Digital Shadows

Bienvenido a ShadowTalk en Español! En este episodio, Stefano y Dani van a discutir: Amenazas a los servicios financierosLas tres áreas de riesgo El desarrollo del ransomware El desarollo de la ciberdelincuencia Come siempre, si teneis algún comentario sobre este episodio o si queréis saber mas de algún tema, escribenos a shadowtalk@digitalshadows.com y estaremos muy felices para tomar sus preguntas!

ShadowTalk host Chris is joined by both the US and UK teams for the last podcast episode of 2021. This episode they cover: * The Log4j vulnerability and what has happened since its discovery* The Karakurt extortion group is making headlines* An individual considered the most prolific cybercriminal to date has been arrestedCheck out the latest Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-17th-dec Don’t forget to sign up for Nifty Gifty 2021 for a chance to win 15 daily prizes (we’re giving away a Microsoft Surface Pro on Dec. 17!). Don’t miss out, register now: https://lp.auvik.com/nifty-gifty/?utm_campaign=L-O-PTNR-U-All-NG2021_DigitalShadows&utm_source=DigitalShadows***Resources from this week’s podcast***Cone of Plausibility: Forecasting Ransomware Scenarios in 2022https://www.digitalshadows.com/blog-and-research/forecasting-ransomware-scenarios-in-2022/Log4j: What’s Happened Sincehttps://www.digitalshadows.com/blog-and-research/log4j

ShadowTalk host Sean alongside Rick, Chris and Rob bring you the latest on the recent Log4j Zero-day Vulnerability. This episode they cover: * The background of the vulnerability* What’s happening now* Long-tail strategic implications ***Resources from this week’s podcast***Curated List of Log4j IOCs https://github.com/curated-intel/Log4Shell-IOCsLog4j: What We Know So Farhttps://www.digitalshadows.com/blog-and-research/the-log4j-zero-day-what-we-know-so-far/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Chris and Dani bring you the latest in threat intelligence. This episode they cover: * NICKEL’s campaign targets Latin America and Europe* What on earth is Quantum computing and why should we pay attention to it* A cyberattack has paralyzed a UK supermarket infrastructure; would you consider that critical infrastructure?Check out the latest Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10th-dec***Resources from this week’s podcast***2021: An APAC Cybersecurity Odysseyhttps://www.digitalshadows.com/blog-and-research/2021-an-apac-cyber-security-odyssey/ Latin American Financial Services and Cybercrimehttps://www.digitalshadows.com/blog-and-research/latin-american-financial-services-sunny-climes-and-cybercrimes/Outside the Perimeter: The New Digital Risk Landscapehttps://www.digitalshadows.com/blog-and-research/outside-the-perimeter-the-new-digital-risk-landscape/ ALSO: Don’t forget to sign up for Nifty Gifty 2

ShadowTalk hosts Sean, Alec and Ivan, bring you the latest in threat intelligence. This week they cover: - The rise of Sabbath ransomware group - IKEA email hack- Proofpoint finds the Rich Text Format still delivers

ShadowTalk host Chris alongside Rory, Dylan and Xue, bring you the latest in threat intelligence. This episode they cover: * Emotet botnet comeback orchestrated by Conti ransomware gang* GoDaddy Breach* MosesStaff conducting politically motivated attacksCheck out the latest Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-26th-nov***Resources from this week’s podcast***Black Friday: Is there a threat actor in. Your shopping cart?https://www.digitalshadows.com/blog-and-research/black-friday-is-there-a-threat-actor-in-your-shopping-cart/The Patching Nightmarehttps://www.digitalshadows.com/blog-and-research/the-patching-nightmare/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Saul, Kim and Xue, bring you the latest in threat intelligence. This episode they cover: * Vulnerability Intelligence: Exploit-as-a-Service* Emotet’s return* FBI fake emails campaign***Resources from this week’s podcast***NEW! Vulnerability Intelligence Reporthttps://resources.digitalshadows.com/whitepapers-and-reports/vulnerability-intelligence-do-you-know-where-your-flaws-are?utm_source=blog&utm_medium=website&utm_campaign=vulnerability-reportEmotet is Back Againhttps://www.digitalshadows.com/blog-and-research/emotet-is-back-again-what-does-it-mean/Vulnerability Intelligence: What’s the Word in Dark Web Forumshttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-whats-the-word-in-dark-web-forums/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Kim and Xue are covering the key takeaways from this year’s NCSAM and share several best-practice pieces released by the security experts at Digital Shadows throughout the month including: * Managing Your Digital Shadow* Phight the Phish * Putting Cybersecurity First***Resources from this week’s podcast***Managing Your Digital Shadow:https://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-week-1-managing-your-digital-shadow/ Phight the Phish:https://www.digitalshadows.com/blog-and-research/week-2-ncsam-fight-the-phish/ Explore, Experience, Share: https://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-week-3-explore-experience-share/ Putting Cybersecurity First: https://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-cybersecurity-first/ ENISA 2021 Threat Landscape: Initial Thoughtshttps://www.digitalshadows.com/blog-and-research/enisa-2021-threat-landscape/IABs in Q3 2021: https://www.digitalshadows.com/blog-

