Decipher Security Podcast
The editors of Decipher talk with a rotating cast of security practitioners, researchers, and executives about a variety of topics in the security and privacy fields.
Episodes
"You know, you really don't need a forensics team to get to the bottom of this. If you guys were the inventors of Facebook, you'd have invented Facebook." Melanie Ensign joins Dennis Fisher and Lindsey O'Donnell-Welch to discuss David Fincher's massively successful 2010 film, The Social Network, a movie that opens a window into the dark side of Silicon Valley and the lengths that some people will go to...
Yahoo CISO and Chief Paranoid Sean Zadig returns to the podcast for a discussion with Dennis Fisher about how to go about getting kids interested in technology and teaching them about hacking (in the broad, classical sense) safely (9:10). Then they talk about how rapidly the cybersecurity industry is changing and what effects AI is and is not having on offense, defense, and the job market (45:00).
We don't do holiday themed episodes in this house, so no tricks, but we have some treats for you. First we discuss the problem of shadow AI (1:00) and how it seems like we're just repeating the mistakes of previous tech waves in ignoring security until it's too late. Then we dig into a new report from Kaspersky about a crazy exploit they discovered for a Chrome sandbox escape that led them to identify the new version...
This week saw a blessed lack of major vulnerabilities, but there was plenty of other news to dig into. We discuss the fallout from the AWS outage (0:36), the conclusions from the latest Cyberspace Solarium Commission report (4:37), and the effects of CISA's shakeup on the private sector (14:07), and the continued effects of the F5 incident (21:21). Finally, we have some extremely important updates on whether Dennis has a dog y...
Mitch, there's something you need to know. Compared to you, most people have the IQ of a carrot. Real Genius has it all: '80s movie icon Val Kilmer at his coolest, a brilliant hacker named Laszlo living in a closet, a giant space laser, and the absolute embodiment of the hacker ethos. Join us as we dig into this classic with our pal Wendy Nather. It's a moral imperative.
Slate article on the inspiration for Jordan: ht...
In the wake of the disclosure of a serious intrusion at F5 that reportedly lasted about a year, we talk about the details of the disclosure, the potential link to Chinese state actors, the fallout from the attackers' access to source code and bug reports, and what this could mean in the long term.
Have you heard about this AI thing? It's wild. Turns out, attackers are using it for all kinds of things we'd rather not have them doing. Dennis Fisher is joined by two experts from CrowdStrike--Adam Meyers, head of counter adversary operations, and Elia Zaitsev, CTO--to talk about how both defenders and attackers are leveraging AI and where things might be going in the next few years.
This week brings some new insights into the origins and length of the Cl0p extortion attacks tied to the Oracle E-Business Suite vulnerability, big surges in scanning for Cisco ASA, Palo Alto, and Fortinet devices, and a huge upgrade to Apple bug bounty payouts. Plus: Does Dennis have a dog yet?
https://security.apple.com/blog/apple-security-bounty-evolved/
https://decipher.sc/2025/10/08/data-connects-scanning-surges-for-cisco-forti...
What you see on these screens up here is a fantasy; a computer-enhanced hallucination. WarGames may be 42 years old (!) but its prescience about our current technocracy and race to take humans out of the loop is as clear as ever. Dennis Fisher, Lindsey O-Donnell-Welch, Zoe Lindsey, and Pete Baker sit down in front of an IMSAI 8080 with some raw corn on the cob and a can of Tab to talk about this brilliant hacker movie classic.
Dennis and Lindsey dissect a busy week in security news, starting with the Cl0p group's extortion campaign against Oracle customers (3:24), then moving into the Crimson Collective's claimed breach of some of Red Hat GitLab's repos (12:41), and finally the consequences of the expiration of th CISA legislation and de-funding of the MS-ISAC (22:46).
PLUS! An exciting announcement about our partnership with Material Secu...
