Cyber threats aren't slowing down—and neither are we. In episode 38 of Cyber Security America, I sit down with two powerhouses from Surefire Cyber—Karla Reffold and Billy Cordio—to pull back the curtain on what’s really happening in today’s incident response and threat intelligence landscape.

💡 What we cover:

📈 Real-world ransomware trends (like longer dwell times and SSH backdoors) 📨 Surging business email compromise tactics—attachments are the new attack vector 🔐 Why incident response retainers are more valuable than ever 🔥 Rapid resiliency: 5 key misconfigurations every business must address 🧠 How threat actors are using AI (and why they still don’t need it to win)

💬 Candid career advice for aspiring DFIR and intel pros Whether you’re a CISO, SOC leader, or cyber-curious professional, this episode gives you front-line insights from the experts handling these threats daily. 🎧 Listen now and secure your edge: [https://www.darkstack7.com/podcast] #CyberSecurity #IncidentResponse #DFIR #ThreatIntelligence #Ransomware #BEC #SurefireCyber #CyberSecurityAmerica #Podcast #EDR #mfa #Resilience #digitalforensics

https://www.linkedin.com/in/joshuanicholson/

In this powerful episode, we sit down with Kyle DuPont, CEO and Co-Founder of Ohalo, the trailblazing company reshaping the way organizations understand and manage unstructured data.

With deep experience in both finance and technology, including a background at Morgan Stanley, Kyle shares the origin story of Ohalo and how their flagship product, Data X-ray, is revolutionizing data governance through advanced machine learning and natural language processing (NLP).

We explore how Ohalo empowers major banks, governments, and enterprises to discover, classify, and protect sensitive data in a world of increasing complexity, compliance pressure, and security risks. From the rise of generative AI to the ethical implications of automation, this episode is packed with practical insights and future-facing perspectives.

Whether you're a tech leader, data scientist, or simply curious about the future of AI and data, this conversation is a must-watch.

🕒 Chapter Timestamps
00:00 – Introduction to Kyle DuPont and Ohalo
01:44 – Kyle's Journey to Founding Ohalo
03:35 – Understanding Data X-ray and Its Applications
05:21 – Challenges in Data Security and AI Solutions
07:04 – The Role of AI in Data Management
13:31 – Cultural Insights and Personal Anecdotes
15:27 – Ideal Customers and Use Cases for Ohalo
17:56 – Future of AI and Data Management
20:56 – The Future of AI: Predictions and Implications
21:10 – Automation and Productivity: Embracing AI Tools
21:55 – The Evolution of Coding and Business Processes
24:36 – AI in Business: Real-World Applications
26:46 – Emerging AI Protocols and Security Concerns
29:53 – Ethical and Legal Implications of AI
36:22 – Advice for Aspiring AI Professionals
38:32 – Conclusion and Final Thoughts

📢 Don’t forget to like, comment, and subscribe for more expert-led conversations on data, AI, and the future of technology. For the show video versions and the Cyber Battlefield training series are available.

https://www.youtube.com/@cybersecurityamerica_show

#AI #ArtificialIntelligence #MachineLearning #DataScience #DataSecurity #CyberSecurity #NaturalLanguageProcessing #FinTech #BigData #DataGovernance #GenerativeAI #TechPodcast #StartupStories #Innovation #Automation #FutureOfWork #DigitalTransformation #UnstructuredData #Ohalo #KyleDuPont #DataPrivacy #AIethics #TechLeadership

In episode 36, Josh welcomes renowned intelligence systems expert Stephen Arnold to shine a light on one of the most underestimated threats in cybersecurity today—Telegram. Known to most as a simple messaging app, Telegram is quietly operating as a “super app” for cyber crime. From crypto laundering and hamster games masking gambling platforms, to automated money laundering, dark web-style marketplaces, and human trafficking operations, Telegram's labyrinthine infrastructure is designed for scale, secrecy, and obfuscation.

🔍 What you'll learn:

• How Telegram morphed into a platform for organized cyber crime

• The shocking links to cryptocurrency laundering through games like Hamster Combat

• The automation of criminal finance using bots and wallets

• Real-world examples of Telegram-enabled fraud, crime, and digital exploitation

• What law enforcement is doing—and not doing—to combat it

• The ethical gray zone of Telegram’s elusive founder and the platform’s murky governance

📕 Featuring insights from Stephen Arnold’s upcoming book The Telegram Labyrinth—exclusive to law enforcement and intelligence professionals.

📢 Don’t miss this revealing backstage pass into one of the most sophisticated cybercrime infrastructures on the planet.

🔹 Listen now: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285

🔹 Follow the podcast: https://www.darkstack7.com/

🔹 Connect with Joshua Nicholson: https://www.linkedin.com/in/joshuanicholson/

🔔 Subscribe, comment, and share if you’re ready to stay ahead in the cyber battlefield.

