Security Is an Illusion: Malware, IOCs, and Supply Chain Risk

Security Is an Illusion: Malware, IOCs, and Supply Chain Risk

Malware attribution is harder than most teams want to admit. Attackers can copy another group’s TTPs, swap tools, buy access, abuse trusted update paths, and make your EDR’s story look cleaner than reality. In this episode of C-Suite Cyber, Mike Small and AJ sit down with Diyar Saadi to talk through malware analysis, attribution, targeted attacks, social engineering, firmware malware, and why defenders cannot rely on tools alone. Expect to hear: * Why the target often matters more than the malware when figuring out who is behind an attack * How attackers copy public TTPs to confuse attribution * Why hashes, IPs, domains, and tool names can be weak evidence on their own * What defenders misunderstand about MITRE ATT&CK, IOCs, and the Pyramid of Pain * Why social engineering, initial access brokers, and MFA bypasses are still major business risks * How firmware malware and update service hijacking can turn trusted updates into compromise paths * Diyar’s advice for anyone learning malware analysis: OS internals, Windows internals, programming, networking, and curiosity This one gets into the uncomfortable truth behind a lot of security programs: tools help, but they do not replace fundamentals, manual analysis, or attacker-minded curiosity. ___________________________________ Connect with Diyar: https://reversethemalware.blogspot.com/ https://www.linkedin.com/in/diyarsaadi/ ___________________________________ Links: https://github.com/Adaptix-Framework/AdaptixC2 https://github.com/bishopfox/sliver https://github.com/HavocFramework/Havoc https://www.ransomware.live/ https://github.com/horsicq/detect-it-easy https://github.com/mandiant/flare-floss https://github.com/mandiant/capahttps://www.virustotal.com/ https://github.com/mandiant/flare-fakenet-ng https://hex-rays.com/ida-prohttps://github.com/KasperskyLab/hrtng https://malwareunicorn.org/https://malapi.io/ ___________________________________ Sponsor: Tandem Cyber Solutionshttps://tandemcybersolutions.com/csuitecyber/ ___________________________________ Connect with C-Suite Cyber: ⁠⁠LinkedIn⁠⁠ [https://www.linkedin.com/company/c-suite-cyber-podcast]⁠⁠⁠ [https://x.com/suite_cybe82537] ⁠X⁠⁠ [https://x.com/suite_cybe82537] ⁠⁠Instagram⁠⁠ [https://www.instagram.com/csuitecyberpodcast/]⁠⁠⁠ [https://www.tiktok.com/@c_suite_cyber_podcast] ⁠TikTok [https://www.tiktok.com/@c_suite_cyber_podcast]

Why Most Companies Are Still Easy to Hack

What are most organizations still getting wrong with security? In this episode, we sit down with Spencer (@techspence), a penetration tester who’s tested over 150 organizations, to break down the real-world gaps attackers are still exploiting every day. We start with a surprising truth: some of the most effective attacks today aren’t new. Simple issues like local admin password reuse are still everywhere, and they’re often all an attacker needs to take over an environment. From there, we dig into how the shift to cloud and hybrid environments is changing the game. Moving to Microsoft 365 and Entra doesn’t eliminate risk, it reshapes it. Identity has become the new battleground, and misconfigurations, over-permissioned users, and weak access controls are opening doors most teams don’t even realize exist. We also get into: * Why “secure” is a myth and resilience is what actually matters * How attackers bypass EDR and why detection is still lagging behind * The hidden risks in SaaS, SSO, and vendor trust * Why context matters more than vulnerability severity scores * How to communicate security findings in a way the business actually understands Plus, we explore what’s coming next. AI, agent-based workflows, and the rise of supply chain risk are creating entirely new attack surfaces, and most organizations aren’t ready. Spencer shares why AI won’t replace pentesters anytime soon, but will force everyone in the industry to level up. This episode is packed with real-world insights from the front lines of offensive security, along with lessons for defenders, leaders, and anyone responsible for protecting a business. If you want to understand what actually matters in security right now, this is the conversation to listen to. ___________________________________ Connect with Spencer: https://www.linkedin.com/in/spenceralessi/ https://spenceralessi.com/ https://x.com/techspence https://www.youtube.com/@cyberthreatpov ___________________________________ Connect with C-Suite Cyber: ⁠LinkedIn⁠ [https://www.linkedin.com/company/c-suite-cyber-podcast]⁠ [https://x.com/suite_cybe82537] X⁠ [https://x.com/suite_cybe82537] ⁠Instagram⁠ [https://www.instagram.com/csuitecyberpodcast/]⁠ [https://www.tiktok.com/@c_suite_cyber_podcast] TikTok [https://www.tiktok.com/@c_suite_cyber_podcast]

