The Adversarial Podcast Ep. 19 – AI-Powered Cybercrime, CISO job market, the BYOL elephant in the room cover art

The Adversarial Podcast Ep. 19 – AI-Powered Cybercrime, CISO job market, the BYOL elephant in the room

The Adversarial Podcast Ep. 19 – AI-Powered Cybercrime, CISO job market, the BYOL elephant in the room

Listen for free

View show details

About this listen

⬇️ See below for timestamps/summaries/references for each topic

00:00 Highlight/theme

00:37 Intro

01:37 Malvertising campaign leads to info stealers hosted on GitHub

11:59 Wall Street is worried it can't keep up with AI-powered cybercriminals

24:02 What Really Happened With the DDoS Attacks That Took Down X

28:34 Bring-your-own-laptop policies

40:41 Are WAFs useful or are they just another TPRM box to check?

46:59 Is the CISO job market warming up?

Malvertising campaign leads to info stealers hosted on GitHub

Microsoft Threat Intelligence uncovered a large-scale malvertising campaign in December 2024, affecting nearly one million devices globally. The attack originated from illegal streaming sites embedding malvertising redirectors, which funneled users to GitHub-hosted malware, with additional payloads delivered via Discord and Dropbox. This multi-stage attack leveraged info stealers like Lumma and Doenerium, along with remote monitoring tools, using advanced evasion techniques to steal system and browser data while maintaining persistence on compromised devices.

📖 References: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/

Wall Street is worried it can't keep up with AI-powered cybercriminals

A survey by Accenture found that 80% of bank cybersecurity executives believe generative AI is enabling cybercriminals faster than banks can respond. While banks invest billions in cybersecurity, they struggle to keep pace due to strict regulations and the rapid advancement of AI-powered scams that target customers, employees, and vendors. Cybercriminals exploit generative AI to craft sophisticated attacks, infiltrate supply chains, and identify vulnerabilities, making third-party risk a major concern for financial institutions.

📖 References: https://www.businessinsider.com/banks-ai-cybersecurity-threats-hackers-generative-ai-2025-3

What Really Happened With the DDoS Attacks That Took Down X

X experienced intermittent outages due to a series of DDoS attacks, which Elon Musk attributed to Ukrainian IP addresses, though cybersecurity experts argue that IP attribution alone is unreliable. Analysts suggest the attacks targeted improperly secured X origin servers, allowing a botnet of compromised cameras and DVRs to bypass Cloudflare protection. While a pro-Palestinian group claimed responsibility, experts emphasize that the attack’s true origin remains unclear due to the decentralized nature of botnets and the use of obfuscation techniques.

📖 References: https://www.wired.com/story/x-ddos-attack-march-2025/
activate_mytile_page_redirect_t1

What listeners say about The Adversarial Podcast Ep. 19 – AI-Powered Cybercrime, CISO job market, the BYOL elephant in the room

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com.au reviews

Amazon Reviews
No Reviews are Available
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.