Best Clue Software Podcasts (2025)

1
Breaking Down the F5 Breach 27:12

Play Pause

21h ago27:12

27:12

In the wake of the disclosure of a serious intrusion at F5 that reportedly lasted about a year, we talk about the details of the disclosure, the potential link to Chinese state actors, the fallout from the attackers' access to source code and bug reports, and what this could mean in the long term.By Decipher

1
AI Attack and Defense With Adam Meyers and Elia Zaitsev of CrowdStrike 57:26

1d ago57:26

57:26

Have you heard about this AI thing? It's wild. Turns out, attackers are using it for all kinds of things we'd rather not have them doing. Dennis Fisher is joined by two experts from CrowdStrike--Adam Meyers, head of counter adversary operations, and Elia Zaitsev, CTO--to talk about how both defenders and attackers are leveraging AI and where things…

1
More Cl0p Clues and Huge Apple Bug Bounty Changes 14:17

7d ago14:17

14:17

This week brings some new insights into the origins and length of the Cl0p extortion attacks tied to the Oracle E-Business Suite vulnerability, big surges in scanning for Cisco ASA, Palo Alto, and Fortinet devices, and a huge upgrade to Apple bug bounty payouts. Plus: Does Dennis have a dog yet? https://security.apple.com/blog/apple-security-bounty…

1
The Hacker Movie Canon: WARGAMES 1:04:30

9d ago1:04:30

1:04:30

What you see on these screens up here is a fantasy; a computer-enhanced hallucination. WarGames may be 42 years old (!) but its prescience about our current technocracy and race to take humans out of the loop is as clear as ever. Dennis Fisher, Lindsey O-Donnell-Welch, Zoe Lindsey, and Pete Baker sit down in front of an IMSAI 8080 with some raw cor…

1
The Cl0p-Oracle Extortion Emails, Red Hat Breach, and Sad Government News 35:27

14d ago35:27

35:27

Dennis and Lindsey dissect a busy week in security news, starting with the Cl0p group's extortion campaign against Oracle customers (3:24), then moving into the Crimson Collective's claimed breach of some of Red Hat GitLab's repos (12:41), and finally the consequences of the expiration of th CISA legislation and de-funding of the MS-ISAC (22:46). P…

1
The Hacker Movie Canon: SNEAKERS 58:54

22d ago58:54

58:54

The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data. It's all just electrons. Daniel Cuthbert joins Dennis Fisher to dive into an all-tiime, undisputed hacker movie classic, the 1992 masterpiece, Sneakers. We dissect the movie's genesis, its technical accuracy and prescience, and disc…

1
New Targeted Phishing Attack Trends With Adam Bateman of Push Security 31:33

28d ago31:33

31:33

Adam Bateman, co-founder and CEO of Push Security, joins Dennis Fisher to talk about a new, highly targeted phishing campaign the company uncovered that uses compromised LinkedIn accounts in order to harvest victims' Google or Microsoft credentials through a fake investment, then discuss trends in browser-based attacks and defensive challenges.…

1
NPM Package Compromises, Sen. Wyden's Ransomware Letter, and Apple's Memory Safety Advance 30:51

1M ago30:51

30:51

Dennis and Lindsey discuss the targeted compromises of NPM packages (1:00) and the pointed letter that Sen. Ron Wyden sent to the FTC chairman asking for Microsoft to be held liable for the Ascension ransomware attack last year (11:45) before finally touching on Apple's new memory safety technology for new iPhones (20:43). NPM compromise: https://d…

1
The Salesloft Drift Fallout and SBOM Guidance From CISA and NSA 28:53

1M ago28:53

28:53

Dennis and Lindsey talk through the continuing fallout of the Salesloft Drift incident (2:05) in light of the disclosure of several new companies that are involved, including Cloudflare, which published an excellent post-mortem on the intrusion. Then they discuss the new Shared Vision of SBOM for Cybersecurity published by CISA, NSA, and many forei…

1
Decipher Lives! 44:08

1M ago44:08

44:08

We are so back! After a bit of a hiatus, we're very excited to be back with new Decipher content for you in all of the old familiar places. And also some new ones. Join Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch as we start our new, independent phase, talk about what we've been up to, and discuss our plans for what fun stuff we have…

1
Will Lyne & Matt Horne: Cybercrime, national security, and the fight for resilience 30:45

2M ago30:45

30:45

Thomas is joined by Will Lyne, former Deputy Director of the National Crime Agency’s Cyber Intelligence team, and Matt Horne, Director of Intelligence and Investigations at Clue and Chair of TechUK’s National Security Committee, for a fireside chat on today’s rapidly evolving threat landscape. They explore how cybercrime has transformed into a glob…

