In addition to the podcasts below, I have appeared on the Wednesday Offensive along with the Thursday Defensive twice each. Though these episodes are not recorded, I highly recommend that you check out the associated links to these web/podcasts, as they are extremely informative. Each week you’ll find a new offensive or defensive practitioner, respectively, who will be presenting on an interesting topic. Make sure to check them out!

Exploring Ransomware Builders

February 11, 2024, Cyber from the Frontlines

Since September 2021, there have been multiple leaks of ransomware source code and builders for prominent ransomware families, including Babuk, Conti, LockBit 3.0, and Chaos. This has had a significant impact on the threat landscape by lowering the barrier to entry for unsophisticated cybercriminals and a surge in the emergence of ransomware variants.

Watch SANS Certified Instructor and Ransomware expert Ryan Chapman exploring the following Ransomware Builders: Chaos Ransomware Builder, Lockbit 3.0 Builder, & RAASNet.

Direct link:

E3 Ransomware : What You Need to Know!

February 3, 2024, Cyber from the Frontlines

In Episode 3 of Cyber from the Frontlines, Arun Warikoo hosts SANS Certified Instructor and ransomware expert Ryan Chapman to explore the evolving ransomware landscape. Tune in to a fascinating conversation on ransomware!! The conversation revolved around understanding a typical ransomware attack chain, the RaaS ecosystem, top ransomware threat actors to look out for and hunting ransomware actvity. Ryan also shared valuable resources to learn more about ransomware.

Direct link:

Security Weekly Episode #798

September 13, 2023, Security Weekly

Ryan has his finger on the pulse of ransomware and response. We discuss how the initial infections are occurring, how they’ve changed over time, and where they are going in the future!

Segment Resources: For folks to see my recent presentations:

For folks to see the recordings of our 2023 Ransomware Summit: (see also

For folks to watch my recent (free) ransomware workshop:

Workshop materials:

Visit for all the latest episodes!. Show Notes:

Direct link:

Managing Cybersecurity Threats in 2023 Episode 2

April 6, 2023, PLUS Podcast

Ransomware attacks continue to rise in 2023. This podcast addresses the state of the cyber response to these attacks as well as the U.S. government’s National Cyber Security Strategy and the FBI’s recently announced heightened proactive strategy to disrupt ransomware threat actors. Questions remain as to whether these actions will lead to a decrease in the number of ransomware attacks that business entities sustain, or whether an increase in ransomware attacks will occur as a result of the decentralization of the threat actors. The presenters also discuss how these actions could affect the claims and underwriting environment for insurers and their insureds.

Direct link:

Heartland Community College, PYSA, Bitsight and KnowB4 | Ryan Chapman

November 21, 2022, Tech & Main hosted by Shaun St.Hill

Today, we will be talking for a 2nd time with our good friend, Ryan Chapman. Listen as Ryan and I cover the post mortem of the ransomware attack on Heartland Community College. Ryan also gives us a better understanding of the ransomware group, PYSA. He also provides feedback on Bitsight and KnowB4.

Direct link:–PYSA–Bitsight-and-KnowB4–Ryan-Chapman-e1qpbtd

dot com: The Hacking – 4 Part Series

Is the post-Cold War era over? In this brave new world, nothing is too small, or big, to be digitalised…including acts of war. Russian ransomware attacks almost doubled last year. At this very moment, cybercriminals are crippling schools, supermarkets, dentists, kindergartens, hospitals, oil pipelines – all in the name of money. Katie Puckrik wants to know who, and why.

Click to review descriptions of all four episodes

Part 1: You’d think healthcare would be a no-go. You’d hope that, surely, even Russian cybercriminals have their moral boundaries. But you have no idea the lengths they’ll go to for money. This is the story of how the world’s oldest maternity hospital, Dublin’s Rotunda Hospital, was crippled with a single email and forced to revert to pens and paper.

Part 2: It’s not just cybercriminals who hack. In February 2022 Russia invades Ukraine, and a few months later someone leaks 60,000 private messages from one of the world’s most complex, ruthless and profitable Russian ransomware gangs, alongside a post ‘Glory to Ukraine!’ The findings – what they reveal about who these hackers are, how they recruit, and how they choose victims – are incendiary.

Part 3: Psychological pressure…that’s what ransomware is all about. Holiday weekends and Fridays are prime time for ransomware attacks, and on Friday 2nd July 2021 Robert Cioffi was looking forward to celebrating Independence Day with his family. But soon he’d be caught up in the biggest single ransomware attack to date, that would have a disastrous domino effect on up to 2000 businesses worldwide: kindergartens in New Zealand, dental practices in the US, supermarkets in Sweden.

Part 4: Ransomware gangs don’t just go for the big fish. Kareem grew up on the West Side of Chicago in a neighbourhood woven with a pattern of guns, drugs and violence; until Lincoln College – a tiny place, one of the US’s only Predominantly Black Institutions – turns his life around. But in December 2021, ransomware comes to town. Plus: Katie meets Barack Obama’s ex-Special Advisor for Cybersecurity, who finally untangles the question that’s been bugging her…why Russia?

