Digital Shadows

In this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland and Corey Carter discuss the latest news in cyber security and threat research. Topics this week include:2023 National Cyber Security Awareness Month (NCSAM) Progress FTP ServerThe risk posed by open Remote Desktop Protocol (RDP) SessionsIronNet ceasure operationsResources: https://www.reliaquest.com/blog/cybersecurity-awareness-automation/ https://www.reliaquest.com/blog/israel-hamas-implications-for-cyber-threats/ 

In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:Hunting for MFA bypass techniquesExploitation of a Zero-day LibWebP VulnerabilityThreat actors targeting VMWare ESXIResources:https://www.reliaquest.com/blog/mfa-bypass-techniques/#:~:text=Attackers%20also%20bypass%20MFA%20by,for%20sale%20on%20cybercriminal%20platforms. 

In this episode of ShadowTalk, host Kim, along with Caroline and Brian, discuss the latest news in cyber security and threat research. Topics this week include:A deep dive into popular MFA bypass techniques and how to mitigate themHow a misconfigured SAS token led to a big Microsoft data breachThe latest ALPHV ransomware attackResources:https://www.reliaquest.com/blog/domain-redirection-attacks-wrong-turns-in-cyberspace/

In this episode of ShadowTalk, host and ReliaQuest CISO Rick Holand and ReliaQuest Threat Research team members Corey Carter and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include: A deep dive on domain redirection attacksNew ransomware report from the UK governmentNew Managed Engine zero-day exploited by multiple threat actorsAnonymous Sudan Telegram bans and DDoS attacks.Resources:https://www.ncsc.gov.uk/whitepaper/ransomware-extortion-and-the-cyber-crime-ecosystemhttps://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250ahttps://www.reliaquest.com/blog/5-macos-infostealers/https://www.reliaquest.com/blog/cisos-guide-six-steps-to-start-adopting-ai/

In this episode of ShadowTalk, host Roman, along with Corey and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:A deep dive of malware loader SocGhoulishArtificial intelligence: implications, security concerns, and use by cybercriminalsLockBit leaking top secret information from the UK’s Ministry of DefenceResources: https://www.reliaquest.com/blog/the-3-malware-loaders-behind-80-of-incidentshttps://www.reliaquest.com/blog/socgholish-fakeupdateshttps://www.reliaquest.com/blog/lockbit-ransomware-2023

In this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:The FBI operation targeting Qakbot infrastructureBarracuda Zero-Day targeted by Peoples Republic of China (PRC) aligned actorsThe resurgence and future of Hacktivism

In this episode of ShadowTalk, host Dean Murphy, along with one of ReliaQuest's CISO's Rick Holland and Threat Hunter Brian Kelly, discuss the latest news in cyber security and threat research. Topics this week include:Malware LoadersRansomware Runbooks Generative AI Barracuda ESG - Zero-DayResources:https://www.reliaquest.com/blog/lockbit-ransomware-2023/https://analyst1.com/ransomware-diaries-volume-1/https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-gangs-attack-playbook/https://www.reliaquest.com/news-and-press/reliaquest-adds-ai-capabilities-to-greymatter-intelligent-analysis/https://www.reliaquest.com/blog/understanding-generative-ai-in-cybersecurity/https://www.reliaquest.com/blog/intersection-generative-ai-cybersecurity/https://www.mandiant.com/resources/blog/threat-actors-generative-ai-limitedhttps://www.ic3.gov/Media/News/2023/230823.pdf 

In this episode of ShadowTalk, host Chris, along with one of Brandon and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include:Recap of DefCon conferenceThe latest updates regarding Clop's exploitation of MOVEit zero-dayThe return of the infamous Raccoon Stealer

In this episode, one of ReliaQuest's CISO's Rick Holland is joined by threat hunters Colin Ferris and Caroline Fenstermacher to discuss the presence of AI at BlackHat, Device Code Phishing, trends from the Russia-Ukraine War and lastly how to make the most of a visit to DEF CON.

In this episode, one of ReliaQuest's CISO's Rick Holland and Chief Technology Officer Joe Partlow are joined by Freeport LNG CISO, Todd Beebe and Ciena CISO Ryan Hammer to discuss all things BlackHat 2023.

 In this episode of ShadowTalk, host Chris, along with one of ReliaQuest's CISOs Rick, and James, discuss the latest news in cyber security and threat research. Topics this week include:Themes in recent Business Email Compromise (BEC) activityA breakdown of ReliaQuest research into threats facing the Professional, Scientific, and Technical Services (PSTS) sectorThe influence of AI on the cyber threat landscape ReliaQuest activities at BlackHat 2023 conference

In this episode of ShadowTalk, host Roman, along with Ivan and Brandon, discuss the latest news in cyber security and threat research. Topics this week include:Twitter becoming X security concernsCl0p names 71 new victimsReliaQuest releases Q2 ransomware reportHackers target Norwegian government ministries with Ivanti zero-day exploitALPHV ransomware group creates API key for its data leak siteResources:https://www.bleepingcomputer.com/news/security/norway-says-ivanti-zero-day-was-used-to-hack-govt-it-systems/https://www.bleepingcomputer.com/news/security/alphv-ransomware-adds-data-leak-api-in-new-extortion-strategy/

