Best Alias Cybersecurity Podcasts (2025)

1
CAPTCHA Con: Hackers' Evolving ClickFix Malware Trap 7:50

Play Pause

1d ago7:50

7:50

Got a question or comment? Message us here! “I’m not a robot.” 🤖 Hackers are exploiting fake “I’m not a robot” CAPTCHA pages to deliver malware. Host Andrew Hickman breaks down how this ClickFix attack uses social engineering to steal data and evade detection. Tune in to learn key defense tactics and how to keep your team protected. Support the sho…

1
RondoDox Botnet Expansion: The Shotgun Approach to IoT Exploitation 7:19

9d ago7:19

7:19

Got a question or comment? Message us here! This week on the #SOCBrief, Andrew breaks down RondoDox, a rapidly growing botnet campaign taking aim at routers, DVRs, and IoT devices worldwide. With over 50 vulnerabilities across 30+ vendors, this “shotgun” exploitation strategy is fueling massive DDoS and crypto-mining attacks. Support the show Watch…

1
Obscura Ransomware: Unmasking a Stealthy New Threat ⚠️ 12:25

16d ago12:25

12:25

Got a question or comment? Message us here! In this week’s #SOCBrief, Hickman and Peters break down Obscura ... a new ransomware variant making waves with aggressive evasion tactics, process terminations, and domain controller targeting. We cover what’s known so far, the risks it poses to businesses, and the key defenses every SOC should prioritize…

1
🛡️ Pen Test Potential: How Organizations Are Missing Out on Fortifying the SOC 🛡️ 20:08

23d ago20:08

20:08

Got a question or comment? Message us here! What’s the real difference between a penetration test and a red team engagement, and how can each benefit your SOC? In this episode, Andrew is joined by Tanner, to unpack how pentests uncover vulnerabilities, how red teams stress-test defenders, and why every organization should be leveraging these exerci…

1
2025 SECCON Debrief 25:33

24d ago25:33

25:33

By Alias Cybersecurity

1
034 - Final Episode 42:45

27d ago42:45

42:45

In this final episode of The Lockdown, I reflect on the journey of the podcast, and explaining why I’m redirecting my energy to other projects. I discuss the importance of practical privacy measures, measures over an ‘all-or-nothing’ approach, as well as sharing my thoughts on threat modeling, and address several listener questions about privacy to…

1
🚨 Ransomware Rising: Variants, Tactics, and Defenses in 2025 🚨 7:29

30d ago7:29

7:29

Got a question or comment? Message us here! Ransomware is evolving faster than ever, from double extortion tactics to lightning-fast attack chains. In this episode, we break down how these threats work, why every organization is a target, and the layered defenses SOCs can use to detect and stop attacks early. Support the show Watch full episodes at…

1
💢 FileFix Fiasco 💢 Steganography's Stealthy StealC Drop 5:53

1M ago5:53

5:53

Got a question or comment? Message us here! In this episode of The #SOCBrief, we break down the rising FileFix attack, a new social engineering technique using steganography to deliver info-stealing malware. Learn how attackers disguise malicious PowerShell commands, the risks this poses for browsers, messengers, and crypto wallets, and the proacti…

1
Monitoring the Dark Web for Leaked Data in DFIR 6:28

1M ago6:28

6:28

Got a question or comment? Message us here! 🔎 This episode of The #SOCBrief dives into the world of dark web monitoring in digital forensics and incident response. Learn why leaked credentials are a top threat, how to safely detect exposures, and what steps SOC teams can take to stay proactive. Support the show Watch full episodes at youtube.com/@a…

1
Mastering Incident Response: Essential for SOC Success 8:41

2M ago8:41

8:41

Got a question or comment? Message us here! 💡 This week on The SOC Brief, we’re breaking down incident response (IR) ... why it’s essential, how to build a strong plan, and what SOC teams can do to turn chaos into control. From preparation and containment to recovery and lessons learned, learn how a solid IR strategy saves time, money, and reputati…

