Jamie, Adam, and Demelza join Viktoria for this week’s threat intelligence updates.Top stories this week include:- Vulnerability allowed hijacking of Microsoft Teams account with a GIF- APT32 seeks pandemic intel from Wuhan government, Chinese ministry- Microsoft Intelligence team report on uptick in ransomwareCheck out our intelligence summary for more details here: https://resources.digitalshadows.com/weekly-intelligence-summary***Resources from this week***Charitable Endeavors on Cybercrimina...
May 01, 2020•25 min
Maze Ransomware Infiltrates Cognizant, Czech NCISA Warning, And Third Party Risk Assessment PrioritiesAlex, Kacey, Charles, and Harrison host this week’s ShadowTalk for threat intel updates including Maze ransomware updates, a warning of an imminent threat from the Czech NCISA, priorities for third party risks assessments, and the Nulled Cracking Forum going mobile. Finally, Harrison passes the torch to Alex for hosting ShadowTalk. We’ll miss you, HVR! Grab this week’s full intelligence summary ...
Apr 24, 2020•33 min
This week we have new ShadowTalk guest joining us from London, Demelza! She joins Viktoria and Jamie for our threat intel update this week to cover a data breach at the San Francisco airport, Fin6 updates, and how Sodinokibi is attempting to hide their money trail by switching form Bitcoin to Monero.Check out this week’s Intelligence Summary at https://resources.digitalshadows.com/weekly-intelligence-summaryThanks for tuning in, and stay safe out there!***Resources This Week***Remote Working Thr...
Apr 17, 2020•22 min
Coming to you from Dallas this week - we have Kacey, Harrison, Alex, and Charles. This week the team talks through third party app risks as they relate to COVID-19, as well as touch on security considerations for video conferencing platforms. We also talk through the latest story around the DarkHotel hackers using a VPN zero-day to compromise Chinese government agencies. Check out this week’s Intelligence Summary at https://resources.digitalshadows.com/weekly-intelligence-summaryAnd for all of o...
Apr 10, 2020•23 min
Hey all you cool cats and kittens! We’ve got a brand-new threat intel episode for you coming from our virtual podcast studio with Adam, Jamie, and Viktoria.The team chat through the latest Zoom zero-day flaws discovered, and the story around Fin7 delivering malware via USB sticks and teddy bears in the mail. Get this week’s intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summaryStay safe out there!***Resources From this Week***Digital Risk Remediation blog: https...
Apr 03, 2020•22 min
This week the team looks at some Coronavirus threat intel updates including a Threat Model of the Remote Worker and the top businesses and industries most likely to be targeted by cyber attacks. Then the team looks at some cybercrime stories including how the Kapusta service is using marketing tactics, and a story around FSB arresting a cybercrime group. Finally … an advanced persistent… cow?Hear this and more from Kacey, Alex, Harrison, and Rick in this week’s episode!***Resources from this wee...
Mar 27, 2020•22 min
We’ve got Adam and Jamie joining Viktoria remotely for this week’s ShadowTalk! The London crew chats through the Slack vulnerability story, the news around the Dutch government losing hard drives with data of 6.9 million registered donors, the Apollon Dark Web Exit Scam, and who should own brand protection within an organization. Don’t miss our special episode this week with CISO Rick Holland, Alex, and Harrison on Coronavirus Threat Intel updates and advice. Thanks for listening and stay safe o...
Mar 20, 2020•23 min
CISO and VP of Strategy, Rick Holland, joins Alex and Harrison for this special episode to discuss how cybercriminals are exploiting Coronavirus (COVID-19). With regards to Coronavirus, the team looks at:- What kinds of discussions are taking place right now on the dark web and other criminal outposts?- What should organizations be on the lookout for right now?- Advice for other CISOs and security practitioners For more information, check out our Coronavirus threat intelligence resources at http...
Mar 19, 2020•20 min
Dallas is packing up the podcast… don’t fret. The team is just moving offices. RIP (rest in podcast).The team also packs a ton of news updates in this week. (Yeah, we went there). Here’s this week’s highlights:- Necurs Botnet Indictment- TA505- SMB Vulnerability: Cve 2020 0796- Coronavirus Scams, Fraud, and Misinformation- New cybercrime findings from the team on Envoy and KilosRounding up this week, we have some Pi Day history (and jokes of course!). Thanks for listening. Check out this week’s ...
Mar 13, 2020•31 min
Lots of threat intelligence news updates in this week’s ShadowTalk episode with Jamie Collier, Adam Cook, and Viktoria Austin. Top stories this week include:- NCSC advising consumers on security precautions around smart cameras and baby monitors- Banking Trojan steals Google Authenticator app codes- Ransomware Attack on Epiq Legal Services- Tesco Clubcard fraud warning- Boots Advantage Card hit by cyber attack Get this week’s Intelligence Summary at https://resources.digitalshadows.com/weekly-in...