ShadowTalk host Sean alongside Austin and Ivan bring you the latest in threat intelligence. This week they cover:* NSO gets dunked on in US appeals court* Iranian-linked hackers go after ISPs and telcos across MENA  * Robinhood leaks data for 7 million customers***Resources from this week’s podcast***What We’re Reading This Month: https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-nov-2021/The dangers of fake blockchains: https://www.digitalshadows.com/blog-and-research/vulnerable-smart-contracts-and-fake-blockchains-what-investors-need-to-know/What is Vulnerability Intelligence?https://www.digitalshadows.com/blog-and-research/what-is-vulnerability-intelligence/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Sean alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover:* Grief gets NRA under the gun  * Is Groove a hoax?* Conti apologizes to the Gulf & FBI warns against inside data used to target victims***Resources from this week’s podcast***Splunk’s Threat Research Team delivers detections based on CISA’s top exploited vulns list: https://www.splunk.com/en_us/blog/security/cisa-s-known-exploited-vulnerabilities-catalog-and-splunk.html CISA bulletin: https://www.cisa.gov/known-exploited-vulnerabilities-catalog ENISA 2021 Threat Landscape blog: https://www.digitalshadows.com/blog-and-research/enisa-2021-threat-landscape/ Managing your external attack surface with Searchlight: https://www.digitalshadows.com/blog-and-research/managing-your-external-attack-surface-with-searchlight/ Q3 IAB blog: https://www.digitalshadows.com/blog-and-research/initial-access-brokers-in-q3-2021/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/Subscribeto

ShadowTalk host Stefano alongside Adam, Kim, Rory, and Dylan bring you the latest in threat intelligence. This week they cover:* NOBELIUM targets Global IT Supply Chain again* A tale of Ransomware Employers and Decryptors * Spooky Halloween tales * PLUS we say goodbye to one of the podcast favs ***Resources from this week’s podcast***NCASM: Cybersecurity First https://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-cybersecurity-first/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com- if you have any questions, comments, or suggestions for the next episodes.

Weekly: REvil Rep Death, Ransomware Trends, and BlackMatter Advisory ShadowTalk host Sean alongside Austin and Ivan bring you the latest in threat intelligence. This week they cover:* REvil rep death* Q3 Ransomware trends* BlackMatter CISA advisory***Resources from this week’s podcast***REvil Domain Hackedhttps://www.digitalshadows.com/blog-and-research/revil-domains-hijacked/ CISA Alertshttps://us-cert.cisa.gov/ncas/alerts/aa21-291a Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com- if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Adam, Kim, and Chris bring you the latest in threat intelligence. This week they cover:* FIN12 targets healthcare sector and make extensive use of IAB* Google alerts 14,000 users about being targets of APT phishing campaign* APT41 use COVID-19 lures in latest phishing attacks* US Official resign over US-Chinese AI & cybersecurity differenceCheck out our latest Weekly Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-15th-oct***Resources from this week’s podcast***NCSAM Week 2: Fight the Phishhttps://www.digitalshadows.com/blog-and-research/week-2-ncsam-fight-the-phish/Strategic Treat Intelligence and You: What Does It All Mean?https://www.digitalshadows.com/blog-and-research/strategic-threat-intelligence-and-you-what-does-it-all-mean/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com

ShadowTalk host Sean alongside Rick, Ivan, and Austin bring you the latest in threat intelligence. This week they cover:Twitch hacked! Facebook takes a day offRansomware roundup - revelations from REvil, LockBit, and Conti Pandora Papers releasedCheck out our latest Weekly Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-8th-oct***Resources from this week’s podcast***Kick off Cyber Security Awareness Month with our latest blog - Protecting Your Own Digital Shadowhttps://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-week-1-managing-your-digital-shadow/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com- if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Adam alongside Kim, and Saul bring you the latest in threat intelligence. This week they cover:* Newly detected NOBELIUM malware creates persistent backdoor* Four individuals charged with wide-ranging BEC scheme* EU condemns Russian cyber activity ahead of electionsCheck out our latest Weekly Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-1st-oct***Resources from this week’s podcast***[Digital Shadows Blog]What We’re Reading This Month[Digital Shadows Blog]Tactical Threat Intelligence and YouSubscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com- if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Sean alongside Rick, Alec, and Ivan bring you the latest in threat intelligence. This week they cover:* FBI under fire about decryption keys * Microsoft goes passwordless* RaidForums left restricted area openhttps://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-24th-sept***Resources from this week’s podcast***[Digital Shadows Blog]Ukrainian-language Cybercriminal Markets: Do They Still Exist? https://www.digitalshadows.com/blog-and-research/ukrainian-language-cybercriminal-platforms/ [Digital Shadows Blog]Data Leakage Detection Best Practices: https://www.digitalshadows.com/blog-and-research/data-leakage-detection-best-practices/ [Digital Shadows Blog]Why CISOs Need to Understand IABs: https://www.digitalshadows.com/blog-and-research/why-cisos-and-executives-should-care-about-iabs/[Article]New Malware Attacking South American Organizations: https://thehackernews.com/2021/09/a-new-wave-of-malware-attack-targeting.html Subscribe to our threat intelligence