#CyberSecurityAmerica #TelegramExposed #CyberCrime #DigitalUnderground #StephenArnold #JoshNicholson #InfoSec #CryptoCrime #TelegramLabyrinth #HamsterCombat #OpenSourceIntel #MDR #IncidentResponse #CyberIntel #clt #charlotte #CyberSecurityPodcast #DarkWeb #AML #DigitalThreats #CyberRisk #CISOInsights

Join host Joshua Nicholson, a seasoned cybersecurity veteran with over 24 years of frontline experience, as he dives deep into the high-stakes world of incident response and takes you on an exclusive dark web tour. In this power-packed episode, Joshua shares real-world lessons learned from handling hundreds of cyber incidents, breaking down the best practices, critical backup strategies, and common pitfalls that organizations face when responding to attacks.

But that’s not all—this episode also unmasks the dark web, revealing its hidden layers, the tools and techniques used to navigate it, and the threats lurking in its shadows. From TOR networks, VPNs, and sock puppets to cybersecurity playbooks and business-aligned security strategies, this episode is a must-listen for IT professionals, CISOs, and business leaders alike.

🔹 Listen now: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285

🔹 Follow the podcast: https://www.darkstack7.com/

🔹 Connect with Joshua Nicholson: https://www.linkedin.com/in/joshuanicholson/

#CyberSecurity #IncidentResponse #DarkWeb #CyberThreats #CyberDefense #InfoSec #SOC #TOR #VPN #CyberRisk #ThreatIntel #DigitalForensics #EthicalHacking #CyberWar #DataBreach #CyberStrategy

🎙 Episode 34 - Job Hunting: Top 10 Tips to Land the Next One

Looking for your next big career move? In this episode of Cyber Security America, we break down the Top 10 Tips to help you navigate the job market and secure your next role with confidence. Whether you're a seasoned cybersecurity professional or just starting out, we’ll cover essential strategies—from optimizing your resume and acing interviews to leveraging your network and standing out in a competitive field.

📺 Watch the full video version on YouTube: Cyber Security America

📝 Read the full article on LinkedIn: Job Hunting 2025: Top 10 Tips to Land Your Next Role

👤 Learn more about the host, Joshua Nicholson:
🔗 Website: www.darkstack7.com
🔗 LinkedIn: www.linkedin.com/in/joshuarnicholson

🎧 Listen now on your favorite podcast platform!

Don’t miss this essential career guide—subscribe, watch, and read to stay ahead in your job search! 🚀

Top 10 GRC Program Tips – Build vs. Buy with an Amazon Leader! We’re back with another powerful episode featuring one of the top minds at Amazon. In this episode, we dive deep into Governance, Risk, and Compliance (GRC) and explore the Top 10 Tips for GRC Program Success. Should you build your own security governance tools or buy them off the shelf? Our guest shares expert insights on making the right call for your business! 🔴 Don’t miss this! Subscribe and hit the notification bell so you stay ahead in cybersecurity.

🔗 Follow for more cybersecurity insights: 🎧 Listen on your favorite podcast platform

📲 Share with your network #CyberSecurity #GRC #RiskManagement #CyberRisk #BuildVsBuy #Compliance #TechLeadership #Amazon #CyberPodcast #CyberSecurityAmerica #Infosec #DataSecurity #CISO #SecurityOperations #CyberAwareness #CloudSecurity #itsecurity (www.darkstack7.com https://www.linkedin.com/in/joshuanicholson/ https://x.com/nicholsonj7111)

Welcome to Episode 32 of our podcast, where we explore the evolving landscape of cybersecurity in the Middle East. In this installment, we delve into the complexities of implementing Zero Trust in the region, focusing on the challenges and opportunities foreign companies face while adopting this vital framework. Zero Trust is more than a buzzword—it's a multi-faceted journey that requires a deep dive into the five core pillars: identity, network, application, device, and data. These pillars form the foundation of the Zero Trust maturity model, and every organization looking to implement this framework must evaluate its maturity across these domains.

Our guest, Kamel Tamimi, a visionary cybersecurity professional with over two decades of experience, joins us to discuss how the Middle East is embracing Zero Trust as a strategic defense against growing threats. Kamel explains that achieving Zero Trust maturity isn’t a single-department project or a one-time task—it’s a continuous improvement process that involves both technology and practices. As technologies like multi-factor authentication (MFA) become more accessible and affordable, organizations can integrate them into their Zero Trust models to better protect their data and assets. Kamel also highlights how AI and machine learning are revolutionizing Zero Trust, enabling dynamic, risk-based decisions based on a wealth of real-time data.

