Reimagining Cyber - real world perspectives on cybersecurity

Every week brings another breach headline. A retailer is compromised. An airline suffers a cyberattack. A ransomware gang claims another victim. A cryptocurrency company loses sensitive data.
The victims change, the industries change, and the attackers sometimes change—but many of today's most significant breaches follow a remarkably similar pattern.
In this episode of Reimagining Cyber, Tyler Moffitt breaks down the common attack chain behind modern cyberattacks and explains why threat actors continue to rely on the same core tactics year after year. From phishing, social engineering, and credential theft to identity compromise, privilege escalation, data access, and extortion, the conversation explores the techniques that repeatedly appear across major incidents.
The episode examines why identity has become the primary target for attackers, how groups such as Scattered Spider have demonstrated the power of identity-based attacks, and why data theft and extortion are increasingly replacing traditional ransomware operations.
Rather than focusing on the company named in the latest headline, security leaders and practitioners should focus on the attack path itself. Understanding how attackers gain access, move through environments, and monetize breaches reveals the patterns that matter most—and the defensive strategies that can make the greatest difference.
Key topics include:
Why many major breaches follow the same attack chain
The continued effectiveness of phishing and social engineering
How attackers exploit identities, credentials, and privileged access
The rise of data extortion and extortion-first operations
Why cybercriminal groups operate more like businesses than hackers
Practical lessons organizations can apply to strengthen security defenses
Whether you're a CISO, security practitioner, IT leader, or simply interested in the evolving threat landscape, this episode provides valuable insight into the techniques driving today's most impactful breaches—and why understanding the playbook is critical for defending against tomorrow's attacks.
As featured on Million Podcasts' 
Best 100 Cybersecurity Podcasts  
Top 50 Chief Information Security Officer CISO Podcasts 
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

For years, cybersecurity leaders have focused on identity as the new perimeter. MFA, Zero Trust, SSO, and identity protection became the center of modern security strategies.
But while everyone was focused on identity, attackers never stopped targeting something much older: internet-facing infrastructure.
VPNs. Firewalls. Remote access appliances.
Recent attacks involving Check Point, Fortinet, Ivanti, SonicWall, and others show that the perimeter never really disappeared.
In this episode, Tyler Moffitt discusses why edge devices remain prime ransomware targets, why patch windows matter more than ever, and why vulnerability management remains one of cybersecurity's most important fundamentals.
As featured on Million Podcasts' 
Best 100 Cybersecurity Podcasts  
Top 50 Chief Information Security Officer CISO Podcasts 
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

Scattered Spider has become one of the most disruptive cybercrime groups in the world—not because of advanced malware or zero-day exploits, but because of its mastery of social engineering and identity attacks.
In this episode, Tyler Moffitt explores how the group is evolving its tactics. Rather than targeting organizations at random, Scattered Spider appears to be moving industry by industry, reusing successful playbooks across sectors including casinos, retail, insurance, and airlines. Once they understand how one organization handles identity verification, help desk requests, and MFA resets, they can apply those same techniques across an entire industry.
Tyler reveals:
How Scattered Spider rose to prominence through high-profile attacks
Why identity has become the primary attack surface
The shift from software vulnerabilities to business process vulnerabilities
How attackers exploit trust, urgency, and help desk workflows
Why industry-specific attack campaigns are so effective
What organizations of all sizes can do to defend against identity-based threats
The key takeaway: modern attackers don't always need to hack their way in—they can simply convince someone to open the door. As Scattered Spider continues to refine its approach, organizations must rethink not just how they secure systems, but how they verify trust.
Identity is the new perimeter—and Scattered Spider may be proving it better than anyone else.
As featured on Million Podcasts' 
Best 100 Cybersecurity Podcasts  
Top 50 Chief Information Security Officer CISO Podcasts 
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

ClickFix is a fast-growing social engineering technique appearing in malware campaigns, compromised websites, fake CAPTCHA prompts, and browser verification scams. 
In this episode Tyler Moffitt explains how attackers compromise legitimate sites by exploiting unpatched CMS or plugins, inject malicious JavaScript, and then trick visitors into “verifying” by opening Run/PowerShell and pasting a preloaded command that downloads malware, leading to info stealers and potentially ransomware. 
ClickFix is effective because it leverages trusted brands, bypasses traditional phishing defenses, scales via high-traffic sites, and is increasingly polished through AI. They connect this to the shrinking “patch window,” emphasizing rapid patching, reducing internet exposure, monitoring website integrity, updating user training to avoid pasting commands, and layering defenses like EDR/MDR and DNS filtering.
As featured on Million Podcasts' 
Best 100 Cybersecurity Podcasts  
Top 50 Chief Information Security Officer CISO Podcasts 
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

The 2026 Verizon DBIR is here — and one finding changes the conversation around cyber risk.
For years, the industry has focused on identity as the primary attack surface. But according to the latest Data Breach Investigations Report, vulnerability exploitation has now overtaken credential abuse as the most common initial access vector in breaches.
In this episode of Reimagining Cyber, Tyler Moffitt breaks down what the report really means for defenders, MSPs, and SMBs. He explores why attackers are moving faster than patch cycles, how AI is accelerating both exploitation and phishing, and why “identity vs. patching” is the wrong debate.
He also unpacks:
Why vulnerability exploitation surged to the top attack vector
How AI is compressing the timeline from disclosure to attack
Why ransomware still dominates breach outcomes
The growing role of third-party and supply-chain risk
Why SMBs struggle most with patch management and visibility
Practical steps organizations should prioritize right now
What MSPs should be telling customers after this year’s DBIR
Key takeaway:
“Identity is the new perimeter, but vulnerability management is still the unlocked window.”
If you work in cybersecurity, IT, risk management, or support SMB environments, this episode delivers practical insight into where attackers are succeeding — and what organizations need to do next.
#CyberSecurity #DBIR #Ransomware #PatchManagement #IdentitySecurity #AI #MSP #CyberRisk #VerizonDBIR #Infosec
As featured on Million Podcasts' 
Best 100 Cybersecurity Podcasts  
Top 50 Chief Information Security Officer CISO Podcasts 
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com