Secure AF - A Cybersecurity Podcast
Think like a hacker. Defend like a pro. Welcome to the Secure AF Cybersecurity Podcast — your tactical edge in the ever-evolving cyber battlefield. Hosted by industry veterans including Donovan Farrow and Jonathan Kimmitt, this podcast dives deep into real-world infosec challenges, red team tactics, blue team strategies, and the latest tools shaping the cybersecurity landscape. Whether you're a seasoned pentester, a SOC analyst, or just breaking into the field, you'll find actionable insights, expert interviews, and unfiltered discussions with Alias team members and top-tier guests from across the cybersecurity spectrum. Stay sharp. Stay informed. Stay Secure AF.
Episodes
Got a question or comment? Message us here!
In this week’s #SOCBrief, Hickman and Peters break down Obscura ... a new ransomware variant making waves with aggressive evasion tactics, process terminations, and domain controller targeting. We cover what’s known so far, the risks it poses to businesses, and the key defenses every SOC should prioritize.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on...
Got a question or comment? Message us here!
What’s the real difference between a penetration test and a red team engagement, and how can each benefit your SOC? In this episode, Andrew is joined by Tanner, to unpack how pentests uncover vulnerabilities, how red teams stress-test defenders, and why every organization should be leveraging these exercises.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen...
Got a question or comment? Message us here!
This week on #SecureAFPodcast, we’re recapping #SECCON 2025. From the keynote to the villages and everything in between, join us for a look back at the highlights, takeaways, and community moments that made this year’s conference our best yet.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
Got a question or comment? Message us here!
Ransomware is evolving faster than ever, from double extortion tactics to lightning-fast attack chains. In this episode, we break down how these threats work, why every organization is a target, and the layered defenses SOCs can use to detect and stop attacks early.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple Podcasts, Spotify and anywhere yo...
Got a question or comment? Message us here!
In this episode of The #SOCBrief, we break down the rising FileFix attack, a new social engineering technique using steganography to deliver info-stealing malware. Learn how attackers disguise malicious PowerShell commands, the risks this poses for browsers, messengers, and crypto wallets, and the proactive defenses SOCs can use to detect and contain these threats before they escalate into...
Got a question or comment? Message us here!
🔎 This episode of The #SOCBrief dives into the world of dark web monitoring in digital forensics and incident response. Learn why leaked credentials are a top threat, how to safely detect exposures, and what steps SOC teams can take to stay proactive.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple Podcasts, Spotify and anywhere you get your podc...
Got a question or comment? Message us here!
💡 This week on The SOC Brief, we’re breaking down incident response (IR) ... why it’s essential, how to build a strong plan, and what SOC teams can do to turn chaos into control. From preparation and containment to recovery and lessons learned, learn how a solid IR strategy saves time, money, and reputation.
👉 Tune in now at secureafpodcast.com
Watch full episodes at youtu...
Got a question or comment? Message us here!
Fresh off the chaos of DEF CON 33, Tanner, Hickman, and Will break down the four-day hacker conference, from the eye-opening hacker villages and mind-bending talks to Hickman’s clutch CTF victory and Will’s bold dive into the Social Engineering Community’s Vishing Competition. No sleep, all signal.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple P...
Got a question or comment? Message us here!
In this episode, we break down the emerging Crypto24 ransomware attacks that use living-off-the-land techniques to bypass EDR. We’ll explore how these attacks unfold and the defensive strategies SOCs and organizations can use, like layered security, enhanced monitoring, and rapid response, to stay ahead of evolving threats.
Watch full episodes at youtube.com/@aliascybersecur...
Got a question or comment? Message us here!
This week, we’re unpacking the phishing wave hitting SaaS platforms ... from social engineering to OAuth abuse and AI voice spoofing. Learn why people remain the #1 attack vector and how to stay one step ahead.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
Got a question or comment? Message us here!
On this episode of the #SOCBrief, we break down attacks on SonicWall firewalls. A wave of ransomware, possibly exploiting zero-day vulnerabilities, is compromising even fully patched systems. Learn how SOCs can respond fast and stay ahead.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
Got a question or comment? Message us here!
