Digital Shadows

ShadowTalk host Stefano alongside Kim and Dani bring you the latest in threat intelligence. This week they cover:* New Malware against Ukrainian targets: CaddyWiper* Crypto ATM and cybercriminals' reactions* Russia to start using homegrown TLS certificates***Resources from this week’s podcast***Meet Lapsus$: An Unusual Group In The Cyber Extortion Businesshttps://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/The Russia-Ukraine War And The Revival Of Hacktivismhttps://www.digitalshadows.com/blog-and-research/the-russia-ukraine-war-and-the-revival-of-hacktivism/Biden’s Executive Order On Crypto: What You Need To Knowhttps://www.digitalshadows.com/blog-and-research/bidens-executive-order-on-crypto-what-you-need-to-know/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover:* New Linux Vulnerability "Dirty Pipe"* Ransomware Landscape in 2022 So Far* Coinbase Blocks More than 25,000 Addresses Linked to Russia***Resources from this week’s podcast***Exploring SIM Swapping Services On Cybercriminal Forumshttps://www.digitalshadows.com/blog-and-research/exploring-sim-swapping-services-on-cybercriminal-forums/Can Cryptocurrency Be Used To Bypass The Impact Of Sanctions Being Applied Against Russia?https://www.digitalshadows.com/blog-and-research/can-cryptocurrency-be-used-to-bypass-the-impact-of-sanctions-being-applied-against-russia/New Linux bug gives root on all major distros, exploit releasedhttps://www.bleepingcomputer.com/news/security/new-linux-bug-gives-root-on-all-major-distros-exploit-released/FBI: Ragnar Locker ransomware breached 52 US critical infrastructure orgshttps://www.itpro.co.uk/security/ransomware/365375/fbi-ragnar-locker-ransomware-us-critic

ShadowTalk host Chris alongside Stefano and Rory bring you the latest on the escalating tension between Russia and Ukraine. This episode they cover:* IDNS rejects Ukraine's request to block Russian Internet content* Anonymous claimed to have hacked Russian channels to broadcast footage from Ukraine***Resources from this special podcast***News and Updates Related to the Russian Invasion of Ukrainehttps://resources.digitalshadows.com/russian-news-and-updatesDonate to the Ukraine crisis via Red Crosshttps://donate.redcross.org.uk/appeal/ukraine-crisis-appealDigital Forensic Research Labmedium.com/dfrlab

Bienvenido a ShadowTalk en Español! En este episodio, Stefano y Dani van a discutir:* Rusia y Ucrania crisis* Las reacciones de los cibercriminales a estos eventos* La Sociedad para las Comunicaciones Interbancarias y Financieras Mundiales (SWIFT)* Consejos de mitigación y reducción del riesgoCome siempre, si teneis algún comentario sobre este episodio o si queréis saber mas de algún tema, escribenos a shadowtalk@digitalshadows.com y estaremos muy felices para tomar sus preguntas!

ShadowTalk host Stefano alongside Kim and Xue bring you the latest in threat intelligence. This week they cover:* Conti Leaks* Reactions from Cybercriminals* Priority Intelligence Requirements***Resources from this week’s podcast***Russian Cyber Threats: Practical Advice For Security Leadershttps://www.digitalshadows.com/blog-and-research/russian-cyber-threats-practical-advice-for-security-leaders/Cybercriminals React To Ukraine-Russia Conflicthttps://www.digitalshadows.com/blog-and-research/cybercriminals-react-to-ukraine-russia-conflict/Intelligence Requirements: Planning Your Cyber Response To The Russia-Ukraine Warhttps://www.digitalshadows.com/blog-and-research/planning-your-cyber-response-to-the-russia-ukraine-war/ Conti Ransomware Group Diaries, Part I: Evasionhttps://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-i-evasion/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digita

