Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyber risk is not one size fits all In LATAM, organizations face evolving threats, uneven security maturity, and AI-driven challenges. Paul Harris breaks it down on The 443 Podcast.

This week on the podcast, Marc and Corey sit down with Paul Harris, CEO of BGLA and Futurity Corp at WatchGuard's Impact Partner Conference in Tulum, to explore the evolving cybersecurity landscape across Latin America. Paul shares his journey from early days in cybersecurity to leading organizations in the region, while breaking down the biggest concerns facing LATAM SMBs today. The conversation also covers how AI is reshaping cybersecurity, the challenges of securing partners across diverse markets, and practical advice for business leaders looking to stay ahead of cyber risk in LATAM.

Corey and Marc break down RedSun, a researcher-disclosed vulnerability that can escalate privileges to full system access, plus a major DDoS-for-hire takedown and Microsoft’s latest RDP security updates.

This week on the podcast we discuss RedSun, the latest researcher-disclosed zero-day in Microsoft Windows. After that, we chat about a Europol-lead takedown of DDoS-for-hire services before ending with our thoughts on Microsoft's latest RDP security updates.

This week on the podcast, we discuss Anthropic's Project Glasswing and what the Claude Mythos announcement means to cybersecurity. After that, we cover FrostArmada, a campaign from a Russian GRU-backed threat actor that has compromised tens of thousands of home networking routers. Finally we end with a chat about Google Chrome 146's new feature to protect against session hijacking.

This week on the podcast, we cover the accidental Claude Code source code leak and what it means for users and the wider ecosystem. After that, we discuss the Axios supply chain compromise impacting users of a JavaScript library with over 100 million weekly downloads. We end with our thoughts on Browser Gate, the name given to allegations that Microsoft is illegally harvesting LinkedIn customer data for a competitive advantage.

This week on the podcast, we discuss the US government's ban on foreign-manufactured consumer routers and its likely impact. After that, we cover a research post from Huntress on a recent phishing campaign leveraging OAuth Device Authentication flows to retain long-term access to compromised accounts. We end with a review of key takeaways from Google's Cloud Threat Horizons report for H1 2026.

In this episode, Corey Nachreiner interviews WatchGuard Cybersecurity Analyst and Threat Emulation & Investigations Lead, Kristen Yang, about the path into cybersecurity, the evolution from threat hunting to leading investigations, and the realities of defending against modern attacks. They explore today’s threat landscape, incident response mistakes, red teaming lessons, MITRE ATT&CK, AI in security, and the skills analysts need most, plus a rapid-fire round to close things out.

AI is everywhere in cybersecurity. For partners, the real question is not about the technology. It is about your people. Is AI replacing analysts, or making them more effective? In this session, we break down the differences between automation and augmentation and why they matter for MSPs delivering security services. Automation removes repetitive SOC work such as triage, enrichment, and basic containment. Augmentation strengthens human experts with faster investigation, clearer attack mapping, and smarter response decisions.

This week on the podcast, we cover the cyber attack that managed to wipe more than 200,000 resources off of the medical technology giant Syryker's network. After that, we review a research post on a good chrome extension gone bad. We end by discussing a recent Microsoft threat intelligence post on how North Korean-backed threat actors have operationalize AI for job scams.