ShadowTalk hosts Sean, Alec, Rick, and Ivan bring you the latest in threat intelligence. This week they cover:- CISA guidelines on frequently exploited vulnerabilities- Q2 Ransomware roundup/BlackMatter & Haron (new darkside/revil and avaddon), REvil ACH- With PunkSpider back, what are the implications of using this tech?Get this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-30th-july***Resources from this week’s ...
Jul 30, 2021•28 min
ShadowTalk hosts Stefano, Saul, Rory, and Kim bring you the latest in threat intelligence. This week they cover:- Microsoft Exchange server attach attributed to China- At least 180 journalists have been selected as targets by clients of the cybersurveillance company NSO Group- Zero-day exploits in 2021- Tor gets an update***Resources from this week’s podcast**** 2021 Ransomware Roll Up - https://www.digitalshadows.com/blog-and-research/q2-2021-ransomware-roll-up/* Blog: Cyber threats to Tokyo 20...
Jul 23, 2021•50 min
Digital Shadow’s CISO Rick Holland and Senior Cyber Threat Intel Analyst Sean Nikkel host this special edition of ShadowTalk. They are joined by special guest CEO and Founder at SCYTHE, Bryson Bort.
Jul 15, 2021•49 min
ShadowTalk hosts Stefano, Dylan, Adam, and Xue, bring you the latest in threat intelligence. This week they cover:- Xue takes us through the Kaseya ransomware supply-chain attack -REvil’s involvement and “Happy Blog” - Adam discusses a new threat group, Fancy Lazarus - where did they come from and what are their methods?- Dylan dives into malicious spyware apps found on Google Play that steal Facebook users’ logins and passwords - what we know so far - Plus, Adam’s malware name of the week and m...
Jul 09, 2021•58 min
ShadowTalk hosts Sean, Ivan and Digital Shadows CISO, Rick Holland, bring you the latest in threat intelligence. This week they cover:- The team touch on the most recent LinkedIn breach exposing 700 Million user details- Sean and Rick talk about the latest developments of the PrintNightmare incident- Ivan dives into the Marketo data theft marketplace - What’s the future for this group?- Rick discusses the latest PlayStation 3 console ID’s leak and how it’s different to previous breaches- What we...
Jul 02, 2021•36 min
Digital Shadows’ CISO Rick hosts this edition of ShadowTalk. He is joined by special guest Gert-Jan Bruggink. They discuss:●Gert-Jan’s origin story●Legos●Threat intelligence-based pen testing and red-teaming●Writing better threat landscape reports
Jun 30, 2021•42 min
ShadowTalk hosts Stefano, Chris, and Kim, bring you the latest in threat intelligence. This week they cover:- Kim dives into Google’s new Supply Chain Attack framework - how will it operate?- Chris discusses South Korea's energy research institute networks being compromised by North Korean threat actors - how did they gain access?- The team talk new NATO agreements that put cybersecurity at the forefrontGet this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/...
Jun 25, 2021•29 min
Digital Shadows CISO Rick and Senior Cyber Threat Intel Analyst Sean Nikkel host this edition of ShadowTalk. They're joined by special guests Dan Sherry and Grace Chi, founders of Pulsedive. They discuss:-Dan & Grace's origin stories and how Pulsedive came to be -Grace's LinkedIn “Sides of Cyber” campaign, promoting unknown talents and how they enrich people's lives-IOCs aren't dead - how IOCs can be leveraged as part of a broader program-How to kick the tires on Pulsedive - they even includ...
Jun 24, 2021•43 min
ShadowTalk hosts Sean, Ivan, and Charles bring you the latest in threat intelligence. This week they cover:- The team discusses the most recent EA breach - what’s the history of attacks against software/game developers?- Charles dives into the latest on VPN vulnerabilities - why does this problem persist? - Ivan talks about Clop arrests - how big of a player is Clop in the world of cyber crime?- Predictions for the ransomware scene in the future - can we expect more intervention by law enforceme...
Jun 18, 2021•21 min
Digital Shadows CISO Rick and Senior Cyber Threat Intel Analyst Sean host this guest edition of ShadowTalk. Anomali's Sr. Director of Cyber Intelligence Strategy, AJ Nash, joined them to discuss:- AJ's origin story with the U.S. Air Force - AJ's lessons from building threat intelligence teams - The need for intelligence leaders to be more strategic and move beyond IOCs and the SOC - AJ's new blog where he proposed the Chief Intelligence Officer (CINO)***Resources from this special podcast***Find...
