Digital Shadows

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:Scattered Spider leader reportedly arrested, as group pivot to target SaaS solutionsReliaQuest research into supply chain compromise. Detections to improve your resilienceClassifying insider threats and the difficulties of proving intentResources:https://www.reliaquest.com/blog/what-is-scattered-spider/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/https://www.reliaquest.com/blog/software-supply-chain-risk-management/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/

In this Special Guest Episode of ShadowTalk, host Chris and one of ReliaQuest's CISOs Rick Holland are joined by University of Kansas Health System (UKHS) CISO Michael Meis to discuss the latest news in cyber security and threat research. Topics this week include:Significant threats facing healthcare: Ransomware, accidental insidersThe influence of COVID on ransomware activityThe immediate and long term impact of the Optum breachThe importance of understanding your revenue cycle to weather the storm of a breachMethods of maintaining engagement and retaining staffAI and automation: Improving timeliness and efficiency of incident response

In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest Chief Strategy Officer Jason Pfeiffer LIVE on the InfoSec Europe show floor in London, UK to discuss:How InfoSec stacks up against the US cyber conferencesSnowflake data breach affecting TicketMaster and othersCybercriminal reflections on generative AIResources:https://www.reliaquest.com/blog/common-infostealers/

In this episode of ShadowTalk host Corey, along with Gjergji and Brian, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft set to begin the deprecation of VBScript in the second half of 2024 ReliaQuest research into the top three Infostealers Dive into a new crypto miner dubbed 'GhostEngine' ReliaQuest analysis of a BlackSuit ransomware attack Resources:https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-next-steps/ba-p/4148301https://www.reliaquest.com/blog/common-infostealers/https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine https://www.reliaquest.com/blog/blacksuit-attack-analysis/ 

In this episode of ShadowTalk, host Chris, along with Director of Threat Research Brandon Tirado, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft mandating multi-factor authentication across AzureReliaQuest research exploring fileless malware and living against the land (LoTL) techniques Use of deepfakes in social engineering in 2024Resources:https://www.reliaquest.com/blog/socgholish-fakeupdates/https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/living-off-the-land-fileless-malware/ 

In this episode of ShadowTalk, host Chris, along with Ivan and Marken, discuss the latest news in cyber security and threat research. Topics this week include:Recent ransomware attacks on the healthcare sector do not necessarily suggest a change in targeting preferencesBlack Basta pivot TTPs: New social engineering campaign using mass sign ups to mailing list spamPain on the adversary, in having multiple controls to slow down an attacker, can greatly improve cyber resilience when combined with network visibility Initial access brokers (IAB) continuing to play a crucial role in facilitating cybercrimeResources:https://www.reliaquest.com/blog/q1-2024-attacker-trends/

In this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest CTO Joe Partlow and Chief Scientist Brian P. Murphy LIVE on the RSAC show floor in San Francisco, CA to discuss all things AI and automation.

In this episode of ShadowTalk, host Chris, along with Brian and Corey, discuss their career paths, as well as offering tips for individuals aiming to gain employment within cybersecurity.The importance of tact and developing both soft and hard skillsWorking around personnel constraints  Picking the right vendors to compliment your security modelRecommendations for advancing your own career

In this episode of ShadowTalk, host Chris, along Kim and one of ReliaQuest's CISO's Rick, discuss the latest news in cyber security and threat research. Topics this week include:APT28 Exploit 6 year old CISCO vulnerabilityReliaQuest research on Iran/Israel TensionsRansomware RebrandsApple notify users impacted by SpywareResources:https://www.reliaquest.com/blog/cyber-threats-linked-to-iran-israel-conflict/

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. This weeks topics include:Palo Alto Critical Vulnerability under active exploitation ReliaQuest research on VPN attack surface managementOptum Healthcare data breached by RansomHub group