1
033 - Black Mirror - Is the UK's Surveillance State Coming to America? 38:14

2M ago38:14

38:14

In this episode, I share news from my recent trip to the UK, noticing how it seems to have reached the epic proportions of a Black Mirror episode; from the absurd TV licensing program to the new Digital ID Brit cards that will track your behavior. I also explore how the UK may be serving as a testing ground for new levels of behavioral surveillance…

1
DEF CON 33 Debrief 48:45

2M ago48:45

48:45

Got a question or comment? Message us here! Fresh off the chaos of DEF CON 33, Tanner, Hickman, and Will break down the four-day hacker conference, from the eye-opening hacker villages and mind-bending talks to Hickman’s clutch CTF victory and Will’s bold dive into the Social Engineering Community’s Vishing Competition. No sleep, all signal. Suppor…

1
⚠️ Crypto24 ⚠️ Ransomware: Bypassing EDR and Bolstering Defenses 8:22

2M ago8:22

8:22

Got a question or comment? Message us here! In this episode, we break down the emerging Crypto24 ransomware attacks that use living-off-the-land techniques to bypass EDR. We’ll explore how these attacks unfold and the defensive strategies SOCs and organizations can use, like layered security, enhanced monitoring, and rapid response, to stay ahead o…

1
🚨 Gone Vishing: The Recent Surge of Vishing Attacks 10:50

3M ago10:50

10:50

Got a question or comment? Message us here! This week, we’re unpacking the phishing wave hitting SaaS platforms ... from social engineering to OAuth abuse and AI voice spoofing. Learn why people remain the #1 attack vector and how to stay one step ahead. Support the show Watch full episodes at youtube.com/@aliascybersecurity. Listen on Apple Podcas…

1
032 - No Salt Required: Listener Questions Before the Break 21:40

3M ago21:40

21:40

In this episode I address listener feedback and questions, from clarifying my stance on the “Tea” controversy to sharing practical tips from the community about Privacy.com workarounds. This episode covers some loose ends before I take a brief hiatus. I also discuss why I won’t be at Black Hat this year, share thoughts on minimalism versus practica…

1
🚨 SonicWall Firewall Ransomware Breakdown 9:19

3M ago9:19

9:19

Got a question or comment? Message us here! On this episode of the #SOCBrief, we break down attacks on SonicWall firewalls. A wave of ransomware, possibly exploiting zero-day vulnerabilities, is compromising even fully patched systems. Learn how SOCs can respond fast and stay ahead. Support the show Watch full episodes at youtube.com/@aliascybersec…

1
031 - When Privacy Tools Betray You, Safety Apps That Dox and Revoked Anonymous Payments 54:23

3M ago54:23

54:23

In this episode, I discuss the challenges facing privacy-focused payment solutions like Privacy.com, exploring alternatives and the troubling rise of KYC requirements across the industry. I dive deep into the Switzerland privacy crisis that’s forcing Proton to consider relocating their infrastructure, and what this means for encrypted email provide…

1
Spilling the Tea: What Happens When Apps Launch Without Locking Down Security ☕ 13:23

3M ago13:23

13:23

Got a question or comment? Message us here! This week’s SOC Brief unpacks how a misconfigured cloud bucket exposed 72,000+ user images from the Tea app, complete with geolocation metadata and real IDs. From national security risks to doxxing fallout, we break down what went wrong and what your security team must do to avoid the same mistakes. Suppo…

1
🚨⚠️ A Critical ZERO-DAY (CVE-2025-53770) 17:54

3M ago17:54

17:54

Got a question or comment? Message us here! A critical zero-day (CVE-2025-53770) is actively targeting on-premises SharePoint servers AND it’s already been used to compromise over 100 organizations. In this #SOCBrief, Andrew and Tanner break down how the exploit works and what steps your team should take now. If your SharePoint instance is public-f…

1
🚪 Offboarding isn't just HR's job … 15:47

3M ago15:47

15:47

Got a question or comment? Message us here! In this week’s #SOCBrief, we break down why offboarding policies are ABSOLUTELY critical for security teams. Overlooked items from abandoned accounts to old VPN access can leave backdoors wide open. Learn how SOCs monitor, contain, and shut down lingering access, and why communication between HR, IT, and …