AI, Culture, and Cyber Risk in Post-Merger Integration

Cybersecurity risk does not stop at due diligence. In this episode of C-Suite Cyber, Ceneé LaTulippe breaks down why post-merger integrations fail, where security programs start to break down after an acquisition, and what leadership teams miss when execution is treated like side work instead of a core business priority. The conversation covers culture fit, governance, security assessments, remediation planning, AI-related risk, and the real challenges that show up in the first 60 to 90 days after a deal closes. Ceneé LaTulippe is the Founder & CEO of 5280 PMO Services, an execution authority firm serving mid-market and private equity-backed organizations when the work cannot fail. She specializes in M&A integrations, enterprise software implementations, AI enablement, operational restructuring, and complex program recoveries. 5280 PMO is a senior-led execution authority firm focused on stabilizing, governing, and accelerating high-impact strategic initiatives. Through its Value Realization Model, the firm helps leadership teams turn complex transformation efforts into measurable financial outcomes across M&A, AI enablement, software implementation, and other board-level priorities. Sponsor: Tandem Cyber Solutions [https://tandemcybersolutions.com/csuitecyber/] Connect with Ceneé and 5280 PMO: Ceneé LaTulippe on LinkedIn [https://www.linkedin.com/in/cenee-latulippe-a876396/] 5280 PMO on LinkedIn [https://www.linkedin.com/company/5280pmo] 5280 PMO on YouTube [https://www.youtube.com/@5280PMO] Ceneé on Instagram [https://www.instagram.com/cenee_5280pmo/] 5280 PMO on Instagram [https://www.instagram.com/5280pmoservices/] Connect with C-Suite Cyber: LinkedIn [https://www.linkedin.com/company/c-suite-cyber-podcast] X [https://x.com/suite_cybe82537] Instagram [https://www.instagram.com/csuitecyberpodcast/] TikTok [https://www.tiktok.com/@c_suite_cyber_podcast]

Your Cyber Health: The Preventative Care Side of Cybersecurity

In this episode, Jeremy Banon shares insights on how cybersecurity is increasingly akin to healthcare—focused on prevention, routine check-ups, and informed decision-making rather than fear-based reaction. He emphasizes the importance of proactive security practices, personalized risk assessments, and educating clients to treat cyber health like their physical health. ___________________________________ Connect with Jeremey https://www.linkedin.com/in/jeremybanon/ https://cyberhealth.co/ ___________________________________ Sponsor: ⁠⁠⁠Tandem Cyber Solutions⁠⁠⁠ [https://tandemcybersolutions.com/csuitecyber/] ___________________________________ Let's connect! ⁠⁠⁠LinkedIn⁠⁠⁠ [https://www.linkedin.com/company/c-suite-cyber-podcast] ⁠⁠⁠X⁠⁠⁠ [https://x.com/suite_cybe82537 ] ⁠⁠⁠Instagram⁠⁠⁠ [https://www.instagram.com/csuitecyberpodcast/ ] ⁠⁠⁠TikTok⁠⁠⁠ [www.tiktok.com/@c_suite_cyber_podcast]

Cyber Threat Intelligence That Actually Drives Action w/Matt H.

In this episode of C-Suite Cyber, AJ and Mike sit down with Matt Hopkins to break down what cyber threat intelligence actually means for business leaders and security teams. Matt shares his path from military service into cybersecurity and explains why most organizations struggle to turn threat intelligence into something actionable. The conversation dives into how CTI teams can prioritize what really matters, communicate effectively with leadership, and avoid drowning in data. They also discuss how organizations with limited budgets can leverage open source intelligence and practical frameworks to build meaningful intelligence capabilities. The episode explores how AI is reshaping CTI, why context matters more than volume, and how improving collaboration between executives and security teams leads to stronger detection and response. Matt also talks about building a Cyber Threat Intelligence MCP server and how modern tools are making advanced capabilities more accessible than ever. Reach out to Matt: LinkedIn [https://linkedin.com/in/matthew-hopkins] Email [matt@coopercybercoffee.com]Open CTI MCP Server Repo [https://github.com/CooperCyberCoffee/opencti_mcp_server] Sponsor: ⁠⁠Tandem Cyber Solutions⁠⁠ [https://tandemcybersolutions.com/csuitecyber/] ___________________________________ Let's connect! ⁠⁠LinkedIn⁠⁠ [https://www.linkedin.com/company/c-suite-cyber-podcast] ⁠⁠X⁠⁠ [https://x.com/suite_cybe82537 ] ⁠⁠Instagram⁠⁠ [https://www.instagram.com/csuitecyberpodcast/ ] ⁠⁠TikTok⁠⁠ [www.tiktok.com/@c_suite_cyber_podcast]