One of the most common tips for avoiding online scams is to only shop at reputable retailers. But what happens when those very retailers are turned into social engineering vectors? In this week's episode of Security Intelligence, host Matt Kosinski and panelists Bryan Clark, Michelle Alvarez and Dave Bales talk about the streaming devices that promise to let you watch all your favorite shows for free—so long as you don’t mind turning your house into a botnet, that is. And to make matters worse, they’re often sold through legitimate online marketplaces. We also cover: - The Shai-Hulud worm is back and wreaking havoc on the software supply chain - Developers leaking secrets and PII to unsecured, publicly available dev tools - What the Gainsight data breach teaches us about cyberattack timelines - How to jailbreak an AI model with the power of poetry 00:00 – Intro 1:34 - Shai-Hulud returns 10:50 - Developers can’t keep a secret 16:17 - Gainsight data breach hits 200 companies 22:39 - Is your house a botnet? 35:35 - Malicious poems break AI guardrails The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>Listen to our interview on discovering a new malware strain → <a href="https://www.ibm.com/think/podcasts/security-intelligence/discover-a-new-malware-strain" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence/discover-a-new-malware-strain</a>

Dave Bales

X-Force Incident Command 

Bryan Clark

Senior Technology Advocate 

Michelle Alvarez

Manager, X-Force Strategic Threat Analysis

Supply chain worms, leaky dev tools, the botnet in your living room and why you should never read your AI companion a poem.  

Your house might be a botnet, your devs are leaking secrets and poems are breaking your AI guardrails

Security Intelligence is a weekly news podcast for cybersecurity pros who need to stay ahead of fast-moving threats. Each week, we cover the latest threats, trend, and stories shaping the digital landscape, alongside expert insights that help make sense of it all. Whether you’re a builder, defender, business leader or simply curious about how to stay secure in a connected world, you’ll find timely updates and timeless principles in an accessible, engaging format. New episodes weekly on Wednesdays at 6am EST.

Security Intelligence

Being a malware reverse engineer isn’t always glamorous work. You spend a lot of time digging through junk emails.&nbsp;&nbsp;&nbsp;But when you find something in there—well, that’s a whole different story.&nbsp;&nbsp;&nbsp;On this episode of Security Intelligence, X-Force Malware Reverse Engineer Raymond Joseph Alfonso tells us about the time he discovered a curious new malware loader in the honeypot. And that leads to a bigger conversation about how hackers hide malicious code from view—and some of the new techniques they’re cooking up to stay hidden.&nbsp;&nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp;Learn more about QuirkyLoader → <a href="https://www.ibm.com/think/x-force/ibm-x-force-threat-analysis-quirkyloader" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/x-force/ibm-x-force-threat-analysis-quirkyloader</a>&nbsp;&nbsp;&nbsp;Follow the Security Intelligence podcast on your preferred platform → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;

Raymond Joseph Alfonso

Malware Reverse Engineer, X-Force Threat Intelligence

What happens when a malware reverse engineer discovers a new strain of malicious software right in their inbox? Security Intelligence tells the story.  

Trawling the honeypot: What it’s like to discover a new malware strain

Discovering a new malware strain

Do you think you’re too smart to fall for a Black Friday scam? Generative AI might knock you down a few pegs. On this episode of Security Intelligence, host Matt Kosinski and panelists Suja Viswesan, Dave McGinnis and Nick Bradley discuss how threat actors are using AI to turbocharge holiday scam season. Plus: - IBM X-Force makes malware research tools public - The dark web job market is thriving - AI fraud schemes are getting quite elaborate And the story of an enterprising insider threat who tried to turn his employer’s wind turbines into cryptojacking machines. Spoiler: He got caught. 00:00 – Introduction 02:45 – Holiday scam season 13:37 – X-Force malware research tools 19:47 – Dark web jobs report 24:41 – Factory finds an AI fraud ring 31:48 – Cryptojacking wind turbines The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Learn more about cybersecurity → <a href="https://www.ibm.com/think/security" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/security</a>Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence " rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence </a>Learn more about the X-Force Malware Threat Research GitHub → <a href="https://www.ibm.com/think/x-force/introducing-x-force-malware-threat-research-public-github-repository " rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/x-force/introducing-x-force-malware-threat-research-public-github-repository </a>

Nick Bradley

Dave McGinnis

Dave McGinnis, Global Partner, Cyber Threat Management Offering Group 

Suja Viswesan

Vice President, Security Products 

This week we cover AI fraud, holiday scams and the dark web job market. It’s not as grim as it sounds! 

The dark web job market thrives, AI fraud rings rise and it’s holiday scam season.