Jun 16, 2021•51 min
ShadowTalk hosts Stefano, Adam, Chris, and newcomer, Rory, bring you the latest in threat intelligence. This week they cover:-Adam takes us through the latest cyber espionage campaigns attributed to Chinese-state-sponsored APT groups-Rory discusses a sophisticated law enforcement campaign targeting criminal syndicates all over the world-Chris dives into the new GitHub policies - what led to these new guidelines?-The team talks about updates on the Colonial Pipeline incident - what’s the latest?-...
Jun 11, 2021•56 min
ShadowTalk hosts Sean, Alec, Charles, and Digital Shadows CISO, Rick Holland, bring you the latest in threat intelligence. This week they cover:- Alec dives into Nobelium - who are they and what happened in the latest attack?- Charles takes us through VMWare exploits - how does it compare to earlier vulnerabilities?- Rick discusses the Biden Administration’s open letter to business leaders on the state of ransomware - Plus, check out our latest content including thoughts on the 2021 Verizon DBIR...
Jun 04, 2021•24 min
ShadowTalk hosts Stefano, Adam, and Xue bring you the latest in threat intelligence for the APAC region. They cover:- Xue take us through how the APAC threat landscape has changed in the last 18 months- What are the prominent ransomware and APT groups and what are they up to?- The team discusses how cybersec institutions are using new regulations to offset some traditional challenges- Adam talks about the Tokyo 2020 threat landscape and how it's been shaped by the event postponement due to COVID...
Jun 03, 2021•52 min
ShadowTalk hosts Stefano, Adam, Kim, and Dylan bring you the latest in threat intelligence. This week they cover:- Dylan discusses how cheese was the downfall of a drug dealer in the UK and how a cybercriminal messaging forum contributed- Kim talks ransomware - how ransom demands stole the spotlight from supply-chain attacks- Avaddon victims refuse to pay ransom demands - what happened?- Adam dives into politically motivated ransomware Get this week’s intelligence summary at: https://resources.d...
May 28, 2021•45 min
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest and friend Jeff Stone, Editor at CyberScoop News. They discuss: - Jeff's origin story - Parallels between journalism and threat intelligence - How journalists validate sources - Why "It's better to be right than first"- The go-to defense lawyer for Russian and Eastern European cybercriminals- The nuance around interviewing cybercriminals***Resources from this special podcast*** Find Jeff on Twitter: https://...
May 25, 2021•45 min
ShadowTalk hosts Sean, Alec, Ivan, and Charles bring you the latest in threat intelligence. This week they cover:- Ivan takes us through the latest updates on DarkSide and the Colonial Pipeline incident - DarkSide faces consequences - The team talks about new legislation from the US government - better late than never?- Plus, our hosts dive into all things ransomware - what’s happening with the cyber threat landscape?- Alec brings us the latest on Conti ransomware targeting Ireland's Department ...
May 21, 2021•30 min
ShadowTalk hosts Stefano, Chris, Kim, and Xue bring you the latest in threat intelligence. This week they cover:- Xue takes us through the Colonial Pipeline ransomware incident - DarkSide’s involvement and more - What does the attack on the Colonial Pipeline indicate for future cyber threats against critical infrastructure?- Chris dives into the BEC incident - what does it mean and what happened? - Kim discusses the Bulletproof Hosting indictment - what is the impact?Get this week’s intelligence...
May 14, 2021•47 min
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest David Thejl-Clayton , Senior Advisor in Cyber Defense at Combitech. They discuss: - David talks origin story, his journey through CTI, and his current role at Combitech - His obsession with data driven response and how that data-love came to be- He and Rick reminisce about favorite speakers at SANS- They discuss the Verizon DBIR - what’s to come?- Purple-teaming - how to bring value to organizations through ...
May 14, 2021•44 min
ShadowTalk hosts Alec, Ivan, Sean, and Digital Shadows CISO, Rick, bring you the latest in threat intelligence. This week they cover:- Sean discusses Pulse Secure VPN vulnerabilities - what are the latest updates and who is being targeted?- The team talks about supply chain compromise - what is it?- Sean takes us through the DDoS attack on Belnet - Babuk is hanging up their hat - Ivan brings us the latest- Ryuk gets ahold of bio research through a studentGet this week’s intelligence summary at: ...
May 07, 2021•34 min
Digital Shadows CISO, Rick, hosts this edition of ShadowTalk. He’s joined by special guest Amy Bejtlich, Director of Intelligence Analysis at Dragos, Inc. They discuss: - Amy’s origin story and journey from traditional intelligence to cyber intelligence- How to "bloom where you are planted" - Her various SANS cyber threat intel presentations- How to build a "culture of candor" within an intel team - Minimizing burnout and supporting the mental health of teams***Resources from this week’s podcast...