1
Aligned by Design: CISO x Legal in Practice - Episode 92 54:40

3M ago54:40

54:40

Got a question or comment? Message us here! 🎙️ NEW! Aligned by Design: CISO x Legal Introducing! A fresh new series that explores the intersection of cybersecurity and legal strategy. Join Alias CISO Jonathan Kimmitt and privacy attorney Tom Vincent as they unpack what happens when technology, compliance, risk, and law collide. From real-world expe…

1
030 - Info Stealers, GrapheneOS Drama, and Why Video Games and Anti-Virus Are Spyware 52:42

3M ago52:42

52:42

In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple’s private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint…

1
🚨 Record-Shattering DDoS Attack Alert 🚨 11:41

4M ago11:41

11:41

Got a question or comment? Message us here! Hackers just unleashed the largest DDoS attack in history, peaking at 7.3 Tbps and 4.8 billion packets per second. In just 45 seconds, it pummeled its target with the data equivalent of over 9,000 HD movies, a powerful reminder of how far attack capabilities have evolved. 🎧 Tune in to today’s SOC Brief fo…

1
Secure AF SOC Brief #5 - Chrome CVE-2025-6554 9:04

4M ago9:04

9:04

Got a question or comment? Message us here! In this episode of The SOC Brief, the team unpacks a critical zero-day vulnerability in Google Chrome (CVE-2025-6554) that’s being actively exploited. Learn how attackers use type confusion bugs to hijack browser memory, what makes this exploit so dangerous, and why it’s targeting high-value organizations…

1
Ep 91: The Engineers React to Breach News 45:27

4M ago45:27

45:27

Got a question or comment? Message us here! In this episode, our security engineers break down the latest cybersecurity headlines, from the real scoop behind the “16 billion password” leak to the rise of hacker groups like Scattered Spider. 🕷️ We discuss how attackers bypass MFA, why exploited data keeps resurfacing, and what organizations can do t…

1
029 - Minimize not Militarize and Avoiding Surveillance with GrapheneOS 54:26

4M ago54:26

54:26

In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robo…

1
Secure AF SOC Brief #4 - False Positives 12:25

4M ago12:25

12:25

Got a question or comment? Message us here! In this episode of The SOC Brief, Andrew and Dax dive into the world of false positives – those misleading alerts that flood security teams with noise. They discuss how misconfigurations, lack of context, and overly sensitive rules can lead to alert fatigue. With practical tips on investigation, tuning to…

1
Secure AF SOC Brief #3 - IOCs 14:46

4M ago14:46

14:46

Got a question or comment? Message us here! 🔐 New SOC Brief Episode: Tracing the Breadcrumbs Cybercriminals always leave a trail, if you know where to look. In this episode, we break down Indicators of Compromise (IOCs) and how they help security teams detect and respond to threats faster. 🎯 What we cover: • Real-world incident reports & proof of c…

1
Episode 90: Global Wars - Cyber Strikes Back 50:11

4M ago50:11

50:11

Got a question or comment? Message us here! 🎙️ New Secure AF Episode: Global Wars: Cyber Strikes Back 🌐⚔️ How does global news shape cybersecurity operations? In this episode, we dig into how real-world events influence the threats we track, the way we respond, and the tools we use for social engineering/pentesting. 🔍 We talk threat intel, evolving…

1
028 - Silence & Stealth - Mailbox, Email & Anti-KYC Phone Strategies 45:28

4M ago45:28

45:28

In this episode, I discuss three key strategies for maintaining privacy and security across your physical mailbox, email, and phone. I discuss the growing Matrix community, explore alternative mailing solutions using co-working spaces, detail a four-tier email strategy, and examine the concerning spread of Flock ALPR cameras. I also share insights …

1
Secure AF SOC Brief #2 - SafePay 10:57

4M ago10:57

10:57

Got a question or comment? Message us here! 🎙️ This Week on the SOC Brief: Join Andrew and Dax as they dive into the emergence of a new threat actor known as SafePay 🕵️‍♂️💻. They break down the latest tactics, techniques, and procedures observed from this group, offering insights into how organizations can stay vigilant. From detection strategies 🔍…