1
Anna Rowe: How being catfished sparked an online safety movement 59:36

2M ago59:36

59:36

In this powerful episode, Thomas sits down with Anna Rowe – survivor, activist, and founder of Catch the Catfish – to uncover the disturbing reality of romance fraud. Anna shares her deeply personal journey, from being manipulated by a serial fraudster living a double life to becoming one of the UK’s leading voices on deception in online dating. To…

1
Will Lyne – Operation Destabilise: Inside a global crypto-laundering network 42:48

3M ago42:48

42:48

Join Thomas for a remarkable conversation with Will Lyne, former Deputy Director and Head of Cyber Intelligence at the UK’s National Crime Agency, as they unpack Operation Destabilise – a landmark investigation into one of the world’s most prolific money laundering networks. What began with tracking ransomware payments on the blockchain led Will’s …

1
Alex Rothwell – Fighting Fraud at the Heart of the NHS 48:02

4M ago48:02

48:02

Join Thomas for a compelling conversation with Alex Rothwell, CEO of the NHS Counter Fraud Authority, as they delve into one of the UK’s most complex and emotive crime landscapes: fraud in the National Health Service. From insider threats and procurement scams to multi-million-pound prescription fraud and criminal infiltration of NHS supply chains,…

1
Professor Mark Button – Inside West Africa’s cybercrime ‘kingdoms’ 55:36

4M ago55:36

55:36

Mark Button – Inside West Africa’s cybercrime ‘kingdoms’ Join Thomas for a revealing conversation with Professor Mark Button, Director of the Centre for Cybercrime and Economic Crime at the University of Portsmouth, as they delve into the hidden world of global fraud and the rise of sophisticated scam networks across West Africa. Drawing on years o…

1
Laura Eshelby: The new age of fraud - and how to fight it 48:08

4M ago48:08

48:08

Join Thomas for a compelling conversation with Laura Eshelby, former Cabinet Office counter fraud leader, as she unpacks two decades on the front lines of the UK’s fight against fraud. Starting her career as a graduate trainee and auditor, Laura quickly rose through the ranks to lead complex financial investigations into high-value legal aid fraud.…

1
Nick Sharp – Inside the UK’s war on economic crime 52:20

5M ago52:20

52:20

Join Thomas for a revealing conversation with Nick Sharp, Deputy Director of the National Economic Crime Centre (NECC), as they unravel the hidden web of fraud and financial crime that’s costing the UK billions every year. From romance scams and impersonation fraud to international laundering networks stretching from Southeast Asia to West Africa, …

1
Martin Dubbey – From drug busts to the Sochi doping scandal 50:59

5M ago50:59

50:59

Join Thomas as he speaks with Martin Dubbey, a former UK drug liaison officer turned international investigator, whose career spans from narcotics investigations in Customs and Excise to exposing one of the most audacious doping scandals in modern sport. Martin shares how his transition into private investigation led him to work alongside whistlebl…

1
Sarah Lewis OBE OLY – From Olympic slopes to anti-doping pioneer 44:46

6M ago44:46

44:46

Join Thomas as he dives into a fascinating conversation with Sarah Lewis OBE OLY, Olympic ski racer turned Secretary General of the International Skiing Federation (FIS), where she spent over two decades leading one of sport’s most crucial but complex battles - anti-doping. From the explosive Lahti scandal in 2001 to the shocking revelations at the…

1
Ian Smith: Esports – a game-changer for sports integrity? 1:04:25

1y ago1:04:25

1:04:25

In this episode, Ian Smith, Commissioner of the Esports Integrity Commission (ESIC), explores the fast-growing world of esports and its integrity challenges. Drawing from his experience tackling match-fixing in cricket, Ian explains his move into esports, where competitive gaming has surged in popularity, with players earning significant incomes an…

1
Neville Blackwood – On the frontlines of global law enforcement 58:48

1y ago58:48

58:48

In this episode, Thomas sits down with Neville Blackwood, a seasoned international law enforcement consultant and former senior police officer, to delve into the complexities of global policing. Neville recounts his journey from joining Thames Valley Police in 1982 to leading undercover operations against organised crime in Europe, which fueled his…

1
The Sony Hack Ten Years Later With Brian Raftery 45:17

1y ago45:17

45:17

The Sony Pictures hack in 2014 by the North Korean Lazarus Group was a seminal event both in Hollywood and in the security community, bringing to light the capabilities and ambitions of North Korean attackers and showing the damage a leak of sensitive data can be. Brian Raftery joins Dennis Fisher to discuss his new Ringer podcast, The Hollywood Ha…

1
Zero Day Reuse and A Busy Week for Iranian APTs 18:32

1y ago18:32

18:32

The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups targeting government, higher education, and private industry. We also check in on a new report from Google's Threat Analysis Group on APTs using the same exploits for zero days that were developed by pr…

