Think like a hacker. Defend like a pro. Welcome to the Secure AF Cybersecurity Podcast — your tactical edge in the ever-evolving cyber battlefield. Hosted by industry veterans including Donovan Farrow and Jonathan Kimmitt , this podcast dives deep into real-world infosec challenges, red team tactics, blue team strategies, and the latest tools shaping the cybersecurity landscape. Whether you're a seasoned pentester, a SOC analyst, or just breaking into the field, you'll find actionable insights, expert interviews, and unfiltered discussions with Alias team members and top-tier guests from across the cybersecurity spectrum. Stay sharp. Stay informed. Stay Secure AF.
Listen to episodes
60 recent
June 16, 202643 min
You're Probably Not Hacked, You're Being Tracked
Got a question or comment? Message us here!You probably haven’t been hacked, you’ve been tracked. This episode breaks down how ad tech, mobile apps, and data brokers create massive behavioral profiles without ever touching your phone’s security. Learn how tracking really works, why it matters, and what you can actually do about it. 📱👁️📡Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
June 10, 202613 min
The SOC Brief Turns One 🎂 Insights, Stories & Lessons Learned
Got a question or comment? Message us here!It’s our 1-year anniversary! 🎂 From bite-sized cyber insights to growing a passionate listener base, this episode reflects on the journey, the challenges, and the wins along the way. Expect laughs, lessons, and behind-the-scenes stories you won’t want to miss. 🚀Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
June 3, 20265 min
Kali365 Phishing-as-a-Service: FBI Warns of New M365 Credential Theft Tool
Got a question or comment? Message us here!The FBI is warning about Kali365, a new phishing‑as‑a‑service tool designed to steal Microsoft 365 credentials and enable account takeovers at scale. In this episode, we break down how it works, why it’s so effective, and what your SOC can do right now to detect and defend against it. 🎧 Tune in now at secureafpodcast.comSupport the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
June 2, 202637 min
Incident Response 101: What to Do When You’re Under Attack
Got a question or comment? Message us here!What actually happens when a company gets hacked?In this episode, we break down real-world incident response, from initial access and ransomware tactics to forensic investigation and common mistakes that make things worse. If your organization had an incident tomorrow, would you know what to do?Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
May 27, 20264 min
First Known AI-Powered Zero-Day Exploit: What SOCs Need to Know 🤖
Got a question or comment? Message us here!In this episode of the #SOCBrief, we dive into the first confirmed case of an AI-powered zero-day exploit. With attackers leveraging AI to discover vulnerabilities, generate exploit code, and bypass defenses faster than ever, this marks a major shift in how threats are developed and deployed. We break down how the attack worked, what made the exploit unique, and the key detection and defense strategies SOC teams need to start adopting now to keep pace with AI-driven adversaries.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
May 20, 20265 min
ShinyHunters Breach of Instructure Canvas LMS 📚✏️: Lessons for SOCs on Third-Party Vendor Risks
Got a question or comment? Message us here!In this episode of the #SOCBrief, we break down the ShinyHunters breach of Instructure’s Canvas LMS and what it means for security teams everywhere. From exploiting a lesser-monitored service to exfiltrating millions of records, this attack highlights the growing risk of third-party vendors and supply chain exposure. We walk through how the breach unfolded, key indicators of compromise, and the practical steps SOC teams can take to detect, monitor, and reduce vendor-related risk before it becomes a crisis.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
May 19, 202655 min
Canvas Breach Breakdown: What 9,000+ Outages Teach Us About SaaS Risk
Got a question or comment? Message us here!When the Canvas LMS went down, thousands of institutions came to a halt, right in the middle of finals. In this episode, we break down what really happened, what data may have been exposed, and why this incident is a wake-up call for every organization relying on SaaS platforms.From vendor risk and contract blind spots to business continuity failures, we unpack the real lessons security leaders need to hear, and what you should be doing right now to prepare for the next breach.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
May 13, 20265 min
MuddyWater’s Ransomware Decoy: Iranian APTs Hiding Espionage in Plain Sight
Got a question or comment? Message us here!MuddyWater is blurring the line between ransomware and espionage... using Chaos ransomware as a decoy to distract defenders while quietly stealing data and maintaining persistence. In this episode, we break down how this tactic works, what SOC teams should watch for, and how to detect the hidden activity beneath the noise.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
May 6, 20266 min
Qilin Ransomware’s EDR Killer DLL – How Attackers Are Subverting Defenses
Got a question or comment? Message us here!Qilin ransomware is deploying a malicious DLL to disable EDR tools before encryption begins. In this #SOCBrief, we break down how the attack works, what to look for, and how defenders can respond. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
May 5, 202649 min
AI’s Inflection Point: From Productivity Tool to Existential Risk
Got a question or comment? Message us here!Artificial intelligence is evolving faster than most organizations, and regulators, are prepared for. In this episode of the #SecureAFPodcast, we sit down with Chris Hood, a veteran technologist and financial industry leader, to explore how AI has evolved from early computing to today’s large language models and agentic systems.We discuss real‑world AI use in highly regulated environments, the benefits and risks of agentic AI, growing concerns around AI security and alignment, and why some experts believe general, and eventually superintelligence, may be closer than many expect, even if we’re not there yet.Along the way, the conversation takes a few intentional detours, as two seasoned technologists reflect on decades of computing history and how past technology shifts help frame today’s AI inflection point.From practical productivity gains to long‑term implications for security, jobs, and society, this conversation goes beyond hype to ask the hard questions security leaders should already be considering.This is Part 1 of a deeper discussion on AI, risk, and the future of human‑machine collaboration.Dive in here: secureafpodcast.comSupport the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
Is this your show?
Claim this listing to keep it up to date, reach guests who want to pitch you, and manage bookings with Guestify.