Mar 06, 2020•28 min
Alex, Harrison, and Rick discuss this year’s FBI IC3 (Internet Crime Complaint Center) report. In 2019, the FBI responded to over 460,000 complaints and observed estimated losses of over $3.5 billion across all instances of reported cybercrime. In comparison, there were over 350,000 complaints and $2.7 billion in losses, as reported in the previous year’s 2018 IC3 report. That’s a 33% increase in the number of reports and a 30% increase in total reported losses from 2018 to 2019.The team covers:...
Mar 03, 2020•22 min
Coming to you from Dallas this week - we’ve got Charles, Kacey, Harrison, and Alex.First up - 3 data breaches this week:1. Decathlon Spain (and also potentially their UK entity)2. Clevguard3. Department of Defense’s Defense Information Systems Agency (DISA)Then we look at the Dopplepaymer ransomware, who launched a site this week. Finally Harrison shares some details around his new blog mapping MITRE ATT&CK to the Equifax Indictment. To check out this week’s intelligence summary, visit https...
Feb 28, 2020•30 min
Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first - we get a rundown of the brand new Photon research blog this week around phishing from Harrison and Alex. This Week’s Agenda:1. New phishing ecosystem research we just dropped this week - check it out for some interesting new data findings: https://www.digitalshadows.com/blog-and-research/the-ecosystem-of-phishing/2. OurMine Hacks FC Barcelona and Olympics Twitter Handles 3. Google AdSense Email Extortion Scam4. FB...
Feb 21, 2020•31 min
Roses are red, violets are blue, here’s our threat intel podcast, just for you!Kacey, Charles, Alex, and Harrison have a Valentine’s special for you all. This week the team covers:- OurMine hacks- The Equifax Indictment- SWIFT POC attackGet this week’s intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary***Resources from this Week***ACH paper: https://resources.digitalshadows.com/whitepapers-and-reports/applying-the-analysis-of-competing-hypotheses-to-the-cybe...
Feb 14, 2020•30 min
Sarah Yoder and Jackie Lasky from MITRE join Rick Holland and Harrison Van Riper in this guest episode to talk through their tool, Threat Report ATT&CK Mapping (TRAM). Both Sarah and Jackie are Cyber Security Engineers at The MITRE Corporation and presented this new tool at the recent SANS CTI Summit. During the discussion, they talk through:- What brought them to MITRE- TRAM - what it is, goals that the project was designed to address, and how to get involved- Highlights and key takeaways f...
Feb 11, 2020•27 min
January was a looooong year. Anyone else? In this week’s episode, Jamie starts by talking about his recent blog, Cyber Threat Intelligence Frameworks, with 5 rules for integrating these frameworks within your organization. Viktoria and Jamie also discuss:- APT34, where Iranian hackers targeted U.S. Gov vendor, Westat- Wawa Breach Developments- Coronavirus Phishing Scams- Winnti Group targeting Hong Kong universitiesCheck out this week’s intelligence summary at https://resources.digitalshadows.co...
Feb 07, 2020•17 min
Rick Holland jumps in to kick-off this week’s episode to recap the 2020 SANS CTI Summit with Harrison. Then Harrison, Alex, Kacey, and Charles talk through other top stories of the week including: - Snake Malware- Competitions we’re seeing on Russian-language cybercriminal forums- Citrix Vulnerability Update - New ‘CacheOut’ Attack Targets Intel CPUsRounding off the episode, the team shares their favorite infosec twitter post of the week to spice up the episode. Have a great week! ***Resources F...
Jan 31, 2020•39 min
Following on from last week, Citrix released a first set of patches to fix a vulnerability (CVE-2019 -19781) affecting the company’s NetScaler ADC Application Delivery Controller and it’s Citrix Gateway. Viktoria and Richard Gold discuss how organizations can mitigate the risk.Adam and Phil then join Viktoria to discuss other top stories of the week including 250 million Microsoft customer service and support records exposed on the web. The team also discusses a story where a list of Telnet cred...
Jan 27, 2020•31 min
Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team talks through what the vulnerabilities are and why they’re important. Then the team talks through ransomware updates including Cryptonite ransomware as a service, Sodinokibi operators threatening to release Travelex data, and Nemty operators threatening to release victim data. Finally Harrison gives a q...
