The CyberCall Podcast
The Voice of Cybersecurity for MSPs & MSSPs!
The CyberCall is the weekly podcast where cybersecurity meets business reality. Hosted by Andrew Morgan, Founder of Right of Boom, this is the go-to show for Managed Service Providers (MSPs), virtual CISOs (vCISOs), and IT leaders navigating the complex world of cyber risk, compliance, and AI.
Each episode features raw, practical conversations with the sharpest minds in cybersecurity—from operators in the trenches to CISOs, researchers, policymakers, and toolmakers shaping the future. If you care about protecting your clients, growing your practice, and becoming the security partner businesses trust—this podcast is your playbook.
Co hosts: Phyllis Lee, VP of Content at CIS & Gary Pica, President of TruMethods
The CyberCall Podcast
Unpacking Axios – 400 million downloads. One Compromised Password
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
On March 31st, Axios was compromised. Four hundred million monthly downloads. The HTTP library sitting inside almost every web application your clients use, depend on, or have had custom-built for them.
The attacker did not touch a single line of code. They hijacked the maintainer's credentials, slipped in one hidden dependency, and let your clients' own systems install the malware automatically during a routine update. It stole every credential it could find, cleaned up after itself, and left no trace. Three hours. Gone before most people woke up.
That attack did not come out of nowhere. This is the fifth attack in twelve days between TeamPCP and UNC 1069 (North Korea).
We wanted one person on The CyberCall this week: someone who spent two decades at Foundstone, Mandiant, and FireEye investigating exactly how these attacks unfold. This person then built Cylerian to ensure MSPs have the tools to stop them before the 2 a.m. call comes in. This week's special guest is Vijay Akasapu, CEO of Cylerian.