ShadowTalk hosts Sean Nikkel and CISO, Rick Holland sit down with Dr. Tom Robinson, Chief Scientist and Co-Founder of Elliptic. They cover:* Dr. Robinson’s early days as a physicist before getting into the world of cybersecurity* Cyberthreats to Bitcoin and the Cryptocurrency landscape* Tracking Ransomware with Blockchain Analytics ***Resources from this week’s podcast***[Blog] Liquid Exchange Hack https://www.elliptic.co/blog/liquid-exchange-hacked-94-million-stolen[Blog] Cybercriminals Build Blockchain Analytics Toolhttps://www.elliptic.co/blog/cybercriminals-have-built-their-own-blockchain-analytics-tool [Blog] $600M In Cyrpto Stolenhttps://www.elliptic.co/blog/the-poly-network-hack-600-million-in-crypto-stolen-and-returned-in-24-hours [Webinar] Tracking Ransomware with Blockchain Analyticshttps://www.elliptic.co/webinars-events/tracking-ransomware-with-blockchain-analytics Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to r

ShadowTalk hosts Sean, Rick, Ivan, and Austin bring you the latest in threat intelligence. This week they cover:* Mozi botnet operators arrested in China, >1.5M devices since 2019* Groove gang releases creds of comp’d Fortinet appliances, ~500k * Splunk releases new PowerShell analytics for threat hunters, includes support for SOAR responsesGet this week's Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10th-september***Resources from this week’s podcast***Microsoft Advisory https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444 CISA Advisoryhttps://twitter.com/USCERT_gov/status/1435342618704191491 [Blog] Splunk’s PowerShell Analytics https://www.splunk.com/en_us/blog/security/powershell-detections-threat-research-release-august-2021.html [Digital Shadows Blogs]The Neverending Ransomware Storyhttps://www.digitalshadows.com/blog-and-research/the-never-ending-ransomware-story/ Preventing Ransomwarehttps://www.digitalshadow

ShadowTalk hosts Stefano, Chris, Kim, and Adam bring you the latest in threat intelligence. This week they cover:* The greatest comeback since Ronaldo rejoined UTD* ProxyToken and Lockfile* AlphaBay’s comeback***Resources from this week’s podcast***Social Media Monitoring Solutions Guidehttps://resources.digitalshadows.com/whitepapers-and-reports/social-media-monitoring-solutions-guideThe Never-ending Ransomware Storyhttps://www.digitalshadows.com/blog-and-research/the-never-ending-ransomware-story/LockFile Intermittent Encryption and Evasionhttps://news.sophos.com/en-us/2021/08/27/lockfile-ransomwares-box-of-tricks-intermittent-encryption-and-evasion/ProxyToken Lets Hackers Steal User Emailhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-proxytoken-bug-can-let-hackers-steal-user-email/AlphaBay Rebootshttps://threatpost.com/rogue-marketplace-alphabay-reboots/168648/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget

ShadowTalk hosts Sean, Ivan, Alec, and Rick Holland bring you the latest in threat intelligence. This week they cover:- Botnets are still the hotness - Mirai is growing again and Mozi’s made new moves- ShinyHunters are back!- Hacktivists take on governmentsGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-august-27***Resources from this week’s podcast***ShinyHuntershttps://www.digitalshadows.com/blog-and-research/the-eeveelution-of-shinyhunters-from-data-leaks-to-extortions/ Criminals weaponize social mediahttps://www.digitalshadows.com/blog-and-research/how-cybercriminals-weaponize-social-media/ Reverse scamshttps://www.digitalshadows.com/blog-and-research/no-honor-among-thieves-scamming-the-scammers/ Mirai & Mozi: https://www.microsoft.com/security/blog/2021/08/19/how-to-proactively-defend-against-mozi-iot-botnet/ https://securingsam.com/realtek-vulnerabilities-weaponized/ https://unit42.paloaltonetworks.com/mirai-varian