In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:Health sector Cybersecurity Coordination Center (HC3) issues alert warning regarding attackers using social engineering to target IT helpdesk's across the health sectorReliaQuest releases it's findings from it's Q1 Phishing reportHow improper permissions can lead to problems with new Microsoft Copilot AIResources:https://www.reliaquest.com/blog/health-care-social-engineering-campaign/https://www.reliaquest.com/blog/phishing-tactics-and-trends-2024/

In this episode of ShadowTalk, host Kim, along with Brian, discuss the latest news in cyber security and threat research. Topics this week include:Sophisticated backdoor identified in XZ UtilsOur Spotlight report on SEO poisoningImpersonation scams cost $1.1 billion in 2023

In this episode of ShadowTalk, host Chris, along with ReliaQuest Threat Hunter's Caroline and Corey discuss the latest news in cyber security and threat research. This week's topics include:Issues with Google AI-powered search generative experience recommending scam sitesSpain high court judge issues temporary ban on messaging platform 'Telegram'Speculative Execution vulnerabilities found on Apple M Series and Intel Raptor Lake CPU's

In this episode of ShadowTalk, host Chris, along with Marken and ReliaQuest CISO Rick, discuss the latest news in cyber security and threat research. This week's topics include:2021 AT&T breach released for free Magnet Goblin threat group exploiting 1-day vulnerabilitiesAn introduction to ReliaQuest's Annual Threat Report (ATR)

In this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:TeamCity Server critical vulnerability leaves potential for supply chain riskReliaQuest research into advanced business email compromise (BEC) detectionsMicrosoft compromised by Midnight Blizzard password spraying attackResources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://blog.jetbrains.com/teamcity/2024/03/our-approach-addressing-recently-discovered-vulnerabilities-in-teamcity-on-premises/ https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://www.reliaquest.com/blog/business-email-compromise-detection/

In this episode of ShadowTalk, host Chris, along with Fearghal and Kim, discuss the latest news in cyber security and threat research. Topics include:An overview of the critical severity vulnerabilities affecting ConnectWise, patch now!ReliaQuest research into Browser Credential Dumping attacksThe latest in the world of ransomwareUpdate to National Institute of Standards and Technology (NIST) frameworkResources:https://www.reliaquest.com/blog/browser-credential-dumping/ 

In this episode of ShadowTalk, host Chris, along with Ivan, Caroline, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. This week's topics include:Lockbit return following law enforcement operationRecent Structured Analytical Technique (SAT) exercises ran by ReliaQuestThe Optum Breach and what you need to know'SubdoMailing' malvertising campaign leveraging compromised domainsResources:https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/

In this episode of ShadowTalk, host Chris, along with Brian, Kim, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. Topics this week include:Lockbit taken down by NCA led operation. Does this spell the end for the ransomware group?ReliaQuest research into abuse of Remote monitoring and management (RMM) toolsInsider leaks Chinese government documents on GithubResources:https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/

In this episode of ShadowTalk, host Chris, along with Marken and Corey, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest research into changes observed on SocGholish infection chainUpdate to Volt Typhoon campaign affecting US CNIFurore over reporting on Toothbrush smart devices reportedly used in DDoS attacksCanada bans Flipper Zero consumer hacking device, over car theft concerns Resources:https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/socgholish-fakeupdates/

In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest CISO Rick Holland, Director of Threat Research Brandon Tirado and Intelligence Collection Analyst Fearghal Hughes to discuss the latest news in cyber security and threat research. Topics this week include:Breach of Remote Desktop Application 'AnyDesk' resultsContinued Ivanti vulnerability exploitationsThe rise of BEC deepfake social engineering attacksReliaQuest's top priorities for the remainder of Q1 2024Resources:https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&eventid=4448957&sessionid=1&key=3FBF0E608FF3216DD9F1526D92EE5CCE&groupId=5180806&partnerref=website&sourcepage=registerhttps://event.on24.com/wcc/r/4387339/A63BC17298406ECD68AABFFEF416702B?partnerref=organic