In this episode of ShadowTalk, host Chris, along with Brian and James, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest research into common attacker techniquesAn update on Clop's exploitation of the MOVEit vulnerability ChatGPT rival with ‘no ethical boundaries’ sold on dark webResources:https://www.reliaquest.com/blog/top-adversary-techniques-july-2023/https://www.reliaquest.com/blog/clop-leaks-first-victims/https://www.zdnet.com/article/wormgpt-what-to-know-about-chatgpts-malicious-cousin/

In this episode of ShadowTalk, host Dean Murphy, one of ReliaQuests CISO's Rick Holland and threat research teamers Colin Ferris and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include:Chinese hackers breach Microsoft CloudStrava App – Tracked and KilledCl0p UpdateRemote Monitoring and Management Software – RMMResources:https://www.cnn.com/2023/07/11/europe/russian-submarine-commander-killed-krasnador-intl/index.htmlhttps://www.telegraph.co.uk/news/2023/07/11/russian-submarine-commander-shot-strava-krasnodar-vinnytsia/https://jsac.jpcert.or.jp/archive/2023/pdf/JSAC2023_1_1_yamashige-nakatani-tanaka_en.pdfhttps://www.reliaquest.com/blog/clop-leaks-first-victims/https://www.cisa.gov/sites/default/files/2023-07/aa23-193a_joint_csa_enhanced_monitoring_to_detect_apt_activity_targeting_outlook_online.pdfhttps://www.washingtonpost.com/national-security/2023/07/12/microsoft-hack-china/https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-thre

In this episode of ShadowTalk, host Chris Morgan, along with Corey Carter, Jonny Elrod, Gjergji Paco, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:Threat actors obfuscating activity through virtualizationLockBit claim to have impacted Taiwanese semiconductor giant TSMCCISA identify new exploited vulnerabilitiesNew critical vulnerability impacting Fortinet, FortiOS and FortiProxy SSL-VPN appliancesResources:https://www.reliaquest.com/blog/virtual-machines-defense-evasion/https://www.bleepingcomputer.com/news/security/cisa-orders-govt-agencies-to-patch-bugs-exploited-by-russian-hackers/https://thehackernews.com/2023/07/alert-330000-fortigate-firewalls-still.htmlhttps://www.scmagazine.com/brief/ransomware/tsmc-discloses-data-breach-from-lockbit-claimed-attack-against-third-party

In this episode of ShadowTalk, host Stefano, along with Kim Bromley, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:The SEC reportedly charging SolarWinds executivesAPT29 hunting for credentialsOur new, shiny Annual Threat ReportResources:https://www.reuters.com/technology/solarwinds-executives-receive-wells-notice-us-sec-2023-06-23/https://www.scmagazine.com/brief/identity-and-access/apt29-intensifies-credential-stealing-attackshttps://www.reliaquest.com/resources/research-reports/annual-threat-report/

In this episode of ShadowTalk, host Chris, along with Dani, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:The latest updates related to Cl0p's exploitation of MOVEit zero-dayKillnet targeting European financial institutionsInsights drawn from our closed sources teamThe team's observations on this years InfoSec conferenceResources:https://www.reliaquest.com/blog/clop-leaks-first-victims/ https://techmonitor.ai/technology/cybersecurity/killnet-revil-and-anonymous-threaten-swift-with-destructive-attack-in-48-hours 

In this episode of ShadowTalk, host Chris, along with Colin and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:The latest updates related to Clop's exploitation of MOVEit zero-dayAn overview of the Gootloader initial access malwareFortinet RCE CVE-2023-27997Ukraine's Cyber Anarchy Squad take down InfotelResources:https://www.reliaquest.com/blog/clop-leaks-first-victims/https://www.scmagazine.com/news/device-security/fortinet-patches-critical-rce-fortigate-ssl-vpn-applianceshttps://www.bleepingcomputer.com/news/security/ukrainian-hackers-take-down-service-provider-for-russian-banks/

In this episode of ShadowTalk, host Stefano, along with Rick, Dean, and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:What you need to know on the MOVEit Zero-day vulnerability and the latest Cl0p updates Infostealers ecosystem: most common malware, impact, and mitigation strategiesKey insights from the latest Verizon's DBIR issueResources:https://www.reliaquest.com/blog/moveit-vulnerability-update-clop-claims-responsibility/ https://www.verizon.com/business/resources/reports/dbir/

In this episode of ShadowTalk, host Chris, along with Gjergji and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:What you need to know on the MOVEit Zero-day vulnerabilityRaidForums user's data breachedThe Buhti ransomware taking a unique approach to targeting victimsResources:https://www.reliaquest.com/blog/moveit-transfer-zero-day/https://www.bleepingcomputer.com/news/security/new-buhti-ransomware-gang-uses-leaked-windows-linux-encryptors/https://www.bleepingcomputer.com/news/security/new-hacking-forum-leaks-data-of-478-000-raidforums-members/