Digital Shadows

In this episode of ShadowTalk, hosts Chris and Kim, along with ReliaQuest CISO Rick Holland, and Detection Researcher Corey Carter, discuss the latest news in cyber security and threat research. Topics this week include:CrowdStrike Global IT Outage breaks records in impacting 8.5 million devices (1:22)The importance of accountability and trust when working with third party vendorsReliaQuest research into threats facing Financial & Insurance (18:46)Resources:https://www.reliaquest.com/blog/crowdstrike-outage-script-phishing-and-social-engineering-attacks/

In this episode of ShadowTalk, hosts Chris and Kim, along with guest CISO Craig McEwen, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest Research: Ransomware in Q2 2024Weekly roundup: Threat actors weaponizing exploits within 22 minutes, Disney/AT&T breachesLinking security strategy to expenditureSupporting cyber apprenticeships and investing in peopleResources:https://www.reliaquest.com/blog/q2-2024-ransomware/https://app.galabid.com/shawburyproms/items

In this episode of ShadowTalk, hosts Chris and Kim, along with Brian, discuss the latest news in cyber security and threat research.The influence of Generative Artificial Intelligence (GenAI) on cybercrimeTango down: Law enforcement takedown over 600 Cobalt Strike serversRecord breaking DDoS attack disclosed by researchersRockyou2024: 9.9 Billion stolen passwords posted onto BreachForumsResource: AI-powered Cybercrime Report

In this episode of ShadowTalk, hosts Chris and Kim, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:TeamViewer compromised by APT29 in supply chain attackMOVEit in the headlines again, critical severity vulnerability disclosedPopular Content Delivery Network (CDN) providers compromised in supply chain attacksReliaQuest research in a case study attributed to the Medusa ransomware groupResources: https://www.reliaquest.com/blog/medusa-attack-analysis/

In this episode of ShadowTalk, hosts Chris and Kim, along with Ivan and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include:Lockbit claim breach of the US Federal Reserve, but are they telling the truth? ReliaQuest research into misuse of Protocol TunnelingFallout from the US Ban of KasperskyResources:https://www.reliaquest.com/blog/protocol-tunneling-tools-and-techniques/#:~:text=Protocol%20tunneling%20is%20a%20technique%20used%20to%20encapsulate,be%20transmitted%20through%20a%20secure%20or%20otherwise-allowed%20protocol.

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:Scattered Spider leader reportedly arrested, as group pivot to target SaaS solutionsReliaQuest research into supply chain compromise. Detections to improve your resilienceClassifying insider threats and the difficulties of proving intentResources:https://www.reliaquest.com/blog/what-is-scattered-spider/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/https://www.reliaquest.com/blog/software-supply-chain-risk-management/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/

In this Special Guest Episode of ShadowTalk, host Chris and one of ReliaQuest's CISOs Rick Holland are joined by University of Kansas Health System (UKHS) CISO Michael Meis to discuss the latest news in cyber security and threat research. Topics this week include:Significant threats facing healthcare: Ransomware, accidental insidersThe influence of COVID on ransomware activityThe immediate and long term impact of the Optum breachThe importance of understanding your revenue cycle to weather the storm of a breachMethods of maintaining engagement and retaining staffAI and automation: Improving timeliness and efficiency of incident response

In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest Chief Strategy Officer Jason Pfeiffer LIVE on the InfoSec Europe show floor in London, UK to discuss:How InfoSec stacks up against the US cyber conferencesSnowflake data breach affecting TicketMaster and othersCybercriminal reflections on generative AIResources:https://www.reliaquest.com/blog/common-infostealers/

In this episode of ShadowTalk host Corey, along with Gjergji and Brian, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft set to begin the deprecation of VBScript in the second half of 2024 ReliaQuest research into the top three Infostealers Dive into a new crypto miner dubbed 'GhostEngine' ReliaQuest analysis of a BlackSuit ransomware attack Resources:https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-next-steps/ba-p/4148301https://www.reliaquest.com/blog/common-infostealers/https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine https://www.reliaquest.com/blog/blacksuit-attack-analysis/ 