ShadowTalk host Chris alongside Stefano, Rory, and Rick bring you the latest on the escalating tension between Russia and Ukraine. This episode they cover:* Recent cyber developments* Malware targeting Ukrainian organizations* New sanctions against Russia***Resources from this special podcast***Donate to the Ukraine crisis via Red Crosshttps://donate.redcross.org.uk/appeal/ukraine-crisis-appealDigital Forensic Research Labmedium.com/dfrlabPhoton BriefingSHAPING YOUR RESPONSE TO THE RUSSIA - UKRAINE WAR SESSION DETAILS: 03 Mar 2022Session 1: 12pm GMT | Session 2: 8:30am PThttps://info.digitalshadows.com/PhotonIntelBriefing-RussiaUkraine.html

ShadowTalk host Chris alongside Stefano, Rory, and Rick bring you the latest on the escalating tension between Russia and Ukraine. This episode they cover:* Continuing attacks between Russia and Ukraine* New sanctions against Russian banks* Cybercriminal developments * Nuclear forces on high alert/peace talks***Resources from this special podcast***Donate to the Ukraine crisis via Red Crosshttps://donate.redcross.org.uk/appeal/ukraine-crisis-appealDigital Forensic Research Labhttps://medium.com/dfrlabWar via TikTok: Russia's new tool for propaganda machinehttps://apnews.com/article/russia-ukraine-technology-europe-media-nationalism-2186dbc533560cb666f59655ecf1ee8e

ShadowTalk host Chris alongside Ivan, Austin, and Rick bring you the latest in threat intelligence. This week they cover:* Russian Offensive Cyber-Team* Conti-Trickbot* OpenSea NFT Breach***Resources from this week’s podcast***Russia Invades Ukraine: What Happens Next?https://www.digitalshadows.com/blog-and-research/russia-invades-ukraine-what-happens-next/Recruitment Fraud In 2022https://www.digitalshadows.com/blog-and-research/recruitment-fraud-in-2022/Of Death And Taxes: File Early To Beat The Scammershttps://www.digitalshadows.com/blog-and-research/of-death-and-taxes-file-early-to-beat-the-scammers/Russia unleashed data-wiper malware on Ukraine, say cyber expertshttps://www.theguardian.com/world/2022/feb/24/russia-unleashed-data-wiper-virus-on-ukraine-say-cyber-expertsConti ransomware gang takes over TrickBot malware operationhttps://www.bleepingcomputer.com/news/security/conti-ransomware-gang-takes-over-trickbot-malware-operation/OpenSea users lose $2 million worth of NFTs in phishing attackhttps://www.b

ShadowTalk host Chris alongside Stefano, Rory, and Austin bring you the latest on the escalating tension between Russia and Ukraine. This episode they cover:* The current situation between Russia and Ukraine* Reasons for Russia’s invasions* International reactions to the escalation* Future projections and likely cybersecurity outcomes

ShadowTalk host Stefano alongside Saul, Rory, and Dylan bring you the latest in threat intelligence. This week they cover:* US DoJ Indictment Against Weird-Acting BTC Laundering Couple* Grey Hat and ETH's Phat Bug Bounty* Crypto Superbowl Ads***Resources from this week’s podcast***Automate Alert Investigation And Response With XSOAR And SearchLighthttps://www.digitalshadows.com/blog-and-research/automate-alert-investigation-and-response-with-xsoar-and-searchlight/Initial Access Brokers In 2021: An Ever Expanding Threathttps://www.digitalshadows.com/blog-and-research/initial-access-brokers-in-2021-an-ever-expanding-threat/“No Cards = No Work = No Money”: Russian Law Enforcement’s Assault On Carding Platformshttps://www.digitalshadows.com/blog-and-research/russian-law-enforcements-assault-on-carding-platforms/Two Arrested for Alleged Conspiracy to Launder $4.5 Billion in Stolen Cryptocurrencyhttps://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrencyDeFi Takes on

