Let's Talk
Let's Talk
LET'S TALK
Josh Shepard

Josh Shepard

Josh has spent his career hunting for and neutralizing nation-state threat actors targeting critical infrastructure. During his time with the USAF, he led a team of threat hunters pursuing advanced persistent threats (APTs) targeting the defense industrial base, energy, transportation, and water/wastewater sectors. From there he transitioned to Ro, a startup in the healthcare sector, where he built and led a threat intelligence and threat hunt program operating on a multi-cloud, multi-operating system environment.

VIP Keylogger
We explore how the VIP Keylogger makes use of two interesting defense evasion techniques – remote template injection and steganography.
Threat Hunting and Intelligence

VIP Keylogger

Jan 28, 2025 2 min read
VS Code Remote Tunnels
We explore how threat actors use VS Code remote tunnels and how you can go about detecting them before it’s too late.
Threat Hunting and Intelligence

VS Code Remote Tunnels

Jan 07, 2025 2 min read
More_Eggs Malware
We’ll be diving into a recent more_eggs campaign that The DFIR report covered.
Threat Hunting and Intelligence

More_Eggs Malware

Dec 18, 2024 2 min read
Smuggling with HTML
HTML smuggling is a technique that allows malicious payloads to be delivered to a victim's endpoint using HTML files.
Threat Hunting and Intelligence

Smuggling with HTML

Dec 02, 2024 2 min read
Phishing with Fabric - A “Universal Workspace”
RADICL recently observed a phishing campaign that leverages tried and true techniques with a new cloud service.
Threat Hunting and Intelligence

Phishing with Fabric - A “Universal Workspace”

Nov 27, 2024 2 min read
Tracking Lumma Stealer
Lumma Stealer is a type of malware designed to steal information.
Threat Hunting and Intelligence

Tracking Lumma Stealer

Nov 15, 2024 2 min read
Load More Stories
 

THE DIB CYBERSECURITY MATURITY REPORT 2025 EDITION

Read Full Report
RADICL_ DIB Report_Part 5

Regulatory Compliance

Read More  
CMMC Compliance Deadline 2026: Key Dates That Affect Your DoD Contract
Regulatory Compliance

CMMC Compliance Deadline 2026: Key Dates That Affect Your DoD Contract

Apr 13, 2026 6 min read
CMMC Readiness Assessment: 7 Top Compliance Mistakes That Delay Readiness
Regulatory Compliance

CMMC Readiness Assessment: 7 Top Compliance Mistakes That Delay Readiness

Apr 13, 2026 9 min read
Top NIST 800-171 Compliance Services Providers (2026)
Regulatory Compliance

Top NIST 800-171 Compliance Services Providers (2026)

Mar 27, 2026 10 min read

Threat Hunting & Intelligence

Read More  
Multi‑Stage VBScript Malware Analysis
This is a detailed breakdown of a malicious VBS script discovered on an endpoint within RADICL’s customer base as a result of RADICL’s custom EDR detection logic. The script executes a multi-stage attack designed to achieve persistence, evade detection, and deploy a secondary payload.
Threat Hunting and Intelligence

Multi‑Stage VBScript Malware Analysis

Jul 23, 2025 7 min read
Unmasking the Toy Maker Initial Access Broker
An initial access broker is a type of threat actor specializing in gaining initial persistent access to an environment.
Threat Hunting and Intelligence

Unmasking the Toy Maker Initial Access Broker

May 20, 2025 2 min read
Too Good To Be True
In this campaign, Lazarus Group tricks a user into running a malicious script on their machine by having them apply for a job that is just a little too good to be true.
Threat Hunting and Intelligence

Too Good To Be True

May 01, 2025 3 min read

Industry Analysis

Read More  
David Dickey on Scaling Defense Tech Hiring
DIB Innovators

David Dickey on Scaling Defense Tech Hiring

Apr 30, 2026 1 min read
Jonathan Slavik on Payload Handoffs in Hours, Not Months
DIB Innovators

Jonathan Slavik on Payload Handoffs in Hours, Not Months

Apr 23, 2026 1 min read
Jackson Moses on Why Dual Use Is a Dirty Word in Defense Tech
DIB Innovators

Jackson Moses on Why Dual Use Is a Dirty Word in Defense Tech

Apr 16, 2026 1 min read

Incident Response

Read More  
What Are Incident Response Solutions?
Incident Response

What Are Incident Response Solutions?