1
Reddit's Matt Johansen on Identity Attacks, Enterprise Security, and Burnout 31:42

1y ago31:42

31:42

Reddit's head of software security Matt Johansen joins Dennis Fisher to talk about the highlights of Black Hat USA, the challenges of sorting security priorities in a large enterprise, and how he's learned to take care of his mental health after many years in the security industry.By Decipher

1
Phil Suddick – From covert law enforcement to sports integrity 1:08:15

1y ago1:08:15

1:08:15

Join Thomas as he delves into an enthralling conversation with Phil Suddick, the Head of Sport and Safeguarding at Clue Software, unravelling his remarkable career journey from law enforcement to becoming a torchbearer for sports integrity. Drawing from his specialised background in covert operations, Phil unveils how his prowess in undercover inte…

1
Rebekah Brown and John Scott-Railton on COLDRIVER and Russian Cyberespionage 23:12

1y ago23:12

23:12

Rebekah Brown and John Scott-Railton of the Citizen Lab join Dennis Fisher to dive into their group's new report on highly targeted spear phishing campaigns by the Russian threat actor COLDRIVER and then discuss the emergence of a new, possibly related group called COLDWASTREL.By Decipher

1
Back Hat USA 2024 Recap 20:08

1y ago20:08

20:08

Dennis Fisher and Lindsey O'Donnell-Welch reflect on their week in Las Vegas at Black Hat and discuss the talks they liked, including Moxie Marlinspike's keynote and the Google Project Zero retrospective, and the other topics they found interesting, including vulnerability exploitation versus social engineering and the AI ecosystem.…

1
Adam Pacifico – Developing a mindset for investigative leadership 1:10:27

1y ago1:10:27

1:10:27

Thomas joins Adam Pacifico, as the lawyer and leadership podcaster shares his unconventional career trajectory from barrister to police officer and back. This episode explores how technology shaped Adam’s work in law over the years and underscores the importance of meticulous detail and rationale in investigations. Discover how the passage of time …

1
Black Hat Podcast: Josh Harguess and Chris Ward 26:52

1y ago26:52

26:52

At Black Hat USA this year, Josh Harguess and Chris Ward, with Cranium AI, talk about the security challenges that organizations are experiencing while implementing AI in their environments, what AI red teaming consists of and the backstory of how MITRE Labs’ AI Red Team came to be.By Decipher

1
Gary McGraw on Data Feudalism 27:03

1y ago27:03

27:03

AI and machine learning security expert Gary McGraw joins Dennis Fisher to discuss the concept of data feudalism in LLM foundation models, what the security implications of it are, and whether narrowly focused models may help address these issues.By Decipher

1
Black Hat USA 2024 Preview: AI, AI, and More AI 46:46

1y ago46:46

46:46

Decipher editors Dennis Fisher and Lindsey O"Donnell-Welch are joined by Brian Donohue to dissect the Black Hat talks they're looking forward to, including sessions with H D Moore, Sherrod DeGrippo, and Moxie Marlinspike, and some talks they can't quite figure out from the titles.By Decipher

1
John Hammond on the CrowdStrike Outage 18:17

1y ago18:17

18:17

The fallout from the CrowdStrike outage continues more than a week after the faulty update, so Huntress security researcher John Hammond joins Dennis Fisher to talk about the lessons learned from the incident, our fragile software ecosystem, and what cybersecurity practitioners can do differently next time.…

1
Tyler Healy 30:17

1y ago30:17

30:17

Tyler Healy, CISO of Digital Ocean, joins Dennis Fisher to discuss the unique challenges of defending a huge platform, how AI is changing things for defenders, and what new challenges AI might bring in the near future.By Decipher

1
Matt Horne - The evolution of UK organised crime 59:27

1y ago59:27

59:27

Join Thomas as he delves into the intricate world of organised crime and technology with Matt Horne, a former detective with a distinguished 30-year career in law enforcement. As the former Deputy Director of Investigations at the National Crime Agency, Matt led Operation Venetic, a groundbreaking UK operation that dismantled an encrypted communica…

1
What Happened With the CrowdStrike Update and Azure Outage 11:47

1y ago11:47

11:47

CrowdStrike said a problem with an update the company pushed to Falcon sensors on Windows hosts on July 18 caused a blue screen of death, an issue that coincided with a Microsoft Azure outage and widespread outages across airlines, banks, hospitals, and other services. Our story on this incident: https://duo.com/decipher/crowdstrike-windows-update-…

1
Antonio Cocomazzi 19:43

1+ y ago19:43

19:43

FIN7 is a highly active and capable cybercrime group also known as Carbanak that has been evolving and using its own tools such as AVNeutralizer for many years. SentinelOne researchers Antonio Cocomazzi helps us dig into the group's tactics and tools. Read Antonio's new research here: https://www.sentinelone.com/labs/fin7-reboot-cybercrime-gang-enh…

