Symantec Threat Hunters found malware that turns a legitimate document-security platform into its own exfiltration channel. Infostealer.Speagle hijacks Cobra DocGuard to chase Chinese ballistic missile documents — then uses the platform's own driver to delete itself. A look at the Runningcrab activity cluster. Listen in.

SIEM was supposed to be the nerve center of every security operation — collect every log, correlate every event, surface every threat. Most organizations ended up with an expensive log warehouse that generates more noise than signal.

Recorded live from RSAC, Dan sits down with Justin Falck — Head of Product for Endpoint at the Enterprise Security Group at Broadcom — to break down where the SIEM model broke, why "magic correlation" never showed up, and what's actually replacing it in modern security operations.

In this episode:

• The original promise of SIEM and where the math fell apart
• How detection engineering became a budget black hole
• Why XDR and MDR are reshaping the SOC
• "Owning the blades" — vendor-native correlation vs. data-lake aggregation
• Where SIEM still works (and the team sizes it takes)
• A look at CBX, Carbon Black's XDR launch from RSAC

More at security.com. Subscribe, rate, and share with your fellow defenders.

Stay sharp, stay curious, stay human.

The Evolution of Cybersecurity Media & PR — with Tony Welz, W2 Communications

Cybersecurity went from a niche trade-press beat to a nation-state strategy domain in about 25 years. Dan Mellinger sits down with Tony Welz, co-founder of W2 Communications — a strategic communications agency that's specialized in cybersecurity for 23 years — to unpack how the story got told along the way, and who's telling it now.

Tony's been in the room for nearly every inflection point: working with Sourcefire from their A-round through their Cisco acquisition, watching FireEye seed the modern threat-research content model, navigating the Target/Sony/Ashley Madison breach era, and helping clients adapt to today's SEC disclosure rules and geopolitical cyber reality.