The Parasite in the Machine: Unmasking the Speagle Infostealer

The Parasite in the Machine: Unmasking the Speagle Infostealer

Symantec Threat Hunters found malware that turns a legitimate document-security platform into its own exfiltration channel. Infostealer.Speagle hijacks Cobra DocGuard to chase Chinese ballistic missile documents — then uses the platform's own driver to delete itself. A look at the Runningcrab activity cluster. Listen in.

The Death of SIEM

SIEM was supposed to be the nerve center of every security operation — collect every log, correlate every event, surface every threat. Most organizations ended up with an expensive log warehouse that generates more noise than signal. Recorded live from RSAC, Dan sits down with Justin Falck — Head of Product for Endpoint at the Enterprise Security Group at Broadcom — to break down where the SIEM model broke, why "magic correlation" never showed up, and what's actually replacing it in modern security operations. In this episode: * The original promise of SIEM and where the math fell apart * How detection engineering became a budget black hole * Why XDR and MDR are reshaping the SOC * "Owning the blades" — vendor-native correlation vs. data-lake aggregation * Where SIEM still works (and the team sizes it takes) * A look at CBX, Carbon Black's XDR launch from RSAC More at security.com. Subscribe, rate, and share with your fellow defenders. Stay sharp, stay curious, stay human.

Hoodies to Headlines: The Evolution of Cybersecurity PR w/ W2 Communications

The Evolution of Cybersecurity Media & PR — with Tony Welz, W2 Communications Cybersecurity went from a niche trade-press beat to a nation-state strategy domain in about 25 years. Dan Mellinger sits down with Tony Welz, co-founder of W2 Communications — a strategic communications agency that's specialized in cybersecurity for 23 years — to unpack how the story got told along the way, and who's telling it now. Tony's been in the room for nearly every inflection point: working with Sourcefire from their A-round through their Cisco acquisition, watching FireEye seed the modern threat-research content model, navigating the Target/Sony/Ashley Madison breach era, and helping clients adapt to today's SEC disclosure rules and geopolitical cyber reality.

Iran's Cyber Warfare Playbook: What Defenders Need to Know Right Now

Iran has always been active in cyberspace — but with U.S. and Israeli kinetic operations underway in March 2026, they're under pressure to make an impact, and cyber is where they can fight asymmetrically. Dan Mellinger and Symantec threat intelligence veteran Dick O'Brien break down what defenders are actually seeing right now: active intrusions on 5–6 organizations in the U.S. and Canada, the recent Stryker attack that weaponized Microsoft Intune instead of malware, and why Iranian operators are rapidly absorbing Russian cloud-attack tradecraft. Plus: why Iran is effectively the #2 most prevalent nation-state adversary, the surprisingly effective social engineering campaigns they're running, the little-known Iranian origins of modern ransomware, and the practical steps every U.S.-facing organization should take this week. More analysis at security.com.

A Brief History of DLP

How did Data Loss Prevention go from a forgotten niche to a boardroom necessity? In this episode, host Dan Mellinger sits down with Matt Jones, Channel Technical Director for Information Security at Broadcom's Enterprise Security Group, to trace the full arc of DLP — from its earliest roots to its role in today's enterprise security stack. Matt brings over two decades of hands-on experience, from the days of MimeSweeper and email content inspection to building managed DLP services and working with Symantec DLP for 15+ years. Together, they explore: * 🕰️ The pre-DLP era — when data protection meant "don't leave documents on the printer" * 📜 The regulatory turning points — HIPAA, Sarbanes-Oxley, and how GDPR made the board finally pay attention * 🔍 How breach types evolved — from accidental data leaks to deliberate insider threats * 🤖 The role of AI and machine learning in modern data classification * ☁️ DLP in a cloud-first world — why the perimeter is gone and what that means for your data strategy * 💡 Matt's #1 piece of advice: Start with accurate data classification — and don't forget to review your policies Whether you're a security practitioner, a CISO, or just trying to understand why DLP matters more than ever, this episode delivers real history, real context, and real talk. 🔗 More insights at Security.com 🎧 Subscribe | Rate | Share Stay sharp, stay curious, and stay human. #Cybersecurity #DLP #DataLossPrevention #InfoSec #SecurityPodcast #DataSecurity #Symantec #Broadcom #CloudSecurity #ZeroTrust