Anthropic says it disrupted a nearly fully autonomous espionage campaign carried out by AI agents. But some cybersecurity pros are skeptical of the framing. On the latest episode of Security Intelligence, host Matt Kosinski is joined by Ryan Anschutz, Evelyn Anderson, Seth Glasgow and Mixture of Experts podcast fixture Chris Hay to dig into Anthropic’s report and the range of responses to it. Plus: The newest OWASP Top 10 is here, the ransomware landscape is cracking up and does cyber insurance just encourage hackers? All that and more on Security Intelligence. 00:00 -- Introduction01:29 -- Anthropic’s AI spy ring bust15:44 -- OWASP Top 10 202524:41 -- Small ransomware gangs33:45 -- Is cyber insurance worth it?&nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>Subscribe for AI and security updates → <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>

Ryan Anschutz

North America Leader of X-Force Incident Response

Seth Glasgow

Cyber Range Executive Advisor

Chris Hay

Distinguished Engineer

Evelyn Anderson

CSS CTO, IBM Distinguished Engineer, IBM Master Inventor

Anthropic says it disrupted a nearly fully autonomous espionage campaign carried out by AI agents. Some cybersecurity pros are skeptical of the framing.

Anthropic stops AI spies, the new OWASP Top 10 and the rise of small-time ransomware

Have we lost the plot when it comes to AI malware?&nbsp;&nbsp; This week, host Matt Kosinski and panelists Claire Nunez, Austin Zeizel and Dave Bales discuss the growing trend of cybersecurity pros pushing back on AI malware “research.” Is it all puffery? Genuine threat? Some secret third thing? &nbsp; Plus: How hackers are stealing real-world cargo, time-delayed malware, the Louvre’s weak password and why don't more people patch their OT systems?&nbsp;&nbsp;&nbsp; 00:00 – Introduction 01:15 – The IT-OT gap 11:18 – Digital cargo thieves 20:12 – Time-delayed logic bombs 25:53 – AI malware vs. AI slop 33:47 – The Louvre’s password The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; &nbsp;Learn more about AI malware →&nbsp;<a href="https://www.ibm.com/think/insights/defend-against-ai-malware" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/insights/defend-against-ai-malware</a>&nbsp;Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;&nbsp;

Claire Nuñez

Creative Director, IBM X-Force Cyber Range

Austin Zeizel

Threat Intelligence Consultant 

AI slop vs. AI malware: Is there really a difference? Listen to this week’s episode of Security Intelligence to find out. 

AI slop in cybersecurity, OT security fails and lessons from the Louvre heist

What do AI agents, the stock market and behavior-based threat detection tools have in common? You’ll need to listen to this week’s episode of Security Intelligence to find out.&nbsp; Join host Matt Kosinski and panelists Sridhar Muppidi and Cris Thomas for a jam-packed conversation, including new ways to build malicious AI agents, a malware strain that types like a person, a social engineering scheme that manipulates stock prices and a banner year for bug bounties.&nbsp; Plus: When it comes to new tech, why does governance always lag so far behind implementation?&nbsp; All that and more on Security Intelligence.&nbsp;&nbsp; The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; Read more about the AI governance gap →<a href="https://www.ibm.com/think/insights/cios-ai-risk-governance-gap" rel="noopener noreferrer" target="_blank"> https://www.ibm.com/think/insights/cios-ai-risk-governance-gap </a>Check out our new special edition episode → <a href="https://www.ibm.com/think/podcasts/security-intelligence/social-engineering-expert-talks-physical-security" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence/social-engineering-expert-talks-physical-security</a>Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>Subscribe for AI and security updates → <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52954" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52954</a>

Sridhar Muppidi

IBM Fellow, CTO IBM Security 

Cris Thomas

X-Force Global Lead of Technical Eminence 

What do AI agents, the stock market and behavior-based threat detection tools have in common? Find out on this week’s Security Intelligence.  

Android malware that acts like a person and AI agents that act like malware

Could you break into an office armed with nothing more than a coffee-stained resume and some charisma? Meet someone who can.&nbsp; Today’s bonus episode of Security Intelligence features an in-depth interview with Stephanie Carruthers, Global Head of Cyber Range and Chief People Hacker at IBM X-Force.&nbsp;&nbsp; Stephanie shares the harrowing tale of one of her most daring physical security assessments. Along the way, we discuss why physical security and cybersecurity are two sides of the same coin, highlight common physical security gaps and reveal why your office trash is a criminal’s treasure.&nbsp;&nbsp; The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp; Learn more about physical security in cybersecurity: <a href="https://www.ibm.com/think/insights/physical-cybersecurity" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/insights/physical-cybersecurity</a>

Stephanie 'Snow' Carruthers

 Global Head of Cyber Range | Chief People Hacker, X-Force

Learn why organizations need to treat physical security and cybersecurity as two sides of the same coin.  

IBM

Recent Episodes

SEASON 1

Your house might be a botnet, your devs are leaking secrets and poems are breaking your AI guardrails

Trawling the honeypot: What it’s like to discover a new malware strain

The dark web job market thrives, AI fraud rings rise and it’s holiday scam season.

Anthropic stops AI spies, the new OWASP Top 10 and the rise of small-time ransomware

AI slop in cybersecurity, OT security fails and lessons from the Louvre heist

Android malware that acts like a person and AI agents that act like malware

How to break into an office: A social engineering expert talks physical security

About The Show

Security Intelligence

Matt Kosinski

Host