May 06, 2021•33 min
It’s a full house with ShadowTalk hosts Stefano, Alec, Charles, Kim, Dylan, Adam, and Digital Shadows CISO, Rick! The team is looking back at three years of ShadowTalk and taking us on a journey through changes in the threat landscape. They discuss: - Adam and Alec take us through ransomware heavy hitters from the last few years - Big game hunting, double-extortion, and more- The team reminisce about their first time joining ShadowTalk - Kim and Rick tackle supply-chain attacks - looking back at...
Apr 30, 2021•1 hr 10 min
ShadowTalk hosts Alec, Ivan, Charles, and newcomer, Sean, bring you the latest in threat intelligence. This week they cover:- Ivan dives into FBI actions against web-shells from compromised Exchange servers- Codecov supply chain attacks - Charles brings us the latest - The team discuss the Pulse Secure VPN bug - Plus, don’t forget our special 200th episode next week! Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-23-april ...
Apr 23, 2021•24 min
ShadowTalk hosts Stefano, Adam, Kim, and Chris bring you the latest in threat intelligence. This week they cover:- Kim takes us back to SolarWinds, the Centreon breach, the Accellion incident, and the Microsoft Exchange supply chain attack- The team discusses attributing attacks - state sponsored threat actors leverage sophisticated tactics, allowing lower level cybercriminals to ride their coattails - Chris takes the teams through mitigating risks and proxy logon vulnerabilities- How Covid-19 a...
Apr 16, 2021•1 hr 11 min
ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:- Ivan talks through the latest updates on the Facebook data breach - threat actors selling old data for cheap and what was potentially exposed- Charles discusses Fortinet vulnerabilities - what are the technical details and how do defenders protect their data?- The team dives deeper into the ransomware cartel - Clop updates - what’s the latest and who are they ta...
Apr 09, 2021•37 min
ShadowTalk hosts Stefano, Dylan, Kim, and Chris bring you the latest in threat intelligence. This week they cover:- Kim and her recent ransomware round-up - insurance company CNA suffers attack, Clop holds victims for ransom, and more- Chris takes the team through the PHP Git Server backdoor - Dylan and the group talk pandemic, remote-working, and cyber hygiene Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-02-april ***Res...
Apr 02, 2021•50 min
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest Dr. Chase Cunningham, author, Retired Navy Chief Cryptologist, and Chief Strategy Officer at Ericom Software. They discuss: -Dr. Chase's origin story -How to use Zero Trust to take back initiative from the adversary -How the VPN is the Palm Pilot of your network infrastructure -Why there is no Zero Trust easy button -Chase's romance novel on cyber warfare -Threat modeling vacations***Resources from this week...
Mar 30, 2021•36 min
ShadowTalk hosts Alec, Austin, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:-The team discusses the latest on Exchange Servers vulnerabilities - should guards still be up? -Austin takes us through the timeline of ransomware taking advantage of vulnerabilities regarding Microsoft -Austin talks $50 million ransom against Acer - biggest known ransom request in modern history. What does this mean for the threat landscape going forward? -A p...
Mar 26, 2021•21 min
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest John Kindervag, creator of Zero Trust and Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow at ON2IT Cybersecurity. They discuss: -John’s origin story and influences - what led to the creation of Zero Trust?- Zero Trust - origin, design principles, and terminology - What are your protect surfaces? - using Zero Trust- John’s new position at ON2IT***Resources from this week’s podcast***Find Joh...
Mar 23, 2021•40 min
ShadowTalk hosts Stefano, Adam, Kim, and first-timer Chris bring you the latest in threat intelligence. This week they cover:-Kim takes us through the return of FIN8 - what are the updates to the “BadHatch” backdoor-Chris discusses DarkSides recent resurgence after a quiet period - what’s the latest?-Microsoft Exchange exploit update - the team discuss -How are threat actors and cybercriminals using ProxyLogon vulnerabilities?Get this week’s intelligence summary at: https://resources.digitalshad...
Mar 19, 2021•42 min
ShadowTalk hosts Alec, Ivan, Charles, and Austin bring you the latest in threat intelligence. This week they cover:- The team discuss HAFNIUM and Microsoft Servers Exchange- Updates on the Accellion incident - what’s the latest regarding Flagstar?- The Verkada compromise - who were the victims affected by the breach of private video footage?Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-12-march ***Resources from this week...
Mar 12, 2021•24 min
