between cybersecurity professionals is so important, and how her team helped bring down an administrator who was sabotaging their own company from the inside. Produced by ProSeries Media

Today’s episode is hosted by Karl. He is joined by Fabio Viggiani, CTO at Truesec Group and self-described as "that hacker guy." Today Fabio kicks off the episode by sharing how he got his start in technology, strategies he has utilized to identify (and even predict) some very sophisticated cyberattacks and why a security investigation was made harder by a group of malicious insiders.

Today’s episode is hosted by Karl and James. They talk to Alethe Denis, Senior Security Consultant at Bishop Fox, about how children learn how to utilize social engineering at a young age, some common misconceptions about making a career out of social engineering, and why HR departments are a force to be reckoned with. Produced by ProSeries Media

Today’s episode is hosted by James. He is joined by Chris Silvers, Owner of CG Silvers Consulting, to talk about how someone with a hacker mindset can turn a prank into a powerful attack vector. Chris and James do some roleplay and reenact a couple of real-life calls from a social engineering attack Chris had executed in the past! Here is a link to the full presentation Chris Silvers gave at at DEF CON that includes the original call recordings : https://youtu.be/vgKAxd_4s0A Produced by ProSeries Media

Welcome to the Adventures of Alice & Bob podcast. Today’s episode is hosted by Karl Lankford. He is joined by John Hawes, the COO of AMTSO, to talk about building a world class virus replicator with spare computer parts, the importance of independent testing labs, and how more collaboration can help improve the cybersecurity industry. Produced by ProSeries Media

Ghostly Greetings! In today's frightfully fantastic episode, all three of our hosts get together to swap their nightmarish cybersecurity tales of bloodsucking phishing schemes, lurking critical vulnerabilities, and festering overprivileged access. If those stories don't chase you away, stay until the end where there's a sweet treat for our listeners. Don't miss this scream-worthy episode on Adventures of Alice & Bob! Produced by ProSeries Media

In today’s episode, James talks to Javvad Malik, a Security Awareness Advocate at KnowBe4 and Co-Founder of Security B-Sides London, to talk about his most memorable cybersecurity tales inside some of the largest financial & energy companies, how a single spreadsheet (with a giant security flaw) defiled an entire organization, and the inspiration behind Javvad’s ridiculously hilarious cybersecurity YouTube parody “Accepted the Risk”. All this and more on this week’s episode of Adventures of Alice & Bob! Produced by ProSeries Media

Today’s episode is hosted by Karl. He is joined by Brian Honan, Founder and CEO of IRISS and BH Consulting. Brian talks about how he created Ireland's first CERT, why Ransomware victims should never give in to their attackers, and why technology will never solve all of our cybersecurity problems. Produced by ProSeries Media

Today’s episode is hosted by Marc. He talks to John Strand, Owner of Black Hills Information Security, about how John's first job in cybersecurity landed him in the middle of one of the largest lawsuits in United States history, how the gates that keep people from getting into cybersecurity have changed over the years, and how malicious hackers will always have a step-up on pen testing. Check out Black Hills Infosec here : https://www.blackhillsinfosec.com/ Produced by ProSeries Media

Today’s episode is hosted by James and Karl. They talk to Chris Kirsch, Co-Founder and CEO of runZero about the ethics and philosophy behind social engineering (and how he got into teaching pickpocketing to red teamers), the amount of research that actually goes into the DEF CON Capture the Flag Competition (Chris won the coveted Black Badge at DEF CON 2017), how to protect yourself from Open Source Intelligence manipulation, and why he may (or may not) have psychic powers. Follow Chris’ social engineering escapade on today’s episode of Adventures of Alice & Bob! Produced by ProSeries Media

Today’s episode is hosted by James and Karl. They talk to Eva Galperin, the Director of Cybersecurity at EFF, about her efforts fighting against nation-state cyber attacks, why she switched her focus from APTs to stalkerware, and how she worked with a Maryland senator to pass a bill that will require law enforcement agencies to learn, as part of their standard training, how-to recognize cyberstalking, and understand the criminal laws concerning electronic surveillance and tracking. See what you can do to fight against stalkerware by going to https://www.eff.org/ Produced by ProSeries Media

Today’s episode is hosted by James. He talks to Geoff White an investigative journalist, author, and host of The Lazarus Heist podcast. They talk about hope to get people to care about their personal data, trying to explain complex tech in short news stories, and the Talktalk data breach. You can find Geoff at https://twitter.com/geoffwhite247 and you can read his book "The Lazarus Heist" here at https://www.amazon.co.uk/Lazarus-Heist-Hollywood-Finance-Inside/dp/024155425X Produced by ProSeries Media

In today's episode, James and Karl talk to Leah McLean, Vice President - Cybersecurity Specialist at Mastercard, about her experience handling the log4j attack, how-to maneuver cybersecurity attacks when you have very limited resources, and why she claims cybersecurity does not have a talent shortage (hint: stop looking for the unicorn). You can listen to Leah's podcast at https://the-ciso-diaries.captivate.fm/. Produced by ProSeries Media

Today we are introducing After Hours with Alice & Bob, a special live episode recorded at BeyondTrust’s GoBeyond event in Miami Florida. Our hosts James and Marc have a ton of fun talking to guests at the conference about embarrassing cybersecurity mistakes, AI, superheros, organized cyber crime, and more. Produced by ProSeries Media

In today's episode Marc and Karl are joined by Tanya Janca, best-selling author of Alice and Bob Learn Application Security, to talk about what it is like being a woman in cybersecurity, the origin story of We Hack Purple, and how important it is to be integrated and invested in the cybersecurity community. You can check out We Hack Purple here : https://wehackpurple.com/ and you can find her book Alice and Bob Learn Application Security here : https://www.amazon.com/Alice-Bob-Learn-Application-Security/dp/1119687357 Produced by ProSeries Media