Digital Shadows

Summary: In this episode of ShadowTalk, host Stefano, along with Kim, Rick, and Dean, discuss the latest news in cyber security and threat research. Topics this week include:An investigation into the GootLoader malwareThe latest operation from hacktivist group Intrusion TruthA cyber espionage campaign conduct by Volt TyphoonRQ Exponent conference debriefResources:https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144ahttps://www.washingtonpost.com/politics/2023/05/15/they-dox-chinese-hackers-now-theyre-back/

In this episode of ShadowTalk, host Chris Morgan , along with Caroline Fenstermacher and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:Revisiting the SocGholish malware distribution framework Getting pricked by the Cactus ransomwareGreatness Phishing-as-a-service Resources:https://www.reliaquest.com/blog/socgholish-fakeupdates/https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.htmlhttps://www.bleepingcomputer.com/news/security/new-greatness-service-simplifies-microsoft-365-phishing-attacks/

Summary: In this episode of ShadowTalk, host Stefano, along with Caroline and Colin, discuss the latest news in cyber security and threat research. Topics this week include:Five Eyes agencies takedown FSB-linked Snake malwareHunting Kubernetes for privilege escalation techniquesInvestigation offers insights into Caffeine PhaaS platformResources:https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129ahttps://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/whitepapers/kubernetes-privilege-escalation-excessive-permissions-in-popular-platformshttps://www.bleepingcomputer.com/news/security/caffeine-service-lets-anyone-launch-microsoft-365-phishing-attacks/

In this episode of ShadowTalk, host Chris Morgan is joined by Corey Carter and Ivan Righi to discuss:A day in the life of a Threat Engineer at ReliaQuestALPHV leaking internal comm's related to victims incident responseHigh Severity vulnerability affecting Veeam back servers exploited in the wild (CVE-2023-27532)

In this episode of ShadowTalk, host Stefano, along with Kim, Ivan, and Brandon, discuss the latest news in cyber security and threat research. Topics this week include:Highlights from the ReliaQuest Ransomware Quarterly Report Q1 2023A supply-chain of a supply-chain: 3CX UpdateAnalysis of Russia-Ukraine cyber operationsA look into recent shifts in the cybercriminal ecosystemResources:https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/https://www.ncsc.gov.uk/news/new-analysis-eccri-highlights-ukraine-defence-against-russian-offensivehttps://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise

In this episode, host and CISO Rick Holland is joined by ReliaQuest's Chief Technical Officer Joe Partlow and Chief Strategy Officer Jason Pfeiffer to discuss cyber trends they're seeing across RSA Conference 2023the benefits of such an eventAI in cyber and more.

In this episode of ShadowTalk, host Chris Morgan, along with Dani and Dean Murphy, discuss the latest news in cyber security and threat research. Topics this week include:A breakdown of ReliaQuest's latest Vulnerability quarterly reportAftermath of the ransomware attack affecting CapitaThe "Domino" Backdoor and "Project Nemesis" information stealing malwareLockbit targeting macOSResources:https://www.reliaquest.com/blog/2023-q1-vulnerabilities-cves/https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/

In this episode of ShadowTalk, host Stefano, along with Caroline and Kitch, discuss the latest news in cyber security and threat research. Topics this week include:A new approach in malicious infrastructure takedownThe latest TTPs of MERCURY aka MuddyWaterWhat's new on this Patch Tuesday?Resources:https://blogs.microsoft.com/on-the-issues/2023/04/06/stopping-cybercriminals-from-abusing-security-tools/https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2023-patch-tuesday-fixes-1-zero-day-97-flaws/

In this episode of ShadowTalk, host Stefano, along with Ivan and Corey, discuss the latest news in cyber security and threat research. Topics this week include:The prominent Genesis Market has been seized: What's next?Confidential Vulkan Files expose ties between Russian APTs and private sectorMicrosoft mitigates malicious attachments delivered via OneNoteResources:https://news.sky.com/story/notorious-criminal-marketplace-genesis-market-which-sold-stolen-bank-details-taken-down-12850517https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tacticshttps://www.securityweek.com/microsoft-onenote-starts-blocking-dangerous-file-extensions/https://www.reliaquest.com/blog/top-reads-march-2023/

In this early released episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, Kim Bromley, and Colin Ferris discuss the latest news in cyber security and threat research. Topics this week include:Implications from the 3CX supply-chain attack and what you need to do going forwardRussian telco Rostec de-anonymizing Telegram usersUpdates to the IcedID malwareResources:https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/https://www.reliaquest.com/blog/3cx-trojan-attack/https://www.bleepingcomputer.com/news/security/russia-s-rostec-allegedly-can-de-anonymize-telegram-users/https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/

In this episode of ShadowTalk, host Chris Morgan, along with Ivan Righi and Caroline Fenstermacher, discuss the latest news in the cyber security and the information security landscape. Topics this week include:Implications following the arrest of BreachForums administrator PompompurinCryptojacking activity group the TeamTNT threat group Microsoft Outlook bug CVE-2023-23397Resources:https://www.reliaquest.com/blog/breachforums-arrest-fbi/https://www.reliaquest.com/blog/cyber-threats-svb-collapse/https://www.reliaquest.com/platform/phishing-analyzer/

In this episode of ShadowTalk, host Stefano De Blasi, along with Rick Holland and Brandon Tirado, discuss cyber threats related to the SVB collapse, the FBI IC3 report and Cl0p ransomware: zero-day vulnerability and victims.Resources: https://www.reliaquest.com/blog/cyber-threats-svb-collapse/?https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdfhttps://www.reliaquest.com/blog/qbot-black-basta-ransomware/https://www.reliaquest.com/blog/html-smuggling-dark-web/

In this episode of ShadowTalk, host Stefano, along with Caroline and Dean, discuss:the new US National Cybersecurity Strategythe return of Emotetzero-day exploited by the Cl0p ransomware group.

This weeks ShadowTalk host Chris, along with Rick, Kitch and Corey, discuss:the email threat of HTML Smugglingthe latest guidance on logging from CISA.

This week's ShadowTalk podcast covers the latest developments and implications of the Russian-Urkaine War.Resources:https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-24-feb

This week's ShadowTalk podcast covers the latest in the Trickbot/Conti Sanctions, OneNote Documents, NATO DDoS Attacks.Resources:https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-17-feb

This week's ShadowTalk podcast covers the latest in the VMware ESXI Ransomware campaign, Killnet, SocGholish, and more. Resources:https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-feb

This week's ShadowTalk podcast covers the latest in the Hive ransomware takedown and dark web cybercriminal forum.Resources: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-3-feb

This week's ShadowTalk podcast covers the drop in Ransomware profits, DDoS activity spikes against Russian ISP, and Microsoft implementing security changes following a months-long investigation.Get this week’s intelligence summary at: resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-27-janSubscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.htmlAlso, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

Looking Back, Moving Forward. As 2023 gets into full swing, listen to our recap of 2022 including trends in cybercrime, espionage, hacktivism, and more. Plus, global industry forecasting for 2023. Get this week’s intelligence summary at: resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-20-janSubscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.htmlAlso, don’t forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.