1
027 - Stop Playing the Game, Join The New Matrix Privacy Community 44:16

5M ago44:16

44:16

In this episode, I discuss breaking free from the Apple ecosystem, the dangers of social media oversharing, and introduce our new Matrix community. I also cover the upcoming capture the flag challenge, share thoughts on the OSINT Defense & Security Framework progress, and rant about security theater at airports and online services that block VPNs. …

1
Episode 89: Meet the Alias SOC - on the Battlefront of Cybersecurity 29:57

5M ago29:57

29:57

Got a question or comment? Message us here! 🔐 Inside the SOC 🔐 Go behind the scenes with the Alias Security Operations Center (SOC) team to learn how they operate, collaborate, and tackle today’s top cyber threats ⚔️. Find out why a SOC matters, and how organizations can still leverage SOC insights and support, even without one in-house 💼. 🎧 Tap in…

1
Secure AF SOC Brief #1 - SOC Life 11:25

5M ago11:25

11:25

Got a question or comment? Message us here! Welcome to 🎙️The SOC Brief 🎙️our byte-sized mini series bringing you weekly updates straight from the Security Operations Center. In this episode, Andrew, Dax, and Dylan break down what life in the SOC looks like, the rise of malvertising, and the emerging threat known as Recipe Lister, discussing how it’…

1
026 - Ghost in the Source (Announcement) 7:35

5M ago7:35

7:35

In this brief episode between travels, I announce the “Ghost in the Source” capture the flag challenge, a cryptographic hunt on my website starting June 21st, 2025. At the end of June I will pick 3 lucky winners which will receive a 6-month TryHackMe subscription voucher. I also provide an update on our new Matrix community. In this week’s episode:…

1
025 - AI Privacy Concerns with ChatGPT and Claude 38:36

5M ago38:36

38:36

In this episode, I explore the privacy implications of using AI apps like ChatGPT and Claude on mobile devices. I discuss why ChatGPT’s requirement for Google Play Store login and audio recording storage led me to Claude on my GrapheneOS device. I also cover my daily app setup, Windows telemetry blocking with SimpleWall, macOS privacy with Little S…

1
024 - Minimize What Can Be Known with the OSINT Defense & Security Framework (OSDF) 42:20

6M ago42:20

42:20

In this episode, I discuss what has been keeping me away from the mic, the Open Source Intelligence Defense and Security Framework (ODSF), and share updates on privacy topics including browser security, autonomous taxis, airport security cameras, and managing cryptocurrency. I also address listener questions about anonymous SIM cards and creating s…

1
Episode 88: Two-Time CISO Showdown Champion (and Chad) 46:05

6M ago46:05

46:05

Got a question or comment? Message us here! Alias Cybersecurity Jonathan Kimmitt is joined by Chad Kliewer to discuss the exciting CISO Showdown competition between Chief Information Security Officers (CISOs) at BSidesOK. They delve into the history of the showdown, how it works, and highlight significance of the championship belt. Tune in as they …

1
Episode 87: Securing Patient Data with HIPAA's New Security Rules 53:31

7M ago53:31

53:31

Got a question or comment? Message us here! Alias Cybersecurity CISO Jonathon Kimmitt is joined by Derrac Page to discuss the new changes to the HIPAA security rules being set in place this year. Listen as they go over many of the biggest points raised from the 660+ page guidelines and discuss ways that HIPAA Privacy Officers and HIPAA Security Off…

1
Episode 86: How to make your pen test training not suck 33:05

7M ago33:05

33:05

Got a question or comment? Message us here! Following BSides Oklahoma where Tanner gave an 8 hour training on the basics of penetration testing, Tanner and Keelan give advice on how to present red team/pen test training... specifically how to make the trainings not suck. Sponsored by AFCyberAcademy.com. Support the show Watch full episodes at youtu…

