Decipher Security Podcast

Fortinet and WinRAR Exploitation, Google's IPIDEA Disruption, and Our Favorite Cybersecurity Creators

It was a busy week in the cybers! Today we start with the targeted exploitation of another Fortinet vulnerability (CVE-2026-24858) that enables simple authentication bypass (1:15), then we discuss Google's disruption of a large residential proxy network called IPIDEA that has been abused by hundreds of threat actors (5:40), then we talk about the continued attacks on an older WinRAR bug by both cybercrime and APT groups (10:11). Finally, we shout out some of our favorite fellow creators in security community: the Three Buddy Problem podcast, John Hammond, and Matt Johansen. Support the show

The RedVDS Takedown, Yet Another Chinese APT Emerges, and the StackWarp AMD Bug

This week, we talk about how Microsoft disrupted a long-running, large-scale cybercrime-as-a-service platform called RedVDS that has been active since 2019 and was used in high-volume phishing and BEC scams (1:00), then we discuss the research from Cisco Talos on another (!) Chinese APT called UAT-8837 that is targeting critical infrastructure organizations in North America (6:06), and finally there's the clever new StackWarp vulnerability in AMD processors that was disclosed this week (9:44).RedVDS takedownCisco Talos reportStackWarpSupport the show

The Future of Vulnerability Management With Jeremiah Grossman and Robert "RSnake" Hansen

Jeremiah Grossman and Robert Hansen, two of the more influential and accomplished leaders and entrepreneurs in the cybersecurity community, have seen and done it all in their careers. From their roles as the driving forces behind pioneering web appsec firm WhiteHat Security to building out enterprise security programs to breaking large portions of the web (on purpose), Jeremiah and Robert have unique viewpoints on what works and what doesn't. Now, they're building something new, Root Evidence, a vulnerability management platform backed by data from actual breaches and designed to help security teams prioritize fixing the bugs that actually matter.Support the show

A New Chinese APT Debuts and React2Shell Attacks Spike

The new year is here! And so are the attacks. The first full week of 2026 brought us new research from Cisco Talos on a China-nexus APT group called UAT-7290 that is expanding its targeting and serving as an initial access group as well as a cyber espionage team (3:02). There is also some great data from GreyNoise on the attack volume from actors trying to exploit the React2Shell vulnerability from December (8:26). The volume is holding steady at more than 300,000 sessions per day, which is...high.Talos report: https://blog.talosintelligence.com/uat-7290/GreyNoise report: https://www.greynoise.io/blog/cve-2025-55182-react2shell-opportunistic-exploitation-in-the-wild-what-the-greynoise-observation-grid-is-seeing-so-farSupport the show

The Hacker Movie Canon: Home Alone

There may not be any computers in Home Alone, but few movie characters embody the old-school hacker ethos like Kevin McCallister does. Resourceful, clever, determined, and creative, Kevin uses all of the tools and talents at his disposal to repel a pair of relentless adversaries. Merry Christmas ya filthy animals!Support the show