The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data. It's all just electrons. Daniel Cuthbert joins Dennis Fisher to dive into an all-tiime, undisputed hacker movie classic, the 1992 masterpiece, Sneakers. We dissect the movie's genesis, its technical accuracy and prescience, and discuss its lasting influence on the hacker community more than 30 ye...
Adam Bateman, co-founder and CEO of Push Security, joins Dennis Fisher to talk about a new, highly targeted phishing campaign the company uncovered that uses compromised LinkedIn accounts in order to harvest victims' Google or Microsoft credentials through a fake investment, then discuss trends in browser-based attacks and defensive challenges.
Dennis and Lindsey discuss the targeted compromises of NPM packages (1:00) and the pointed letter that Sen. Ron Wyden sent to the FTC chairman asking for Microsoft to be held liable for the Ascension ransomware attack last year (11:45) before finally touching on Apple's new memory safety technology for new iPhones (20:43).
NPM compromise: https://decipher.sc/2025/09/08/targeted-attack-compromises-popular-npm-pack...
Dennis and Lindsey talk through the continuing fallout of the Salesloft Drift incident (2:05) in light of the disclosure of several new companies that are involved, including Cloudflare, which published an excellent post-mortem on the intrusion. Then they discuss the new Shared Vision of SBOM for Cybersecurity published by CISA, NSA, and many foreign government cybersecurity agencies, and talk about why this is coming out now (17:...
We are so back! After a bit of a hiatus, we're very excited to be back with new Decipher content for you in all of the old familiar places. And also some new ones. Join Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch as we start our new, independent phase, talk about what we've been up to, and discuss our plans for what fun stuff we have in store.
Decipher website: https://decipher.sc/
YouTube: https://www....
The Sony Pictures hack in 2014 by the North Korean Lazarus Group was a seminal event both in Hollywood and in the security community, bringing to light the capabilities and ambitions of North Korean attackers and showing the damage a leak of sensitive data can be. Brian Raftery joins Dennis Fisher to discuss his new Ringer podcast, The Hollywood Hack, that digs deep into the incident, its repercussions in Hollywood, and how it help...
The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups targeting government, higher education, and private industry. We also check in on a new report from Google's Threat Analysis Group on APTs using the same exploits for zero days that were developed by private commercial surveillance vendors NSO Group and Intellexa.
Reddit's head of software security Matt Johansen joins Dennis Fisher to talk about the highlights of Black Hat USA, the challenges of sorting security priorities in a large enterprise, and how he's learned to take care of his mental health after many years in the security industry.
Rebekah Brown and John Scott-Railton of the Citizen Lab join Dennis Fisher to dive into their group's new report on highly targeted spear phishing campaigns by the Russian threat actor COLDRIVER and then discuss the emergence of a new, possibly related group called COLDWASTREL.
Dennis Fisher and Lindsey O'Donnell-Welch reflect on their week in Las Vegas at Black Hat and discuss the talks they liked, including Moxie Marlinspike's keynote and the Google Project Zero retrospective, and the other topics they found interesting, including vulnerability exploitation versus social engineering and the AI ecosystem.
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Rewarded for bravery that goes above and beyond the call of duty, the Medal of Honor is the United States’ top military decoration. The stories we tell are about the heroes who have distinguished themselves by acts of heroism and courage that have saved lives. From Judith Resnik, the second woman in space, to Daniel Daly, one of only 19 people to have received the Medal of Honor twice, these are stories about those who have done the improbable and unexpected, who have sacrificed something in the name of something much bigger than themselves. Every Wednesday on Medal of Honor, uncover what their experiences tell us about the nature of sacrifice, why people put their lives in danger for others, and what happens after you’ve become a hero. Special thanks to series creator Dan McGinn, to the Congressional Medal of Honor Society and Adam Plumpton. Medal of Honor begins on May 28. Subscribe to Pushkin+ to hear ad-free episodes one week early. Find Pushkin+ on the Medal of Honor show page in Apple or at Pushkin.fm. Subscribe on Apple: apple.co/pushkin Subscribe on Pushkin: pushkin.fm/plus
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!
The official podcast of comedian Joe Rogan.