Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this podcast, we uncover the tactics behind Volt Typhoon, a Chinese state-sponsored operation targeting critical national infrastructure. Learn how this group is moving from espionage to disruption, using stealthy, “living off the land” techniques and exploiting legitimate system tools to hide in plain sight.

In this special episode of The Cyber Resilience Brief, Tova Dvorin and Adrian Culley break down CISA Advisory AA25-239—a joint alert from CISA, NSA, FBI, and global cyber partners on the long-running Chinese state-sponsored threat group Salt Typhoon. Salt Typhoon has been quietly infiltrating critical infrastructure for years by exploiting outdated routers, weak credentials, and “living off the land” techniques like PowerShell, WMI, scheduled tasks, and built-in administrative tools—making them nearly invisible.

A new breed of ransomware is here — and it’s more dangerous than ever. In this episode of the Cyber Resilience Podcast, we unpack the chilling rise of Warlock ransomware, a campaign tied to Chinese threat actor Storm-2603. Discover how this group is combining nation-state tactics with ransomware-as-a-service operations, blurring the line between espionage and profit—and what it means for critical infrastructure defense.

In this episode of the SafeBreach Cyber Resilience Podcast, host Tova Dvorin and Adrian Culley dive deep into Interlock—one of today’s most aggressive ransomware operations. What you’ll learn: From hospitals to schools, no one’s immune—hear how Interlock is rewriting the ransomware playbook and what your team can do to stay resilient.

The FBI, NSA, and CISA just issued a warning about Iranian state-backed actors, including the notorious Cyber Avengers, targeting US networks—especially OT, IoT, water, and aviation systems. These groups aren’t hacktivists—they’re highly skilled, sanctioned members of the IRGC. Key takeaways: Stay proactive: run simulations, remediate vulnerabilities, and lock the stable door before the horse bolts.

In this special episode, host Tova Dvorin sits down with SafeBreach experts Adrian Culley and Tomer Bar to unpack CVE-2025-53770 — a zero-day deserialization flaw in Microsoft SharePoint Server that enables unauthenticated remote code execution and long-term persistence. This isn’t theoretical. It’s actively exploited and tied to the evolving ToolShell attack chain. Here’s what you’ll hear in this episode.

AI isn’t just changing cyber defense—it’s transforming how attacks happen. In this episode, Tova Dvorin sits down with Tomer Bar and Shelly Zucker from SafeBreach to explore how AI-powered threats are reshaping the battlefield. Hear about: If you’re in cybersecurity, risk, or IT, this is your must-listen guide to preparing for the AI-enabled threat era.

In this premiere episode of The Cyber Resilience Brief, we dive into the EU’s Digital Operational Resilience Act (DORA) — and why its impact goes far beyond Europe. Host Tova Dvorin is joined by Adrian Culley and David Murray from SafeBreach to break down what means for financial institutions, insurers, and ICT providers worldwide. The session covers: Listen now for actionable insights on evolving from incident response to instant anticipation, staying ahead of attackers, and meeting tomorrow’s regulatory demands today.

See Attack Simulation, Automated Red Teaming, and Attack Path Validation in action—this video shows how real intrusions unfold and how to stop them.

In this session, our team breaks down the Digital Operational Resilience Act (DORA) — the EU regulation reshaping cybersecurity expectations across the financial sector. DORA mandates continuous testing and validation of critical live production systems, emphasizing adversary emulation and real-world attack simulations to ensure true operational resilience. Learn how organizations are adapting their programs, what the rise of the Chief Resilience Officer means for cybersecurity leadership, and how continuous validation supports both compliance and readiness.