The HubSpot Hack | The SaaS Backdoor to Bitcoin - ft. Scott Kisser (CISO, Swan Bitcoin)

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/68/e5/80/68e58061-9387-b2a9-b507-d0cb127b75dc/mza_17406981711328597846.jpg/600x600bb.jpg

The CISO Signal: True Cybercrime Podcast

Jeremy Ladner

11 episodes

4 days ago

The CISO Signal is a true cybercrime podcast investigating the most consequential breaches, insider threats, takedowns, and nation-state hacks shaping today’s digital world. Each episode combines gripping, cinematic storytelling with exclusive interviews from top CISOs and cybersecurity leaders. Together, we break down how the world’s most dangerous cyberattacks unfolded and what today’s security professionals must learn from them. Whether you’re a Chief Information Security Officer, a security team member, or a fan of true crime and high-stakes digital espionage, this show pulls you behind the curtain of real-world cyber warfare. 🎧 Educational. Entertaining. Essential. The CISO Signal delivers expert insights and battlefield-tested lessons that every security leader and true cybercrime fan should hear.

True Crime

Technology

RSS

All content for The CISO Signal: True Cybercrime Podcast is the property of Jeremy Ladner and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

True Crime

Technology

https://img.transistor.fm/tJAUF1DXy9ENMixvrnLRQCKlcFjqyl64HJR4H1LnG7E/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9kZGNl/N2EyYzUzODVlZWVj/NjIwYTYyZGE4NDVj/YzBhZS5qcGc.jpg

The HubSpot Hack | The SaaS Backdoor to Bitcoin - ft. Scott Kisser (CISO, Swan Bitcoin)

The CISO Signal: True Cybercrime Podcast

30 minutes

3 weeks ago

The HubSpot Hack | The SaaS Backdoor to Bitcoin - ft. Scott Kisser (CISO, Swan Bitcoin)

The HubSpot Hack | The SaaS Backdoor to Bitcoin - ft. Scott Kisser (CISO, Swan Bitcoin)
When attackers breached HubSpot in March 2022, they weren’t after HubSpot at all.

They were after the customers of its customers.

Crypto firms like Trezor, BlockFi, and Swan Bitcoin suddenly saw their users targeted by near-perfect phishing emails designed to steal recovery seeds and drain wallets. And just weeks later, another SaaS provider, Klaviyo, was hit the same way. The message was clear:

You can defend your castle…
but attackers will go after the people guarding your gates.

This week on The CISO Signal | True Cybercrime Podcast, we dissect the SaaS-supply-chain breach that shook the crypto world and the coordinated response that stopped it from becoming a full-scale disaster.

🎙 Guest CISO Co-Host: Scott Kisser
Chief Information Security Officer – Swan Bitcoin
Former security leader at Salesforce, DocuSign, Amazon, and F5.

Scott takes us inside the incident response:
• How a single phished employee put the SaaS ecosystem at risk
• Why crypto companies were the downstream target
• The race to warn customers before attackers drained wallets
• How CISOs must rethink vendor access and trust assumptions
• Why no major funds were stolen — and why that victory matters

This wasn’t a tale of ransomware, it was a breach of trust.
And a reminder that SaaS is now part of every organization’s attack surface.

🔍 Episode Topics

Vendor compromise → internal tool access → crypto user phishing
The human element behind SaaS security
What leadership communication looks like when trust is shaken
The new rules of defending against third-party attack vectors

🏴‍☠️ Key Players
• HubSpot — initial breach vector
• Klaviyo — second SaaS compromise
• Trezor & Swan Bitcoin — downstream targets
• Crypto customers — the true victims
• CISOs — left to restore confidence & reshape strategy

💡 Takeaway for CISOs
“You’re only as strong as the SaaS identities you can’t see.”

🧩 About The CISO Signal
Hollywood-style storytelling meets real cybersecurity lessons.
Every episode, CISOs break down the world’s most notorious cyberattacks — what happened, what broke, and what must change.

Subscribe & ring the bell so you never miss an investigation. 🛎️
👉 / @thecisosignal

📣 Connect with Us
🌐 Website: thecisosignal.transistor.fm
🔗 LinkedIn: linkedin.com/company/the-ciso-signal
Subscribe & share to stay ahead of the world’s most sophisticated cyber threats.

🔥 Hashtags
#CISOSignal #HubSpotBreach #Klaviyo #SaaSSecurity #CryptoSecurity #SupplyChainAttack #SocialEngineering #Phishing #SecurityPodcast #TrueCybercrime #ScottKisser #SwanBitcoin #Trezor