Let's Talk
Let's Talk
LET'S TALK
Josh Shepard

Josh Shepard

Josh has spent his career hunting for and neutralizing nation-state threat actors targeting critical infrastructure. During his time with the USAF, he led a team of threat hunters pursuing advanced persistent threats (APTs) targeting the defense industrial base, energy, transportation, and water/wastewater sectors. From there he transitioned to Ro, a startup in the healthcare sector, where he built and led a threat intelligence and threat hunt program operating on a multi-cloud, multi-operating system environment.

Big Brother Hacker - Attack Reconnaissance
We identify ways hackers leverage everyday websites and tools to build a picture of a target organization they can use to gain initial access.
Threat Hunting and Intelligence

Big Brother Hacker - Attack Reconnaissance

Jun 05, 2024 5 min read
Navigating Skynet with MITRE ATLAS
MITRE ATLAS is a globally accessible, living knowledge base of adversary tactics and techniques against Al-enabled systems based on real-world attack observations and realistic demonstrations from Al-red teams and security groups.
Threat Hunting and Intelligence

Navigating Skynet with MITRE ATLAS

May 20, 2024 2 min read
Master of Disguise 2: The Art of Redirection
RADICL has recently seen an uptick in threat actors using open redirect vulnerabilities in legitimate websites to hide their phishing links.
Attack Surface and Vulnerability Management

Master of Disguise 2: The Art of Redirection

May 09, 2024 2 min read
Master of Disguise: URL Edition
Seemingly innocent URLs can be hiding cybersecurity threats.
Attack Surface and Vulnerability Management

Master of Disguise: URL Edition

Apr 18, 2024 5 min read
Cloudy With a Chance of Credit Card Theft
RADICL has observed an ongoing phishing campaign with the intent to steal a victim’s credit card information and other personal data such as email and physical address.
Threat Hunting and Intelligence

Cloudy With a Chance of Credit Card Theft

Mar 07, 2024 3 min read
From Zero to One: A Threat Hunting Training Montage (Part 1)
Attack Surface and Vulnerability Management

From Zero to One: A Threat Hunting Training Montage (Part 1)

Jan 11, 2024 3 min read
Load More Stories
 

THE DIB CYBERSECURITY MATURITY REPORT 2025 EDITION

Read Full Report
RADICL_ DIB Report_Part 5

Regulatory Compliance

Read More  
CMMC Compliance Deadline 2026: Key Dates That Affect Your DoD Contract
Regulatory Compliance

CMMC Compliance Deadline 2026: Key Dates That Affect Your DoD Contract

Apr 13, 2026 6 min read
CMMC Readiness Assessment: 7 Top Compliance Mistakes That Delay Readiness
Regulatory Compliance

CMMC Readiness Assessment: 7 Top Compliance Mistakes That Delay Readiness

Apr 13, 2026 9 min read
Top NIST 800-171 Compliance Services Providers (2026)
Regulatory Compliance

Top NIST 800-171 Compliance Services Providers (2026)

Mar 27, 2026 10 min read

Threat Hunting & Intelligence

Read More  
Multi‑Stage VBScript Malware Analysis
This is a detailed breakdown of a malicious VBS script discovered on an endpoint within RADICL’s customer base as a result of RADICL’s custom EDR detection logic. The script executes a multi-stage attack designed to achieve persistence, evade detection, and deploy a secondary payload.
Threat Hunting and Intelligence

Multi‑Stage VBScript Malware Analysis

Jul 23, 2025 7 min read
Unmasking the Toy Maker Initial Access Broker
An initial access broker is a type of threat actor specializing in gaining initial persistent access to an environment.
Threat Hunting and Intelligence

Unmasking the Toy Maker Initial Access Broker

May 20, 2025 2 min read
Too Good To Be True
In this campaign, Lazarus Group tricks a user into running a malicious script on their machine by having them apply for a job that is just a little too good to be true.
Threat Hunting and Intelligence

