The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Get your CPEs: https://cyberthreatbrief.simplycyber.io/cpe Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Get your CPEs: https://cyberthreatbrief.simplycyber.io/cpe Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Get your CPEs: https://cyberthreatbrief.simplycyber.io/cpe Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

Staying relevant in technology isn't about mastering every new trend that comes along. It's about developing the skills, habits, and perspective that allow you to adapt as the industry evolves. In this episode of Simply Cyber Firesides, host Gerald Auger, Ph.D. welcomes Richard Campbell for a conversation on what he's learned from decades in tech. Richard has been building, advising, and talking about technology for much of his professional life, from software development and infrastructure to entrepreneurship, consulting, and industry leadership. Having witnessed multiple generations of technological change firsthand, he brings a practical perspective on what it takes to remain relevant as the industry continues to evolve. Beyond his work as a technology entrepreneur and advisor, Richard is the host of the podcasts .NET Rocks, RunAs Radio, and Windows Weekly, and producer of the DevIntersection conference series. Ask your questions in live chat and get answers during the stream - be a part of the conversation. Connect with Richard: https://runasradio.com https://www.dotnetrocks.com https://twit.tv/shows/windows-weekly https://richcampbell.bsky.social https://mastodon.social/@richcampbell https://www.threads.com/@sysmas 👍 Subscribe to Simply Cyber and hit the bell so you don't miss future SC Firesides episodes! All the things Simply Cyber: https://simplycyber.io/socials

What do you do when your threat intel feed flags a ransomware variant actively targeting your industry through a specific vulnerability — and you don't know if you're patched? This question is showing up more in SOC analyst interviews as threat intel programs mature. The answer tells an interviewer everything: whether you understand how intel translates into action, how to work cross-functionally, and how to communicate risk before an incident happens. Eric Capuano reviews answers from three candidates — junior, mid-level, and senior — and breaks down what a proactive security mindset actually sounds like in the room. In this video: - Why threat intel is harder to operationalize than most analysts think - The first question you should always ask before acting on any intel - How to work cross-functionally when you don't own asset inventory or patch management - What separates a technically strong answer from a strategically strong one BONUS: What are STIX and TAXII — and are they actually used in real SOCs? Chapters 00:00 – The Interview Question (and Why It Matters) 00:51 – Eric Capuano on Why Threat Intel Is Harder Than It Looks 02:42 – Candidate 1: The Generic Approach 03:06 – Eric's Feedback: Start With "Do We Even Have This Software?" 04:19 – Candidate 2: Change Management and Stakeholder Escalation 05:42 – Eric's Feedback: Right Direction, Wrong Starting Point 07:31 – Candidate 3: Technical Depth — Exploit Chains and Detection Engineering 09:39 – Eric's Feedback: Great Depth, But Almost Skipped the Most Basic Step 13:00 – SOC Interview Tips for Threat Intel Questions 15:23 – BONUS: What Are STIX and TAXII? (Write "bonus" in the comments if you made it here) 18:38 – How to Go Deeper: Eric Capuano's "So You Want to Be a SOC Analyst" Lab ========================= Simply Cyber empowers people who want a rewarding cybersecurity career 💪 ========================= ========================= All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials =========================

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Get your CPEs: https://cyberthreatbrief.simplycyber.io/cpe Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Get your CPEs: https://cyberthreatbrief.simplycyber.io/cpe Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News Podcast: https://cisoseries.com Follow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

I sat in on a Flare Academy training with Adrian Cheek, Senior Threat Intelligence Researcher at Flare, and walked away with two things I never thought about before. Passive DNS is the lifetime history of a domain. WHOIS is an 18-20 hour old snapshot. Most investigators default to WHOIS. That's a miss. Threat actors are lazy with their TLS certificates. One cert hash in Adrian's case study linked to 97 distinct domains. One query. Full fleet exposed. If you're not looking at passive DNS and cert fingerprints as part of your investigations, you're leaving the easiest pivots on the table. Watch the full 90-minute free training on replay inside Flare Academy's Discord community. Grab the 2 hour training on replay for free now at https://simplycyber.io/passivedns ========================= Simply Cyber empowers people who want a rewarding cybersecurity career 💪 ========================= ========================= All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials =========================