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover:* Microsoft Announces Plans to Enable Macros in Office Applications* Russia Arrests Six People Linking to Hacking Group* Things To Be Aware of This Valentine's Day ***Resources from this week’s podcast***Valentine's Day: Share Your Love, Not Your Credentialshttps://www.digitalshadows.com/blog-and-research/valentines-day-share-your-love-not-your-credentials/Growing Tension Between Russia And Ukraine: Should You Be Concerned?https://www.digitalshadows.com/blog-and-research/growing-tension-between-russia-and-ukraine/CVEs You Might Have Missed While Log4j Stole The Headlineshttps://www.digitalshadows.com/blog-and-research/cves-you-might-have-missed-whilst-log4j-stole-the-headlines/Microsoft plans to kill malware delivery via Office macroshttps://www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-kill-malware-delivery-via-office-macros/Russia arrests third hacking group, seizes cardin

ShadowTalk host Stefano alongside Saul and Rory bring you the latest in threat intelligence. This week they cover:*Cyber Operations as part of Hybrid Warfare in the Russia-Ukraine context***Resources from this week’s podcast***Beijing 2022: Why You Should Or Shouldn’t Care About The Winter Olympicshttps://www.digitalshadows.com/blog-and-research/beijing-2022-why-you-should-or-shouldnt-care-about-the-winter-olympics/What We’re Reading This Month – January 2022https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-january-2022/Vulnerability Intelligence: Introducing SearchLight’s Newest Capabilityhttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-introducing-searchlights-newest-capability/Destructive malware targeting Ukrainian organizationshttps://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/Putin Says the U.S. Wants to Push Russia into Warhttps://www.nytimes.com/live/2022/02/01/world/russia-ukraine-news#putin-a

ShadowTalk host Chris alongside Austin and Ivan bring you the latest in threat intelligence. This week they cover:* Maliciously crafted Quick Response (QR) Codes* Ransomware Insider Attacks* Growing Russia/Ukraine Conflict***Resources from this week’s podcast***Life In Prison: The Cybercriminal Perspectivehttps://www.digitalshadows.com/blog-and-research/life-in-prison-the-cybercriminal-perspective/Vulnerability Intelligence: A Best Practice Guidehttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-a-best-practice-guide/FBI warns of malicious QR codes used to steal your moneyhttps://www.bleepingcomputer.com/news/security/fbi-warns-of-malicious-qr-codes-used-to-steal-your-money/Ransomware gangs increase efforts to enlist insiders for attackshttps://www.bleepingcomputer.com/news/security/ransomware-gangs-increase-efforts-to-enlist-insiders-for-attacks/Belarusian hacktivist group attacks Belarusian Railways as military frictions mounthttps://www.cyberscoop.com/cyber-partisans-belarus-russia

ShadowTalk host Stefano alongside Kimberley, Dani, Rory, and Xueyin bring you the latest in threat intelligence. This week they cover:* Defacement attack against Ukrainian government websites* REvil arrests* Microsoft Wiper***Resources from this week’s podcast***Navigating The Threat Intelligence Market In 2022https://www.digitalshadows.com/blog-and-research/navigating-the-threat-intelligence-market-in-2022/Ransomware Q4 Overviewhttps://www.digitalshadows.com/blog-and-research/ransomware-q4-overview/More than 70 Ukrainian government websites have been defaced in cyberattackshttps://www.npr.org/2022/01/19/1074172805/more-than-70-ukrainian-government-websites-have-been-defaced-in-cyber-attacks#:~:text=About%2070%20Ukrainian%20government%20websites,system%20for%20all%20those%20websites.Russia arrests 14 alleged members of REvil ransomware gang, including hacker U.S. says conducted Colonial Pipeline attackhttps://www.washingtonpost.com/world/2022/01/14/russia-hacker-revil/Destructive malware targeting Ukrainian o