In this episode of ShadowTalk, host Chris, along with Director of Threat Research Brandon Tirado, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft mandating multi-factor authentication across AzureReliaQuest research exploring fileless malware and living against the land (LoTL) techniques Use of deepfakes in social engineering in 2024Resources:https://www.reliaquest.com/blog/socgholish-fakeupdates/https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/living-off-the-land-fileless-malware/ 

In this episode of ShadowTalk, host Chris, along with Ivan and Marken, discuss the latest news in cyber security and threat research. Topics this week include:Recent ransomware attacks on the healthcare sector do not necessarily suggest a change in targeting preferencesBlack Basta pivot TTPs: New social engineering campaign using mass sign ups to mailing list spamPain on the adversary, in having multiple controls to slow down an attacker, can greatly improve cyber resilience when combined with network visibility Initial access brokers (IAB) continuing to play a crucial role in facilitating cybercrimeResources:https://www.reliaquest.com/blog/q1-2024-attacker-trends/

In this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest CTO Joe Partlow and Chief Scientist Brian P. Murphy LIVE on the RSAC show floor in San Francisco, CA to discuss all things AI and automation.

In this episode of ShadowTalk, host Chris, along with Brian and Corey, discuss their career paths, as well as offering tips for individuals aiming to gain employment within cybersecurity.The importance of tact and developing both soft and hard skillsWorking around personnel constraints  Picking the right vendors to compliment your security modelRecommendations for advancing your own career

In this episode of ShadowTalk, host Chris, along Kim and one of ReliaQuest's CISO's Rick, discuss the latest news in cyber security and threat research. Topics this week include:APT28 Exploit 6 year old CISCO vulnerabilityReliaQuest research on Iran/Israel TensionsRansomware RebrandsApple notify users impacted by SpywareResources:https://www.reliaquest.com/blog/cyber-threats-linked-to-iran-israel-conflict/

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. This weeks topics include:Palo Alto Critical Vulnerability under active exploitation ReliaQuest research on VPN attack surface managementOptum Healthcare data breached by RansomHub group

In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:Health sector Cybersecurity Coordination Center (HC3) issues alert warning regarding attackers using social engineering to target IT helpdesk's across the health sectorReliaQuest releases it's findings from it's Q1 Phishing reportHow improper permissions can lead to problems with new Microsoft Copilot AIResources:https://www.reliaquest.com/blog/health-care-social-engineering-campaign/https://www.reliaquest.com/blog/phishing-tactics-and-trends-2024/

In this episode of ShadowTalk, host Kim, along with Brian, discuss the latest news in cyber security and threat research. Topics this week include:Sophisticated backdoor identified in XZ UtilsOur Spotlight report on SEO poisoningImpersonation scams cost $1.1 billion in 2023

In this episode of ShadowTalk, host Chris, along with ReliaQuest Threat Hunter's Caroline and Corey discuss the latest news in cyber security and threat research. This week's topics include:Issues with Google AI-powered search generative experience recommending scam sitesSpain high court judge issues temporary ban on messaging platform 'Telegram'Speculative Execution vulnerabilities found on Apple M Series and Intel Raptor Lake CPU's

In this episode of ShadowTalk, host Chris, along with Marken and ReliaQuest CISO Rick, discuss the latest news in cyber security and threat research. This week's topics include:2021 AT&T breach released for free Magnet Goblin threat group exploiting 1-day vulnerabilitiesAn introduction to ReliaQuest's Annual Threat Report (ATR)

In this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:TeamCity Server critical vulnerability leaves potential for supply chain riskReliaQuest research into advanced business email compromise (BEC) detectionsMicrosoft compromised by Midnight Blizzard password spraying attackResources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://blog.jetbrains.com/teamcity/2024/03/our-approach-addressing-recently-discovered-vulnerabilities-in-teamcity-on-premises/ https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://www.reliaquest.com/blog/business-email-compromise-detection/