In this episode of _The Cyber Resilience Brief_, we break down the modern reality of *Iranian cyber warfare and industrial espionage*. Host Tova Dvorin and offensive security engineer Adrian Culley analyze the tactics, techniques, and procedures (TTPs) of *APT33, OilRig (APT34), and MuddyWater* — three of the most active Iranian state-sponsored threat actors targeting *energy, aviation, manufacturing, government, and critical infrastructure*.

In this week's Intel Chat, Christopher Luft and Matt Bromiley discuss how attackers used AI to clone over 150 law firm websites, targeting fraud victims under the guise of offering legal assistance to recover lost funds. Chris points out how easy this has become with AI tools. Attackers can quickly clone a website, host it at a legitimate-looking domain, and start harvesting information. The episode also covers Russian cyber operations targeting the defense industrial base, Team PCP's campaign compromising 60,000+ servers, and exposed OLAMA AI infrastructure.

AI agents are quickly becoming first-class actors in the digital ecosystem—logging into systems, invoking multiple APIs, collaborating, and even interacting socially with other agents. In a panel discussion on “Enhancing Cyber Resilience Across the Digital Ecosystem”, the miniOrange Founder & CEO Mr. Anirban Mukherji highlighted why digital identity is now the foundation for securing agent-driven environments, especially as authentication and authorization protocols expand globally across platforms and enterprises.

Claude Code runs directly inside the LimaCharlie UI, connecting to the MCP server and loading the skills needed to execute commands across your environment. In this video, you'll see it in action for common administrative tasks: identifying organizations and their IDs, pulling sensor counts for a specific org, and getting a full breakdown of containers by type. SOC managers can query this information conversationally rather than navigating multiple menus or writing custom scripts.