Could you break into an office armed with nothing more than a coffee-stained resume and some charisma? Meet someone who can.&nbsp; Today’s bonus episode of Security Intelligence features an in-depth interview with Stephanie Carruthers, Global Head of Cyber Range and Chief People Hacker at IBM X-Force.&nbsp;&nbsp; Stephanie shares the harrowing tale of one of her most daring physical security assessments. Along the way, we discuss why physical security and cybersecurity are two sides of the same coin, highlight common physical security gaps and reveal why your office trash is a criminal’s treasure.&nbsp;&nbsp; The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp; Learn more about physical security in cybersecurity: <a href="https://www.ibm.com/think/insights/physical-cybersecurity" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/insights/physical-cybersecurity</a>

Stephanie 'Snow' Carruthers

 Global Head of Cyber Range | Chief People Hacker, X-Force

Learn why organizations need to treat physical security and cybersecurity as two sides of the same coin.  

How to break into an office: A social engineering expert talks physical security

Subscribe to the IBM Think newsletter: https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Is a safe AI browser even possible?&nbsp;&nbsp;&nbsp;On this week’s super spooky Halloween episode of Security Intelligence, host Matt Kosinski and panelists Suja Viswesan, J.R. Rao and Dave McGinnis discuss the terrifying security risks of ChatGPT Atlas. Plus: The ghost network spreading malware on YouTube, an invisible worm that drops a “Zombi” payload and AWS’s brush with the grave. (Notice a theme?)&nbsp;&nbsp;And stick around for a sneak peek of a very special episode at the end.&nbsp;&nbsp;&nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp;&nbsp;&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;&nbsp;&nbsp;

Should you use an AI browser like ChatGPT Atlas? Three security pros weigh in. We also talk mobile security, invisible malware and the AWS outage.  

Is ChatGPT Atlas safe? Plus: invisible worms, ghost networks and the AWS outage

AI browsers, ChatGPT Atlas, AWS outage, mobile security, computer worm 

Is Windows 10 dead? This week, panelists Michelle Alvarez, Sridhar Muppidi and Jeff Crume join host Bryan Clark to discuss support for Windows 10 coming to an end. We also talk AI use in SOCs, automated code repair and the battle against payroll pirates coming after your next paycheck. 00:00 – Intro 01:10 – RIP Windows 10 08:38 – The future of SOCs 19:41 – AI code repair 31:27 – Plundering payroll pirates The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence Subscribe to the IBM Think newsletter: https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120

Sridhar Muppidi

IBM Fellow, CTO IBM Security 

Michelle Alvarez

Manager, X-Force Strategic Threat Analysis 

Jeff Crume 

IBM Distinguished Engineer, Master Inventor, AI and Data Security

From AI-powered SOCs to automated code repair and battling payroll pirates. All this and more on Security Intelligence.   

RIP Windows 10, automated code repair and battling the payroll pirates

What does it take to trick an AI agent? Not a whole lot, it turns out. This week, panelists Nick Bradley, Claire Nuñez and Jeff Crume join host Matt Kosinski to discuss a couple of new methods for hijacking AI agents and breaking their guardrails. We also talk recent evolutions in DDoS attack trends, the legacy of zero trust and some glaring security flaws in an extremely popular AI training app. Plus: We ring in Cybersecurity Awareness Month with the traditional airing of grievances. 00:00 – Introduction 01:38 – Tricking AI agents 15:18 – The DDoS comeback 26:03 – 15 years of zero trust 36:02 – Neon exposes user calls 44:34 – Cybersecurity myths The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe to the IBM Think newsletter: 	<a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>		&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;Learn more about cybersecurity: <a href="https://www.ibm.com/think/security" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/security</a>&nbsp;

Claire Nuñez

Creative Director, IBM X-Force Cyber Range 

Jeff Crume

 Nick Bradley

X-Force Incident Command 

AI agent scams, DDoS attack trends and what it takes to make zero trust work. All this and more on Security Intelligence.    

