Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In Part 4 of our Russian intelligence series, host Tova Dvorin and Adrian Culley map the proxy bridge between Western teenage hackers and Moscow. BlackCat (ALPHV) ransomware-as-a-service is the operational hinge: Scattered Spider breaks in, BlackCat encrypts, and the FSB watches the dashboard. Hear how the Kremlin earns plausible deniability, why a $115M extortion stream self-funds Russian intelligence, and what MI6's new "hybrid shadow war" warning means for defenders simulating Rust-based ransomware in their own networks.

Are you still stuck on the vulnerability hamster wheel? In this episode of the Cyber Resilience Brief, host Tova Dvorin is joined by SafeBreach VP of Product Koby Bar and offensive security expert Adrian Culley to unpack a major shift in how enterprises approach proactive security — and to announce the launch of SafeBreach Helm, the AI validation layer built for Continuous Threat Exposure Management (CTEM).

(CTEM) Continuous Threat Exposure Management—isn't just another framework. It's a philosophy for finally connecting the parts of your security program that aren't talking to each other. SafeBreach Helm makes it actionable for any organization, no matter where you're starting from.

Your home router isn’t just sitting there. It might already be part of a global cyberattack. In Part 2 of our deep dive into Chinese cyber operations, Tova Dvorin and Adrian Culley unpack the “Typhoon” threat groups—Volt Typhoon, Salt Typhoon, and Flax Typhoon—and how they’re quietly reshaping modern cyber warfare. This isn’t about stealing data. It’s about staying hidden, pre-positioning, and being ready to strike.

China-linked cyber groups have been hijacking everyday home routers—Linksys, Netgear, even small Cisco devices—and turning them into global proxy networks. That means an attacker can: This isn’t theoretical. In 2024–2025, massive botnets made of thousands of home routers were dismantled. The scariest part? Most people had no idea their device was involved.

The EU Cyber Resilience Act (CRA) is set to transform cybersecurity—from a best practice into a legal requirement. But what does that "actually" mean for security teams, product leaders, and CISOs? In this episode, host Tova Dvorin and cybersecurity expert Adrian Culley break down the CRA in plain terms—and explain why the shift to continuous security validation is unavoidable. You’ll learn: With enforcement deadlines approaching and significant penalties on the horizon, the message is clear: If your security testing isn’t continuous, it’s not CRA-ready.