What happens when your pretext falls apart the moment someone challenges your story? In this Simply Cyber Skills Stream, Alethe Denis, Senior Security Consultant II at Bishop Fox and DEF CON Black Badge-winning social engineer, shares how to build pretexts that can withstand real-world pressure during physical red team engagements. Most social engineering discussions focus on what to say. This session focuses on how to create believable stories that hold up when faced with skeptical employees, unexpected questions, or situations that do not go according to plan. Drawing from her experience in social engineering, physical security assessments, and offensive security operations, Alethe will discuss the mindset and preparation behind creating stronger, more resilient pretexts for real-world engagements. This Skills Stream is designed for red teamers, social engineers, OSINT practitioners, physical security professionals, and anyone interested in the human side of offensive security. What You Will Learn • Why some pretexts fail under pressure • How to think beyond memorized scripts • The importance of preparation and adaptability during engagements • Common challenges encountered during physical social engineering operations • What makes a pretext believable in real-world scenarios By the end of this session, attendees will have a better understanding of how experienced social engineers approach pretext building for physical red team engagements and why flexibility matters just as much as preparation. Connect with Alethe on LinkedIn: https://www.linkedin.com/in/alethe 👍 Subscribe to Simply Cyber and hit the bell so you don't miss future SC Firesides episodes! All the things Simply Cyber: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials

It's 4:45 PM on a Friday and ransomware is encrypting your file server in real time. Your SOC manager just left. The IT director is in a meeting. The CISO is on a plane. You have 5 minutes. What do you do? This is one of the highest-stakes questions you can get in a SOC analyst interview — and it has almost nothing to do with knowing the right tools. It's about judgment, communication, and whether you freeze or take action. Eric Capuano joins Gerald Auger, Ph.D. to put three candidates through the exact same ransomware scenario at the pre-career, junior, and senior SOC analyst level. Watch how each one responds, hear what Eric is actually listening for as a hiring manager, and learn how to crush this question when it shows up in your next interview. What you'll learn in this SOC analyst interview breakdown: - Why containment is almost always the right first move during active ransomware - How to defend a high-stakes decision even when it breaks protocol - The difference between a "mile-deep dive" and properly scoping the threat - Why "pull the plug" is outdated language that can cost you the job - The communication and stakeholder escalation step most candidates forget - What hiring managers look for to know you won't freeze under pressure 🔬 Want hands-on SOC practice? Eric's lab deep dive "So You Want to Be a SOC Analyst" is linked below — it's phenomenal for building the confidence this question demands. 👉https://academy.digitaldefenseinstitute.com/courses/eca7ec1f-22dd-4d1f-b473-7a085facb26a 🔔 Subscribe — Eric and Gerald are doing a full series of SOC analyst interview breakdowns. Don't miss the next one. ⏱️ CHAPTERS 0:00 The 4:45 PM Friday Ransomware Scenario 0:25 Why This Is a Top SOC Analyst Interview Question 0:56 Junior Analyst Answer: Contain the Host First 1:24 Eric's Breakdown — Defending the Containment Call 5:20 Mid-Level Analyst: Escalation & Scoping the Threat 6:28 What Separates a Seasoned SOC Analyst 9:49 Senior Analyst: "I've Lived This" 12:27 Why You Should Never Say "Pull the Plug" 14:41 The Step Everyone Forgets: Stakeholder Communication 16:28 Eric on Why This Question Reveals Everything 19:49 Practice, Confidence & SOC Analyst Training #SOCAnalyst #CybersecurityCareers #Ransomware #IncidentResponse #BlueTeam #CyberSecurityJobs #SimplyCyber ========================= Simply Cyber empowers people who want a rewarding cybersecurity career 💪 ========================= ========================= All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials =========================

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn Join SC Discord: https://SimplyCyber.io/Discord News: https://cisoseries.com Follow SC: https://simplycyber.io/socials