The Best Definition of Ransomware Ever | Ryan Chapman

April 4, 2022, Tech & Main hosted by Shaun St.Hill

Today, we will be talking with our good friend, Ryan Chapman. He is a Principal Incident Response & Forensic Consultant for Blackberry (yes, that Blackberry!). Listen as Ryan gives the most complete answer ever to the question, What is ransomware? In addition to the answer, we give a super detailed example of what ransomware looks like for a one-person IT department.

Direct link:–Ryan-Chapman-e1gkfuv

What is Incident Response?

September 1, 2021, I Like to Hack Things hosted by Valcan_K

What’s up #SecurityNinjas! Have you ever heard of Incident Response? Incident Response is a very important career field within cybersecurity, and it can be a lot of fun. I had the opportunity to speak with Ryan Chapman about his many years of experience in Incident Response and cybersecurity. Ryan provides a ton of good information about skills, and some insights into the job interview process.

You’re Not Really Ready for Ransomware

  • August 4, 2021, Recorded Future Podcast

Mythical Malware Analysis

  • May 9, 2021, Positively Blue Team podcast hosted by BSDBandit and Understudy77

Tonight is part one of what I’m sure will be a whole series with the wonderful Ryan Chapman (rj_chap) and Mobius (@MalwareMobius) where we start to dig into the fundamentals of malware and malware analysis. Join us for this whole new world!

Ask Us Anything! Cyber Defense Live Q&A #2 – 05/07/2021

  • May 7, 2021, Blueprint Podcast Presented by John Hubbard

Come join Blueprint Podcast host John Hubbard, Justin Henderson, and a rotating cast of cyber defense and blue team expert guests in an informal hangout driven by, and based entirely on your questions! Anything goes – cyber defense, incident response, ransomware, APTs, threat intel, SOC management, defensive tools, analysis techniques and more! Hit the chat room and let us know what’s on your mind!

Don’t forget to subscribe to Blueprint here or where ever you listen to podcasts!​

SOC X – The Special

  • April 12, 2021, Positively Blue Team podcast hosted by BSDBandit and Understudy77

Welcome all to the first Positively Blue Team Special, every so often something happens that shines a spotlight on the world of the defenders and people in DFIR, and when those things come to the forefront we want to talk about them. So tonight we are here to talk about the SOC X World Championships ( which consisted of 50 teams coming from multiple parts of the world and industries all competing against each other for the title of SOC World Champion.
Join us with the folks who put it on from Recon Infosec (Whitney Champion -@shortxstack, Eric Capuano – @eric_capuano, and Samuel – @Valcan_K) and some folks from the winning team at Blackberry (Ryan Chapman – @rj_chap and Codi) as we go through the ins and outs of the competition, some of the scenarios, and advice for future competitors. This is a long one so buckle in and enjoy!

Direct link:

The Blue Teamer’s Blueprint for Malware Triage

  • March 30, 2021, SANS Blueprint Podcast hosted by John Hubbard

Even if you’re not a malware analyst, any blue teamer should be able to do some initial basic malware sample triage. The good news is that this is quite easy to do using freely available tools once you know what is available. Join John in this conversation with Ryan Chapman as they discuss how to reverse engineer malware and why you might want to do so.

Direct link:

Anatomy of a Breach

November, 2020, InSecurity podcast with Matt Stephenson

When is a breach a breach? When is it a data leak? When is it simply a server left exposed? On this edition of InSecurity, Matt Stephenson talks with veteran Incident Response Consultants John Wood and Ryan Chapman about what happens once the bad guys break in and what the good guys can and must do when dealing with the results of a cyber-attack. Plus: PORT 3389! Dig it…

Direct link:

The Computer Incident Response Team (CIRT) Role

November, 2020, Cybersecurity Innovation Podcast hosted by Cody Hackett

Ryan Chapman is a very seasoned information security professional with experience across multiple domains like technical training, hands-on incident response, and security operations.

In this episode, we learn from Ryan about the role of a CIRT team, day in the life of an incident response analyst, red/blue/purple teaming, and all other general topics related to information security.

Direct link:

Surf Kahuna (part 1) – Origin story of a Digital Forensic Incident Responder (DFIR)

July 24, 2022, AOL Underground hosted by Steve Stonebraker

Surf Kahuna (Ryan Chapman) shares his origin story about a series of events that occurred on AOL that rocked his world and led him down the path of digital forensics.

Surf Kahuna (Ryan Chapman) finishes his origin story and what he learned from it.  Then Steve and Ryan talk espionage, multiple Advanced Persistent Threats, retro gaming, password spraying, ransomware, and what has helped Ryan be successful in Infosec.

WARNING!! This podcast includes NSFW language! I debated putting this on my Website. I cursed more than a sailor. These two episodes for the AOL Underground podcast were meant to be “underground.” I was speaking to my former fellow hackers from the America Online “scene,” as we called it. This is not meant to be a professional podcast. But the story ended up being so deep and important to me that I’m posting here. We may re-record a SFW version later.