Apr 13, 2026 7 min read
A Day in the Life: Our vSOC Responds to the CrowdStrike Incident
On the evening of 7/25/24, CrowdStrike pushed a content update which caused Windows systems to crash and/or enter a reboot loop, rendering the systems unusable.
Incident Response

A Day in the Life: Our vSOC Responds to the CrowdStrike Incident

Jul 24, 2024 2 min read
I Spy a Ransomware Attack
Ransoming an espionage victim carries several advantages that can make it an ideal move for nation-state threat actors.
Incident Response

I Spy a Ransomware Attack

Jul 16, 2024 2 min read

Attack Surface & Vulnerability Management

Read More  
Iranian APT Actors Are Targeting Your PLCs — Here's What to Do
There was a joint advisory this week (AA26-097A) warning of active exploitation of internet-facing Programmable Logic Controllers (PLCs).
Attack Surface and Vulnerability Management

Iranian APT Actors Are Targeting Your PLCs — Here's What to Do

Apr 09, 2026 2 min read
CMMC Enclave: What It Is, When It Works, and How to Build the Right Compliance Boundary
Attack Surface and Vulnerability Management

CMMC Enclave: What It Is, When It Works, and How to Build the Right Compliance Boundary

Mar 26, 2026 11 min read
Daryan Dehghanpisheh on Extending Vulnerability Management to AI
Attack Surface and Vulnerability Management

Daryan Dehghanpisheh on Extending Vulnerability Management to AI

Jan 23, 2026 1 min read

Security Operations & vSOC

Read More  
Top SOC Service Providers (SOCaaS) for 2026
Security Operations & vSOC

Top SOC Service Providers (SOCaaS) for 2026

Mar 26, 2026 11 min read
Best MDR Providers for Regulated Industry & DIB Contractors (2026)
Security Operations & vSOC

Best MDR Providers for Regulated Industry & DIB Contractors (2026)

Mar 12, 2026 16 min read

Operational Resilience

Read More  
Cyber Resilience at the Crossroads
DIB Innovators

Cyber Resilience at the Crossroads

Apr 10, 2025 2 min read
Ep 1: Charles McCarrick on Innovation and Opportunity in the DIB
Micro-Ant's Charles McCarrick on Innovation and Opportunity in the DIB
DIB Innovators

Ep 1: Charles McCarrick on Innovation and Opportunity in the DIB

Dec 08, 2023 2 min read

The DIB Innovators

Celebrating the brilliant minds driving innovation in the Defense Industrial Base. Join host David Graff as he speaks with DIB leaders championing our nation’s security and shaping the future of defense technology.

Start Listening  
EP 97 — Teague's Matt McElvogue on Why Operators Stop Trusting the Tech & Start Working Around It
DIB Innovators

EP 97 — Teague's Matt McElvogue on Why Operators Stop Trusting the Tech & Start Working Around It

May 12, 2026 1 min read
David Dickey on Scaling Defense Tech Hiring
DIB Innovators

David Dickey on Scaling Defense Tech Hiring

Apr 30, 2026 1 min read
Jonathan Slavik on Payload Handoffs in Hours, Not Months
DIB Innovators

Jonathan Slavik on Payload Handoffs in Hours, Not Months

Apr 23, 2026 1 min read
RADICL_Next Gen_Logo_White
RADICL's Facebook RADICL's LinkedIn RADICL's X (Twitter) RADICL's Instagram RADICL's YouTube