Too Good To Be True

May 01, 2025 3 min read

Industry Analysis

Read More  
David Dickey on Scaling Defense Tech Hiring
DIB Innovators

David Dickey on Scaling Defense Tech Hiring

Apr 30, 2026 1 min read
Jonathan Slavik on Payload Handoffs in Hours, Not Months
DIB Innovators

Jonathan Slavik on Payload Handoffs in Hours, Not Months

Apr 23, 2026 1 min read
Jackson Moses on Why Dual Use Is a Dirty Word in Defense Tech
DIB Innovators

Jackson Moses on Why Dual Use Is a Dirty Word in Defense Tech

Apr 16, 2026 1 min read

Incident Response

Read More  
What Are Incident Response Solutions?
Incident Response

What Are Incident Response Solutions?

Apr 13, 2026 7 min read
A Day in the Life: Our vSOC Responds to the CrowdStrike Incident
On the evening of 7/25/24, CrowdStrike pushed a content update which caused Windows systems to crash and/or enter a reboot loop, rendering the systems unusable.
Incident Response

A Day in the Life: Our vSOC Responds to the CrowdStrike Incident

Jul 24, 2024 2 min read
I Spy a Ransomware Attack
Ransoming an espionage victim carries several advantages that can make it an ideal move for nation-state threat actors.
Incident Response

I Spy a Ransomware Attack

Jul 16, 2024 2 min read

Attack Surface & Vulnerability Management

Read More  
Iranian APT Actors Are Targeting Your PLCs — Here's What to Do
There was a joint advisory this week (AA26-097A) warning of active exploitation of internet-facing Programmable Logic Controllers (PLCs).
Attack Surface and Vulnerability Management

Iranian APT Actors Are Targeting Your PLCs — Here's What to Do

Apr 09, 2026 2 min read
CMMC Enclave: What It Is, When It Works, and How to Build the Right Compliance Boundary
Attack Surface and Vulnerability Management

CMMC Enclave: What It Is, When It Works, and How to Build the Right Compliance Boundary

Mar 26, 2026 11 min read
Daryan Dehghanpisheh on Extending Vulnerability Management to AI
Attack Surface and Vulnerability Management

Daryan Dehghanpisheh on Extending Vulnerability Management to AI

Jan 23, 2026 1 min read

Security Operations & vSOC

Read More  
Top SOC Service Providers (SOCaaS) for 2026
Security Operations & vSOC

Top SOC Service Providers (SOCaaS) for 2026

Mar 26, 2026 11 min read
Best MDR Providers for Regulated Industry & DIB Contractors (2026)
Security Operations & vSOC

Best MDR Providers for Regulated Industry & DIB Contractors (2026)

Mar 12, 2026 16 min read

Operational Resilience

Read More  
Cyber Resilience at the Crossroads
DIB Innovators

Cyber Resilience at the Crossroads

Apr 10, 2025 2 min read
Ep 1: Charles McCarrick on Innovation and Opportunity in the DIB
Micro-Ant's Charles McCarrick on Innovation and Opportunity in the DIB
DIB Innovators

Ep 1: Charles McCarrick on Innovation and Opportunity in the DIB

Dec 08, 2023 2 min read

The DIB Innovators

Celebrating the brilliant minds driving innovation in the Defense Industrial Base. Join host David Graff as he speaks with DIB leaders championing our nation’s security and shaping the future of defense technology.

Start Listening  
EP 97 — Teague's Matt McElvogue on Why Operators Stop Trusting the Tech & Start Working Around It
DIB Innovators

EP 97 — Teague's Matt McElvogue on Why Operators Stop Trusting the Tech & Start Working Around It

May 12, 2026 1 min read
David Dickey on Scaling Defense Tech Hiring
DIB Innovators

David Dickey on Scaling Defense Tech Hiring

Apr 30, 2026 1 min read
Jonathan Slavik on Payload Handoffs in Hours, Not Months
DIB Innovators

Jonathan Slavik on Payload Handoffs in Hours, Not Months

Apr 23, 2026 1 min read
RADICL_Next Gen_Logo_White
RADICL's Facebook RADICL's LinkedIn RADICL's X (Twitter) RADICL's Instagram RADICL's YouTube