AI’s role in Zero Trust is pivotal—processing vast amounts of data quickly to assess the risk of every request. With machine learning, Zero Trust systems can not only verify identities but also detect anomalies such as unusual login times or unfamiliar devices. This dynamic, data-driven approach helps companies better secure their networks, with the flexibility to take actions beyond simply allowing or blocking access. For instance, AI can divert suspicious traffic to deception systems or apply more rigorous security controls based on the risk profile of a user or device.

Kamel also touches on the practical side of implementing Zero Trust in the Middle East. It’s not about ripping and replacing your infrastructure; it’s about re-architecting your security framework to align with the Zero Trust principles. The journey begins with evaluating your identity management system and ensuring it can support advanced features like MFA and single sign-on. The other pillars—network, application, device, and data—must also be addressed in a comprehensive strategy that evolves over time.

As we explore these themes, we also discuss broader regional trends, such as the expansion of hyperscale data centers by global tech giants like Google, Oracle, Azure, and Alibaba in Saudi Arabia, UAE, and Qatar. The drive for data sovereignty, regulatory compliance, and job creation is reshaping the cybersecurity landscape in the region, making Zero Trust even more relevant.

Join us for an insightful conversation with Kamel Tamimi as we unpack the complexities of adopting Zero Trust in the Middle East and explore the intersection of technology, strategy, and cybersecurity.

Stay updated with the latest episodes of Cyber Security America by visiting our YouTube Channel Cyber Security America and subscribing on Apple Podcasts. Connect with Joshua Nicholson on LinkedIn here.

#Cybersecurity #MiddleEast #ZeroTrust #AI #MachineLearning #ThreatIntelligence #DataSovereignty #TechAdvancements #DigitalTransformation #Podcast #CybersecurityChallenges #ForeignOperations

Episode 31, Welcome to season two of the Cyber Security America podcast. In this episode, we explore the evolving landscape of cloud security, focusing on critical considerations for organizations migrating to Office 365 and Azure AD. Stay tuned as we unravel essential strategies and insights to bolster your security posture in the cloud.

In traditional on-prem environments, users authenticate to domain controllers within a network. However, replicating this infrastructure to Azure Cloud introduces significant changes. Now, users can authenticate from anywhere globally, leading to numerous failed authentications and increased MFA prompts. This new setup can cause account lockouts that do not synchronize back to the on-prem domain controller. Therefore, when moving to Office 365, it's crucial to consider Microsoft's Defender for Identity for enhanced security posture, compliance, threat detection, and vulnerability assessments.

One of the most significant security concerns is PowerShell. It's frequently used in legitimate administrative actions and by malicious actors. Hardening PowerShell is essential, and this includes enabling transcription, which captures input and output of commands, and script block logging, which ensures Base64 encoded commands are logged and can be decoded for analysis. This helps to detect and respond to malicious activities without relying on external tools like CyberChef.

Furthermore, enforcing script execution policies (restricted, bypass, remote signed, all signed) helps manage which scripts can run, though these policies are not foolproof security controls. The key is to use them as intended to prevent unintended script execution.

Constrained language mode is another vital hardening measure, restricting access to commands that can invoke Windows APIs, which are often exploited to download malware. For example, commands like `Add-Type` can load arbitrary C# code and are frequently used in attacks.

Additionally, integrating the Anti-Malware Scanning Interface (AMSI) into applications can help detect and prevent script-based threats by scanning unobfuscated scripts before execution. This is particularly useful in environments where PowerShell is heavily used, as it adds an extra layer of security.

Effective cybersecurity requires technical depth and business alignment. Start by understanding your industry's regulations and standards. Align your cybersecurity strategy with business risks and integrate threat intelligence, incident response management, and continuous attack surface management. This strategic approach ensures a comprehensive security posture.

Finally, as organizations migrate to Azure AD and other cloud services, several key security considerations must be addressed. This includes understanding architecture changes, monitoring data flow, and ensuring tool rationalization. Critical components often overlooked include proper deployment of MFA and firewall management. PowerShell security remains a top priority, requiring logging configurations that decode Base64 and using digital signatures to verify scripts.

Emerging technology threats, such as AI model poisoning and DNS over HTTPS, also need attention. Monitoring DNS logs for threat hunting is crucial, but the shift to DNS over HTTPS complicates this. Additionally, remote access solutions like RDP should be used in just-in-time mode to prevent continuous exposure.

In summary, moving to the cloud and adopting new technologies necessitates a robust cybersecurity framework that integrates traditional security measures with advanced threat detection and response capabilities.

#Cybersecurity #PowerShell #AzureAD #CloudSecurity #Office365 #DefenderForIdentity #MFA #ThreatDetection #ITSecurity #CyberThreats #CloudMigration #PowerShellSecurity #DNSOverHTTPS #AIThreats #RemoteAccess #ITCompliance #SecurityBestPractices #IncidentResponse #ThreatIntelligence