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover: * A Critical H2 Database Vulnerability* DDoS Extortion* Alternate ransomware techniques***Resources from this week’s podcast***Cyber Threats to the Education Systemhttps://www.digitalshadows.com/blog-and-research/cyber-threats-to-education/How Do Ransomware Groups Launder Paymentshttps://www.digitalshadows.com/blog-and-research/how-do-ransomware-groups-launder-payments/JFrog researchers find JNDI vulnerability in H2 database consoles similar to Log4Shellhttps://www.zdnet.com/article/jfrog-researchers-find-jndi-vulnerability-in-h2-database-consoles-similar-to-log4shell/ Extortion DDoS attacks grow stronger and more commonhttps://www.bleepingcomputer.com/news/security/extortion-ddos-attacks-grow-stronger-and-more-commonFBI: Hackers use BadUSB to target defense firms with ransomwarehttps://www.bleepingcomputer.com/news/security/fbi-hackers-use-badusb-to-target-defense-firms-with-ransomware/Subscribe

Bienvenido a ShadowTalk en Español! En este episodio, Stefano y Dani van a discutir: Amenazas a los servicios financierosLas tres áreas de riesgo El desarrollo del ransomware El desarollo de la ciberdelincuencia Come siempre, si teneis algún comentario sobre este episodio o si queréis saber mas de algún tema, escribenos a shadowtalk@digitalshadows.com y estaremos muy felices para tomar sus preguntas!

ShadowTalk host Chris is joined by both the US and UK teams for the last podcast episode of 2021. This episode they cover: * The Log4j vulnerability and what has happened since its discovery* The Karakurt extortion group is making headlines* An individual considered the most prolific cybercriminal to date has been arrestedCheck out the latest Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-17th-dec Don’t forget to sign up for Nifty Gifty 2021 for a chance to win 15 daily prizes (we’re giving away a Microsoft Surface Pro on Dec. 17!). Don’t miss out, register now: https://lp.auvik.com/nifty-gifty/?utm_campaign=L-O-PTNR-U-All-NG2021_DigitalShadows&utm_source=DigitalShadows***Resources from this week’s podcast***Cone of Plausibility: Forecasting Ransomware Scenarios in 2022https://www.digitalshadows.com/blog-and-research/forecasting-ransomware-scenarios-in-2022/Log4j: What’s Happened Sincehttps://www.digitalshadows.com/blog-and-research/log4j

ShadowTalk host Sean alongside Rick, Chris and Rob bring you the latest on the recent Log4j Zero-day Vulnerability. This episode they cover: * The background of the vulnerability* What’s happening now* Long-tail strategic implications ***Resources from this week’s podcast***Curated List of Log4j IOCs https://github.com/curated-intel/Log4Shell-IOCsLog4j: What We Know So Farhttps://www.digitalshadows.com/blog-and-research/the-log4j-zero-day-what-we-know-so-far/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Chris and Dani bring you the latest in threat intelligence. This episode they cover: * NICKEL’s campaign targets Latin America and Europe* What on earth is Quantum computing and why should we pay attention to it* A cyberattack has paralyzed a UK supermarket infrastructure; would you consider that critical infrastructure?Check out the latest Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10th-dec***Resources from this week’s podcast***2021: An APAC Cybersecurity Odysseyhttps://www.digitalshadows.com/blog-and-research/2021-an-apac-cyber-security-odyssey/ Latin American Financial Services and Cybercrimehttps://www.digitalshadows.com/blog-and-research/latin-american-financial-services-sunny-climes-and-cybercrimes/Outside the Perimeter: The New Digital Risk Landscapehttps://www.digitalshadows.com/blog-and-research/outside-the-perimeter-the-new-digital-risk-landscape/ ALSO: Don’t forget to sign up for Nifty Gifty 2

ShadowTalk hosts Sean, Alec and Ivan, bring you the latest in threat intelligence. This week they cover: - The rise of Sabbath ransomware group - IKEA email hack- Proofpoint finds the Rich Text Format still delivers