Every Tuesday at 1 PM ET, Red Canary’s security experts tackle cybersecurity news and industry trends with special guests and exclusive operational insights.

November’s episodes covered everything from STORM-2203’s latest ransomware campaign to the nuances of naming threat clusters. We’ve embedded them all here for your viewing pleasure.

Episode 40: The hidden tunnels of STORM-2603’s ransomware ops

Dave and Keith are joined by Principal Security Researcher Phil Hagen to discuss some of the week’s infosec news, including a new way to automate Atomic Red Team tests with AI and whether Aardvark, OpenAI’s new “agentic security researcher,” will change the game when it comes to vulnerability management. Later, Phil gave viewers a crash course on the threat group STORM-2603, how it’s been leveraging legitimate tools to lead to ransomware deployment, and how organizations can mitigate risks through auditing and blocklists.

Episode 41: How Red Canary names and tracks threats

Dave and Keith weclome Alex Berninger, Senior Manager of Intelligence at Red Canary, to talk about the naming problem in threat intelligence. First, Dave and Keith catch up on a few infosec headlines of the week, including a new OWASP top 10 Release Candidate and the return of Gootloader, a JavaScript-based malware loader. Later Alex sheds light on the challenges of naming threat activity clusters, touching on the many nuances when it comes to naming threat actors, Red Canary’s methodology, and some of the more popular birds we see in the wild (Scarlet Goldfinch, Tangerine Turkey, etc.)

Episode 42: A cornucopia of Intelligence Insights

Dave, Keith, and Senior Intelligence Analyst Stef Rand dive into recent infosec headlines, including the much-talked-about Anthropic AI hacking campaign and news that the infostealer malware Rhadamanthys has been disrupted. Later, Stef recaps this month’s Intelligence Insights, which features a new number one threat: JustAskJacky, a family of malicious apps disguised as harmless AI helper tools. Stef also notes how Red Canary has detected an uptick in macOS stealers, including Atomic and Odyssey Stealer, and describes how defenders can tell them apart.