
Most cybersecurity pros only run into cryptocurrency when they’re dealing with ransomware gangs demanding payouts in Bitcoin. But what if crypto infrastructure were more than just a means of money laundering? In this episode of IBM’s Security Intelligence podcast, X-Force threat intelligence consultant Austin Zeizel makes the case that blockchain — the decentralized ledger underlying many cryptocurrency systems — has powerful, largely untapped applications for cybersecurity. In fact, Austin makes a pretty convincing argument that blockchain could be the key to a genuinely zero trust architecture. We also get into how cybercriminals actually exploit cryptocurrency — coin mixers, non-KYC exchanges, the pseudonymous nature of Bitcoin — and why understanding those mechanics matters for defenders. The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.
Mar 27
22 min

Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence Someone finally cracked the Xbox One after 13 years. Here’s why security pros should care. On this episode of Security Intelligence, panelists Ian Molloy, Seth Glasgow and Kimmie Farrington discuss the Xbox One hack presented at RE//verse 2026. More than just a neat story of one hacker’s ingenuity, there are some important takeaways for practitioners here. But before that, we get into promptware, a new model for understanding attacks on LLMs that goes beyond the basics of prompt injections. Formulated by a handful of prominent cybersecurity researchers, including Bruce Schneier, promptware urges defenders to start thinking about the full AI attack kill chain, not just the front door. Then we dive into a new analysis of cloud attack trends from IBM X-Force's Omari Jones, which finds that cybercriminals are targeting cloud ecosystems rather than cloud infrastructure. How do we need to shift our own mindsets to counter this? Meanwhile, Google Threat Intelligence Group and Coveware find ransomware gangs increasingly ditching their flashy external tools in favor of PowerShell and other built-in system utilities—making detection significantly harder. And Chuck Everette's Dark Reading op-ed raises a question that doesn't get enough airtime: With everyone focused on cutting-edge AI tech, what about the downright ancient OT systems and PLCs that underpin large swaths of American critical infrastructure? All that and more on Security Intelligence. In this episode: 00:00 – Introduction 1:01 -- From prompt injection to promptware 11:15 -- Cloud security trends 2026 19:59 -- Ransomware attackers live off the land 28:53 -- OT security: cybersecurity’s “rusting edge” 34:41 -- The Xbox One hack The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Cloud attacks are evolving: What 2025 trends mean for defenders in 2026 → https://www.ibm.com/think/x-force/cloud-attacks-evolving-what-2025-trends-mean-defenders-2026
Mar 25
40 min

Listen to our latest episode, Can IAM handle AI? → https://www.ibm.com/think/podcasts/security-intelligence/ai-agent-access-problem-iam-handle-ai Does your AI agent talk too much? It’s not just an annoying habit—it’s a security concern. On this episode of Security Intelligence, Sridhar Muppidi, Claire Nuñez and Dave Bales join me to discuss Guardio’s research into “agentic blabbering,” and how attacks can use an agent’s reasoning process against it. In experiments with the agentic Perplexity Comet browser, Guardio researchers were able to design foolproof phishing websites just by listening to agent’s running monologue as it traversed the web. What does it mean for agentic security when sophisticated AI reasoning processes can be weaponized? Then, we chat about Microsoft Azure CTO Mark Russinovich’s discovery that Claude Opus can reverse engineer 40-year-old (practically ancient, by software standards) code. Did AI just expand the attack surface to include every compiled binary ever written? Plus: Contrast Security CISO David Lindner claims that shift left has failed. Dramatic increases in the exploitation go vulnerable code—confirmed by the IBM Threat Intelligence Index 2026, among many other reports—suggest he might be onto something. But is there more to the story? And, finally, we dig into two new pieces of research from IBM X-Force: One about a new piece of AI-generated malware, and another about reframing how we think about authentication. All that and more on Security Intelligence. 00:00 -- Introduction 1:19 -- Perplexity Comet’s “agentic blabbering” 13:06 -- AI resurrects old vulnerabilities 21:28 -- Did shift left fail? 30:05 -- AI slop and the post-auth perimeter The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Read more about “Slopoly” → https://www.ibm.com/think/x-force/slopoly-start-ai-enhanced-ransomware-attacks
Mar 18
36 min

Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence Did you miss out on the [un]prompted AI security conference? So did most of us. Except our very own Dustin “Evil Mog” Heywood, who joins us today to share highlights from the event. And speaking of [un]prompted, we also discuss one of the biggest announcements to come out of the event: the Zero Day Clock. This coalition of experts is arguing that we need to radically rethink vulnerability management in the face of plummeting time-to-exploit values for new vulnerabilities. Among their demands that might prove to be quite controversial: holding software makers liable for flaws and building more disposable architecture. Then we talk about some notably nasty AI agent behavior, including manipulating prescriptions and writing mean blog posts about human users. Finally, we round out the week with a discussion of burnout among cybersecurity pros. We’re working, on average, 10 overtime hours per week. It’s exhausting—and really, really bad for security. All that and more on Security Intelligence. 00:00 -- Introduction 01:26 -- Report back from [un]prompted 09:07 -- The zero day collapse 21:26 -- AI agents harassing humans 31:26 -- Burnout in cybersecurity The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe to the IBM Think newsletter → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120 #zerodaysexploits #AIsecurity #AIagentsecurity #vulnerabilitymanagement
Mar 11
38 min

Can IAM handle AI? Find out → https://www.ibm.com/think/podcasts/security-intelligence A consumer just wanted to control his own personal robot vacuum with a PlayStation controller. He ended up controlling thousands of strangers’ vacuums, too. This week on Security Intelligence, we cover one of the wildest IoT security stories in recent memory: How one user accidentally built an army of 6,700 robot vacuums, and what it means for cybersecurity pros. Then we turn to TOAD — telephone-oriented attack delivery — a deceptively low-tech social engineering method that's quietly becoming one of attackers' favorite tools. We talk about why it works and what defenders can actually do about an attack that skips most of your defenses entirely. And finally: healthcare's cybersecurity problems. This season of the hit medical drama The Pitt features a hospital-debilitating ransomware attack, which is perhaps one of the most realistic things to ever happen on a show known for its verisimilitude. We explore why ransomware is so prevalent in healthcare, why patching is rare and what it would actually take to change that. 00:00 -- Introduction 0:58 -- Rise of the robot vacuum army 10:02 -- Anthropic debuts Claude Code Security 24:39 -- Thwarting distillation attacks 34:23 -- Why hackers love TOADs 44:14 -- Healthcare’s cybersecurity woes The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Explore the Threat Intelligence Index 2026 → https://www.ibm.com/reports/threat-intelligence#sipod #AIcodesecurity #vibecoding #securitydebt #IoTsecurity #vishing
Mar 4
53 min

AI agents are coming to the enterprise—but can we actually control them? On this bonus episode of Security Intelligence, IBM Fellow and CTO IBM Security Sridhar Muppidi helps us dig into the rise of agentic AI security risks, from generative AI systems with backend access to autonomous agents that can schedule meetings, call APIs and automate workflows — often with highly privileged access. Traditionally, identity and access management has (IAM) focused on human beings. Then came service accounts and API credentials. Now? We’re facing an explosion of machine identities, including a brand-new class of AI identities that blend human and machine characteristics. How do we manage identity and access for software systems that behave like human users? Join us for a discussion of: What makes AI identity management different from traditional IAM Why valid account abuse remains one of the top attack vectors — and how AI could amplify it The risks of giving generative AI systems the keys to the kingdom How enterprises should think about AI access control and governance Why there’s still no clear standard for securing AI and non-human identities The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence
Feb 27
19 min