1
George Barnes 39:08

1+ y ago39:08

39:08

Former NSA Deputy Director George Barnes joins Dennis Fisher to talk about his 35-year career at the agency, how he came to be intrigued by the cybersecurity world, the emergence of Cyber Command as a force inside the government, and what he sees as the priorities for defenders now.By Decipher

1
Peter Spindler - The enduring legacy of Operation Yewtree 1:12:47

1+ y ago1:12:47

1:12:47

In this compelling episode, Thomas sits down with Peter Spindler to delve into his distinguished career in law enforcement, spotlighting his pivotal role in Operation Yewtree. Spindler shares his journey from joining the police to spearheading one of the most significant investigations in UK history - the probe into sexual abuse allegations against…

1
Chris Hughes 23:11

1+ y ago23:11

23:11

Chris Hughes, co-founder of Aquia and a Cyber Innovation Fellow at the Cybersecurity and Infrastructure Security Agency, joins Dennis Fisher to talk about the challenges of supply chain security, working with the government to address systemic issues, and the importance of collaboration.By Decipher

1
The TeamViewer Breach and a Busy Week for APT29 10:07

1+ y ago10:07

10:07

Dennis Fisher and Lindsey O'Donnell-Welch dig into the news of the TeamViewer corporate breach, attributed to APT29/Midnight Blizzard, and news of more victims from the Microsoft intrusion by the same group earlier this year.By Decipher

1
Alex Wood - Inside financial crime with a reformed fraudster 59:44

1+ y ago59:44

59:44

Join Thomas as he enters the complex world of financial crime with reformed fraudster Alex Wood, and Clue Software’s Director of Intelligence and Investigations, Matt Horne, a seasoned former law enforcement leader and economic crime expert. With raw honesty, Alex recounts his past transgressions, unveiling how he exploited vulnerabilities to orche…

1
Cisco Talos: How Threat Actors Target MFA 15:42

1+ y ago15:42

15:42

Multi-factor authentication (MFA) is a critical form of defense for organizations, and threat actors are recognizing that: According to the latest Cisco Talos Incident Response Quarterly Trends report, instances related to MFA were involved in some capacity in half of all security incidents that the Talos team responded to in the first quarter of 2…

1
Metin Kortak 20:50

1+ y ago20:50

20:50

Metin Kortak, CISO with Rhymetec, talks about how organizations are approaching data privacy and security compliance, and thinking about risk management policies, when it comes to generative AI in the workplace.By Decipher

1
Deciphering Heat 1:02:28

1+ y ago1:02:28

1:02:28

Michael Mann's 1995 thriller Heat is considered by many people to be the best crime movie ever made. And hidden inside the intricate plot is a story of a lone hacker with a background at DARPA who uses his skills to set up scores for the crews in LA's underworld. Meg Gardiner, the co-author of Heat 2, and Casey Ellis, cofounder of Bugcrowd, join De…

1
Introducing Joining the Dots with Thomas Drohan 0:51

1+ y ago0:51

0:51

Joining the Dots provides real-world insights from those dedicated to justice, harm reduction, and global security. Hosted by Thomas Drohan, technologist and co-founder of Clue Software, each episode delves into the challenges and triumphs of those on the frontline tackling real issues like child abuse, human trafficking, corruption, organised crim…

1
Amy Bogac 35:33

1+ y ago35:33

35:33

Amy Bogac, a longtime security executive with a deep background in systems administration and networking, joins Dennis Fisher to talk about how she came to security, how her background in communications informed her career choices, and the difficult conversations that need to occur before someone has to push the button during an incident.…

1
The Microsoft Recall Recall 20:44

1+ y ago20:44

20:44

A few days after Microsoft announced the new AI-enabled Recall feature--generating tremendous concerns and pushback from the security and privacy communities--the company had decided to disable it by default, but many concerns still remain. A month after the company's CEO proclaimed that it would be "prioritizing security above all else", how did t…

1
The Challenges of Reporting on Complex Intrusions With Ryan Naraine 26:13

1+ y ago26:13

26:13

Veteran security journalist and podcaster Ryan Naraine joins the Decipher podcast to discuss the challenges of separating fact from fiction when reporting on complex incidents such as the Snowflake breach.By Decipher

1
Garrett Yamada 31:31

1+ y ago31:31

31:31

Garrett Yamada, associate director of identity security at Texas A&M University, talks about his experiences navigating identity challenges, building an identity-centric strategy and moving away from “home-grown, home-managed systems” that were historically used for authentication.By Decipher

1
Sarah Powazek 34:06

1+ y ago34:06

34:06

Sarah Powazek, the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, joins Dennis Fisher to talk about her work in setting up Cybersecurity Clinics at high education institutions around the country to help bring knowledge and skills to underserved organizations.…