This week’s SOC Brief unpacks how a misconfigured cloud bucket exposed 72,000+ user images from the Tea app, complete with geolocation metadata and real IDs. From national security risks to doxxing fallout, we break down what went wrong and what your security team must do to avoid the same mistakes.
Watch full episodes at youtube.com/@aliascybersecurity.
Listen on Apple ...
Got a question or comment? Message us here!
A critical zero-day (CVE-2025-53770) is actively targeting on-premises SharePoint servers AND it’s already been used to compromise over 100 organizations. In this #SOCBrief, Andrew and Tanner break down how the exploit works and what steps your team should take now. If your SharePoint instance is public-facing and unpatched ... assume compromise.
🎧 Tune in for insights, mitigation tips, an...
Got a question or comment? Message us here!
In this week’s #SOCBrief, we break down why offboarding policies are ABSOLUTELY critical for security teams. Overlooked items from abandoned accounts to old VPN access can leave backdoors wide open. Learn how SOCs monitor, contain, and shut down lingering access, and why communication between HR, IT, and cybersecurity is essential.
🎙️ Tune in. secureafpodcast.com
Watch full ...
Got a question or comment? Message us here!
🎙️ NEW! Aligned by Design: CISO x Legal
Introducing! A fresh new series that explores the intersection of cybersecurity and legal strategy. Join Alias CISO Jonathan Kimmitt and privacy attorney Tom Vincent as they unpack what happens when technology, compliance, risk, and law collide.
From real-world experiences to the nuances of the term "breach", these two break down the how, w...
Got a question or comment? Message us here!
Hackers just unleashed the largest DDoS attack in history, peaking at 7.3 Tbps and 4.8 billion packets per second. In just 45 seconds, it pummeled its target with the data equivalent of over 9,000 HD movies, a powerful reminder of how far attack capabilities have evolved.
🎧 Tune in to today’s SOC Brief for insights on DDoS attacks and how to up your defenses.
Watch full epis...
Got a question or comment? Message us here!
In this episode of The SOC Brief, the team unpacks a critical zero-day vulnerability in Google Chrome (CVE-2025-6554) that’s being actively exploited. Learn how attackers use type confusion bugs to hijack browser memory, what makes this exploit so dangerous, and why it’s targeting high-value organizations. Discover actionable steps for updating Chrome, securing endpoints, and training user...
Got a question or comment? Message us here!
In this episode, our security engineers break down the latest cybersecurity headlines, from the real scoop behind the “16 billion password” leak to the rise of hacker groups like Scattered Spider. 🕷️
We discuss how attackers bypass MFA, why exploited data keeps resurfacing, and what organizations can do to protect sensitive data. Plus, we dive into industrial control system risks...
Got a question or comment? Message us here!
In this episode of The SOC Brief, Andrew and Dax dive into the world of false positives – those misleading alerts that flood security teams with noise.
They discuss how misconfigurations, lack of context, and overly sensitive rules can lead to alert fatigue. With practical tips on investigation, tuning tools, and understanding your environment, they highlight how reducing false positives h...
Got a question or comment? Message us here!
🔐 New SOC Brief Episode: Tracing the Breadcrumbs
Cybercriminals always leave a trail, if you know where to look. In this episode, we break down Indicators of Compromise (IOCs) and how they help security teams detect and respond to threats faster.
🎯 What we cover:
• Real-world incident reports & proof of concept examples
• Threat actor aliases & ransomware group tactics
...
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
It’s 1996 in rural North Carolina, and an oddball crew makes history when they pull off America’s third largest cash heist. But it’s all downhill from there. Join host Johnny Knoxville as he unspools a wild and woolly tale about a group of regular ‘ol folks who risked it all for a chance at a better life. CrimeLess: Hillbilly Heist answers the question: what would you do with 17.3 million dollars? The answer includes diamond rings, mansions, velvet Elvis paintings, plus a run for the border, murder-for-hire-plots, and FBI busts.
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.