How to scam an AI agent, DDoS attack trends and busting cybersecurity myths

An AI security CEO thinks we’re six months away from an “AI vulnerability cataclysm.” Is this a legitimate threat, or just fear-mongering? On this week’s episode, host Matt Kosinski and panelists Cris Thomas, Suja Viswesan and Troy Bettencourt debate whether we're headed straight for an AI security disaster. We also react to reports on Scattered Spider’s return (surprise!), a potential new strain of the devastating Petya ransomware and a survey of common cloud misconfigurations. Plus: Hot takes on dumb cybersecurity rules. All this and more, on Security Intelligence.&nbsp;&nbsp;&nbsp;&nbsp;00:00 – Intro &nbsp;01:02 – The AI apocalypse&nbsp;12:53 – Scattered Spider’s back&nbsp;23:41 – Misconfiguration risks&nbsp;32:35 – What is HybridPetya?&nbsp;42:46 – Dumb cybersecurity rules&nbsp;&nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp; Subscribe to the IBM Think newsletter: <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;Learn more about cybersecurity: <a href="https://www.ibm.com/think/security" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/security</a>&nbsp;

Cris Thomas (Space Rogue)

X-Force Global Lead of Technical Eminence  

Suja Viswesan

VP of Security Products 

Troy Bettencourt

Global Partner & Head of X-Force 

The AI vulnerability apocalypse, the return of Scattered Spider, new Petya ransomware and more. All this and more on Security Intelligence. 

The AI vulnerability apocalypse, a new strain of Petya and dumb cybersecurity rules

Has the most notorious cybercrime gang of the moment really hung up its keyboards?&nbsp;In this episode of Security Intelligence, host Matt Kosinski along with panelists Dave Bales, Michelle Alvarez and Sridhar Muppidi discuss Scattered Lapsus$ Hunters’ retirement announcement, the ethics of ransomware research, software supply chain security lessons from the npm hack, the state of OT security, and hiring fraud.&nbsp;&nbsp; Plus: Dave takes on CVSS scores.&nbsp; All this and more, on Security Intelligence.&nbsp;&nbsp; 00:00 – Intro&nbsp;&nbsp;02:12 – Scattered Lapsus$ Hunters retire&nbsp;8:05 – AI ransomware is here&nbsp;15:43 – npm hijacking&nbsp;24:51 – X-Force on OT threats&nbsp;35:27 – AI hiring fraud&nbsp;41:36 – A hacker and Huntress EDR&nbsp; The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; Subscribe to the IBM Think newsletter: <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;Learn more about cybersecurity: <a href="https://www.ibm.com/think/security" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/security</a>&nbsp;

Dave Bales

Michelle Alvarez 

Manager, X-Force Strategic Threat Analysis

The end of Scattered Lapsus$ Hunters, the rise of AI ransomware and hot takes on CVSS scores: All that and more on this episode of Security Intelligence.

AI ransomware, hiring fraud and the end of Scattered Lapsus$ Hunters

Have we made cybercrime too easy? In the very first episode of Security Intelligence, panelists Jeff Crume, Suja Viswesan and Nick Bradley join host Matt Kosinski to discuss the invention of vibe hacking and HexStrike AI, an offensive security framework that threat actors are co-opting to command their own AI agent armies. We also discuss Scattered Lapsus$ Hunters’ unconventional new ransom demand and the rise of the RATs, or remote access trojans. Plus: A game of “Would You Rather?" &nbsp;&nbsp;00:00 – Intro&nbsp;1:40 – Introducing vibe hacking&nbsp;9:28 – HexStrike AI fuels AI agent crime&nbsp;14:42 – AI agent cyber attacks vs. Human cyber attacks&nbsp;18:16 – Scattered Lapsus$ Hunters want Google to fire employees&nbsp;26:03 – Remote Access Trojans on the rise&nbsp;&nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; Subscribe to the IBM Think newsletter: <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>&nbsp;Follow the Security Intelligence podcast on your preferred platform: <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;Learn more about cybersecurity: <a href="https://www.ibm.com/think/security" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/security</a>&nbsp;

IBM Distinguished Engineer, Master Inventor, AI and Data Security 

Suja Viswesan 

VP of Security Products

Nick Bradley

How are defenders dealing with vibe hacking, HexStrike AI, Scattered Lapsus$ Hunters and cybersecurity's RAT problem? Listen to Security Intelligence to find out.  

Vibe hacking, HexStrike AI and the latest scheme from Scattered Lapsus$ Hunters

Security Intelligence is a weekly news podcast for cybersecurity pros who need to stay ahead of fast-moving threats. Each week, we cover the latest threats, trend, and stories shaping the digital landscape, alongside expert insights that help make sense of it all. Whether you’re a builder, defender, business leader or simply curious about how to stay secure in a connected world, you’ll find timely updates and timeless principles in an accessible, engaging format. New episodes weekly on Wednesdays at 6am EST.

IBM

How to break into an office: A social engineering expert talks physical security

DESCRIPTION

Today's Host

Matt Kosinski

Today's Guests

Stephanie 'Snow' Carruthers

Recent Episodes