1
Episode 85: Is SANS the overpriced dinosaur of cybersecurity training? 43:24

8M ago43:24

43:24

Got a question or comment? Message us here! On this week's Secure AF podcast, Tanner poses a controversial question: is SANS the overpriced dinosaur of cybersecurity training? The answer is not a simple one. Listen in as Tanner and CISO Jonathan Kimmitt go in depth on the pros and cons of different security certifications such as Offensive Security…

1
023 - Apple Removes ADP in the UK, the Privacy Implications and Listener Q&A 30:36

8M ago30:36

30:36

In this episode, we dive into Apple’s latest privacy retreat with the removal of Advanced Data Protection (ADP) for iCloud in the UK. We break down why Apple made this move, how ADP works, and what it means for users who care about encryption and data security. If you’re in the UK and using Apple’s ecosystem, this episode is a must-listen as I cove…

1
022 - Deep Dive into Session Private Messenger with Co-Founder Kee Jefferys 1:10:14

9M ago1:10:14

1:10:14

In this week’s episode, we take a deep dive into Session, a private messaging app, with its co-founder Kee Jefferys. We discuss the philosophy behind Session, its technical architecture, and the broader implications of privacy in a world increasingly hostile to anonymous communication. Kee shares insights on the importance of decentralized networks…

1
Episode 84: New Years Cyber Resolutions Part 2 52:37

9M ago52:37

52:37

Got a question or comment? Message us here! As we step into the new year, it's essential to reinforce our defenses against cyber threats. Join Jonathan Kimmitt and Todd Wedel for part 2 of their discussion of cyberresolutions. Their list includes: - **Data Inventory**: Know your data—what, where, and who has access. Regular audits are a must! - **B…

1
021 - Digital Minimalism and Why Your Messages Aren't Really Private 41:27

9M ago41:27

41:27

In this week's episode we dive deep into both the psychological and privacy implications of social media apps. I reflect on my observations during recent travels, and explore how social media platforms are distorting human connections while simultaneously collecting vast amounts of personal data. The episode also tackles the technical aspects of em…

1
Episode 83: New Years Cyber Resolutions Part 1 37:34

10M ago37:34

37:34

Got a question or comment? Message us here! 🚀 Kickstart 2025 with Cybersecurity Resolutions! 🔐 In our latest podcast episode, Todd and Jonathan discuss crucial strategies for a secure year ahead. Tune in for more insights and make this year your most secure yet! 🎧✨ #Cybersecurity #AI #Secure2025 Support the show Watch full episodes at youtube.com/@…

1
020 - The State of Privacy in 2025 57:51

10M ago57:51

57:51

This week on The Lockdown, The Practical Privacy & Security Podcast, we’re kicking off the new year with reflections, updates, and a deep dive into key privacy issues that are shaping 2025. From privacy settings on iOS and GrapheneOS, to AI assistants and their potential privacy pitfalls, this episode covers practical advice, insights, and solution…

1
019 - A Conversation with Luke Mulks from Brave Software 1:01:44

11M ago1:01:44

1:01:44

In this episode I speak with Luke Mulks, who is the VP of Business Operations at Brave Software. We discuss the privacy concerns over traditional web-based ads, and why Brave is offering a privacy-first alternative. Show Links: Brave Software: https://brave.com/podcast/ The Brave Technologist Podcast: https://brave.com/podcast/ "Well who's gonna mo…

1
Episode 82: Leaving It All On The Table - The What, How, and Why of Tabletop Exercises 43:37

11M ago43:37

43:37

Got a question or comment? Message us here! Ready for an IR? You may have controls, policies, and procedures, but how do you know they exist? Are robust? Followed and adhered to? Join Jonathan Kimmitt and Alexandria Hendryx as they discuss what a tabletop is, how to conduct one effectively, and why they matter to your organization to prevent and pr…

1
018 - Back to the Basics and not Overthinking Privacy 49:12

11M ago49:12

49:12

In this episode, we go back to the basics as I discuss what I would do today if I were starting from scratch. It begins with deleting social media accounts, especially Facebook. Additionally, we have an update from Optery in response to listener feedback. We discuss tools like LibreWolf, Brave, and GrapheneOS, and compare privacy approaches for mob…