For years, stolen credentials were king—the hacker’s attack vector of choice. Until now. The 2026 IBM X-Force Threat Intelligence Index reveals a surge in the exploitation of public-facing applications, overtaking identity-based attacks as the top initial access vector. Why are threat actors changing their tactics so dramatically—and what does it mean for defenders? In this episode of Security Intelligence, panelists Claire Nuñez, Chris Caridi and Joe Xatruch break down the biggest findings from the latest Threat Intelligence Index, plus: Infostealers that grab AI agents’ “souls” Compromised packages that drop AI agents as malware The AI infrastructure flaws we can’t seem to fix Why threat intelligence is so siloed—and what we can do about it All that and more—on Security Intelligence. 00:00 - Intro 1:17 - Threat Intelligence Index 2026 16:22 - Stealing AI agents’ souls 28:03 - AI infrastructure flaws 36:36 - Threat intelligence made human The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence Explore the Threat Intelligence Index 2026 → https://www.ibm.com/reports/threat-intelligence#sipod
Feb 25
47 min

Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligence Valentine’s day might be over, but love is in the air. The love a scammer has for their victim’s wallet, that is. In this special episode of Security Intelligence, host Matt Kosinski sits down with Claire Nunez, Suja Viswesan, and Dave Bales to break down how modern romance scams actually work: from the “wrong number” text that starts an innocent chat, to long-con “pig butchering” schemes that use emotion, trust and time to extract money — often through crypto investment bait. The panel explains why anyone can fall for these scams, how breaches and public records can help scammers build convincing victim profiles and how AI is making the problem worse. Finally, the team gets practical: how to talk to a loved one who may be caught in a scam, how to remove stigma so people report faster and what organizations can do when a “personal” scam becomes a corporate risk. Key takeaways: Don’t respond to unknown numbers, treat online “investment opportunities” as a red flag and remember: if this happened to you, you’re not alone. The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe to the IBM Think newsletter → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120
Feb 18
37 min

Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligenceAre enterprises moving too fast with AI—and breaking security in the process? In this episode of Security Intelligence, host Matt Kosinski is joined by Sridhar Muppidi, Nick Bradley and Jeff Crume to unpack a pivotal moment in cybersecurity. The panel dives into the rapid rise of AI agents and the growing risks of shadow AI in the enterprise, comparing open-source agent platforms like OpenClaw with proprietary models such as Claude Opus 4.6 and its new agent teams. We explore how speed-first AI adoption, unsecured agent implementations and weak separation of duties are creating new attack surfaces—and why executives may be unintentionally fueling the problem. The conversation also examines the recent Notepad++ supply chain breach as a warning sign of broader software inventory and supplier risk failures, and analyzes DragonForce’s attempt to reinvent ransomware as a scalable cartel business. Along the way, we keep returning to a key theme: Have we optimized for velocity at the expense of security? 00:00 -- Intro 01:18 -- OpenClaw vs. Claude Opus 4.6 15:05 -- Move fast. Break security? 27:29 -- Notepad++ breach 38:55 -- DragonForce ransomware cartel The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe to the IBM Think newsletter → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120 #OpenClaw #ClaudeOpus #shadowAI #AIagentsecurity
Feb 11
47 min

OpenClaw and Moltbook are extremely cool. They're also extremely dangerous. And they tell us just how far AI agent security has to go. In this episode of Security Intelligence, Dave McGinnis, Seth Glasgow and Evelyn Anderson unpack how locally run AI agents are becoming a brand-new attack surface, and why defenders may be underestimating the risks. From misconfigured agent databases leaking API keys, to malicious “skills” that can quietly hijack trusted systems, we explore what happens when powerful AI tools are treated like just another app. We also dig into a growing signal problem across cybersecurity: Why AI-generated “slop” is overwhelming bug bounty programs. Why NIST may stop enriching vulnerabilities in the National Vulnerability Database. Along the way, our panel debates a deeper question: Is AI a gift or a curse for security pros? All that and more on Security Intelligence 00:00 - Intro 01:03 - OpenClaw and the AI agent attack surface 16:49 - Will AI slop end bug bounties? 26:49 - Big changes to NIST’s NVD 35:27 - The problem with vibe coded malware The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe for more AI and cybersecurity news → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120 Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligence
Feb 4
45 min
Load more