Jan 17, 2020•27 min
We’re back with our weekly ShadowTalk episodes! Viktoria hosts this week and introduces the episode bringing Sammy on to provide some regional insight and context around the Iranian cyber threat and discusses whether a cyber response is likely. Then Adam and Viktoria discuss other tops stories from the week including a ransomware outage for Travelex, Xiaomi Mijia camera data exposed, and bc[.]monster updates on Exploit forum.Check out our Intelligence Summary at https://resources.digitalshadows....
Jan 10, 2020•28 min
Rick Holland (CISO at Digital Shadows) joins Harrison to share his thoughts on the Iranian cyber threat and what it means for cyber defenders. What should security practitioners be concerned with within the cyber sphere? Rick and Harrison discuss:- How threat du jour thinking isn’t an adequate defense model- Communicating up the chain of command effectively - Attack Techniques used by Iranian State Actors - What you can do proactively as a Security Practitioner- Why haven’t we seen any significa...
Jan 07, 2020•23 min
CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers:- Ring Doorbell security- New Orleans victim of Ryuk Ransomware- Predictions for 2020 in cybersecurity- A lightning round of holiday questionsThanks to all of you listeners for tuning in each week in 2019. We’ve had a great time chatting each week across the globe, and we’re looking forward to another great year of ShadowTalk in 2020!Cheers!P.S. Check out our holiday pho...
Dec 18, 2019•18 min
Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6 Million Fine.We’ve got a new format for our weekly intelligence summary report. Check it out at https://resources.digitalshadows.com/weekly-intelligence-summaryThanks for listening and look out for our special (holiday-themed) final ShadowTalk episode of the year next week! ***More Resources This Week***TMI b...
Dec 13, 2019•28 min
Viktoria invites Stewart Bertram to kick-off this week’s episode around new cybercrime research we put out on the Modern Cybercriminal Forum and how the rise of alternative technologies hasn’t spelled the end of forums, which seem to be prospering against all odds.You can check out the research findings here: https://www.digitalshadows.com/blog-and-research/forums-are-forever-part-1-cybercrime-never-dies/Next Adam Cook joins to discuss the weekly highlights including the Mixcloud Breach and an i...
Dec 05, 2019•26 min
Adam Cook and Viktoria Austin talk through the security and threat intelligence stories of this week including an update around Phineas Fisher, where the hacker offered up to $100k in what they called the “Hacktivist Bug Hunting Program”. The team also chats through a recent ransomware attack on Veterinary hospitals in the U.S., and some other ransomware updates. Then Viktoria and Adam touch upon some research from our own threat intelligence team (Photon Research), specifically around the dark ...
Nov 22, 2019•19 min
Dallas is sound effects and all this week with Kacey, Charles, Alex, and Harrison. The team discusses their recent OSINT workshop at BSidesDFW and how you can access the training materials, plus Harrison reviews his latest research into dynamic CVVs within the security realm. Finally the team looks at the recent news around the Facebook camera bug and how the public is reacting. Download the full intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summaryHave a great...
Nov 16, 2019•33 min
This week the London team looks at the following stories:- BlueKeep Exploit Could Rapidly Spread- Megacortex Ransomware Changes Windows Passwords- Japanese Media Company Nikkei - $29 million lost to BEC scam- Web.com Breach- 21 million employee accounts for Fortune 500 companies offered on the dark web Get the full intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary***Resources from this week***https://www.bleepingcomputer.com/news/security/new-megacortex-ran...
Nov 08, 2019•21 min
Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of about 7.5 million Adobe Creative Cloud users. The team then looks at the news story around the City of Johannesburg experiencing a ransomware attack as well as APT28 (aka Fancy Bear) targeting anti-doping authorities and sporting organizations. ***Resources from this week’s episode***- BriansClub Blog from Viktoria: https://www.digitalshadow...
Nov 01, 2019•23 min
We’ve got all 3 ShadowTalk hosts in Dallas this week: Harrison Van Riper, Viktoria Austin, and Alex Guirakhoo. The team first looks at Avast, which encountered a cyber espionage attempt. Then NordVPN announced that a hacker had breached servers used by NordVPN. And finally Dr. Richard Gold put out a new blog this week on dispelling the myths around using public wifi, so the team helps summarize some of the key points. Check out the full blog at https://www.digitalshadows.com/blog-and-research/wi...
Oct 25, 2019•27 min
Adam Cook, Philip Doherty, and Xueyin Peh join Viktoria Austin for a special ShadowTalk episode around the Singapore Cyber Threat Landscape. The team looks at the heightened threat level for Singapore, why it’s being targeted, and the types of organizations being impacted. Read the full analysis in our blog post here: https://www.digitalshadows.com/blog-and-research/singapore-cyber-threat-landscape-report-h1-2019/
Oct 23, 2019•24 min
