In this episode of ShadowTalk, host and ReliaQuest CISO Rick Holand and ReliaQuest Threat Research team members Corey Carter and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include: A deep dive on domain redirection attacks New ransomware report from the UK government New Managed Engine zero-day exploited by multiple threat actors Anonymous Sudan Telegram bans and DDoS attacks. Resources: https://www.ncsc.gov.uk/whitepaper/ransomware-extortion-and...
Sep 14, 2023•35 min
In this episode of ShadowTalk, host Roman, along with Corey and Ivan, discuss the latest news in cyber security and threat research. Topics this week include: A deep dive of malware loader SocGhoulish Artificial intelligence: implications, security concerns, and use by cybercriminals LockBit leaking top secret information from the UK’s Ministry of Defence Resources: https://www.reliaquest.com/blog/the-3-malware-loaders-behind-80-of-incidents https://www.reliaquest.com/blog/socgholish-fakeupdates...
Sep 08, 2023•34 min
In this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include: The FBI operation targeting Qakbot infrastructure Barracuda Zero-Day targeted by Peoples Republic of China (PRC) aligned actors The resurgence and future of Hacktivism
Sep 01, 2023•40 min
In this episode of ShadowTalk, host Dean Murphy, along with one of ReliaQuest's CISO's Rick Holland and Threat Hunter Brian Kelly, discuss the latest news in cyber security and threat research. Topics this week include: Malware Loaders Ransomware Runbooks Generative AI Barracuda ESG - Zero-Day Resources: https://www.reliaquest.com/blog/lockbit-ransomware-2023/ https://analyst1.com/ransomware-diaries-volume-1/ https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-g...
Aug 25, 2023•28 min
In this episode of ShadowTalk, host Chris, along with one of Brandon and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include: Recap of DefCon conference The latest updates regarding Clop's exploitation of MOVEit zero-day The return of the infamous Raccoon Stealer
Aug 18, 2023•32 min
In this episode, one of ReliaQuest's CISO's Rick Holland is joined by threat hunters Colin Ferris and Caroline Fenstermacher to discuss the presence of AI at BlackHat, Device Code Phishing, trends from the Russia-Ukraine War and lastly how to make the most of a visit to DEF CON.
Aug 11, 2023•33 min
In this episode, one of ReliaQuest's CISO's Rick Holland and Chief Technology Officer Joe Partlow are joined by Freeport LNG CISO, Todd Beebe and Ciena CISO Ryan Hammer to discuss all things BlackHat 2023.
Aug 10, 2023•15 min
In this episode of ShadowTalk, host Chris, along with one of ReliaQuest's CISOs Rick, and James, discuss the latest news in cyber security and threat research. Topics this week include: Themes in recent Business Email Compromise (BEC) activity A breakdown of ReliaQuest research into threats facing the Professional, Scientific, and Technical Services (PSTS) sector The influence of AI on the cyber threat landscape ReliaQuest activities at BlackHat 2023 conference...
Aug 04, 2023•40 min
In this episode of ShadowTalk, host Roman, along with Ivan and Brandon, discuss the latest news in cyber security and threat research. Topics this week include: Twitter becoming X security concerns Cl0p names 71 new victims ReliaQuest releases Q2 ransomware report Hackers target Norwegian government ministries with Ivanti zero-day exploit ALPHV ransomware group creates API key for its data leak site Resources: https://www.bleepingcomputer.com/news/security/norway-says-ivanti-zero-day-was-used-to...
Jul 28, 2023•31 min
In this episode of ShadowTalk, host Chris, along with Brian and James, discuss the latest news in cyber security and threat research. Topics this week include: ReliaQuest research into common attacker techniques An update on Clop's exploitation of the MOVEit vulnerability ChatGPT rival with ‘no ethical boundaries’ sold on dark web Resources: https://www.reliaquest.com/blog/top-adversary-techniques-july-2023/ https://www.reliaquest.com/blog/clop-leaks-first-victims/ https://www.zdnet.com/article/...
Jul 21, 2023•22 min
In this episode of ShadowTalk, host Dean Murphy, one of ReliaQuests CISO's Rick Holland and threat research teamers Colin Ferris and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include: Chinese hackers breach Microsoft Cloud Strava App – Tracked and Killed Cl0p Update Remote Monitoring and Management Software – RMM Resources: https://www.cnn.com/2023/07/11/europe/russian-submarine-commander-killed-krasnador-intl/index.html https://www.telegraph.co...
Jul 14, 2023•39 min
In this episode of ShadowTalk, host Chris Morgan, along with Corey Carter, Jonny Elrod, Gjergji Paco, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include: Threat actors obfuscating activity through virtualization LockBit claim to have impacted Taiwanese semiconductor giant TSMC CISA identify new exploited vulnerabilities New critical vulnerability impacting Fortinet, FortiOS and FortiProxy SSL-VPN appliances Resource...
Jul 07, 2023•33 min
In this episode of ShadowTalk, host Stefano, along with Kim Bromley, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include: The SEC reportedly charging SolarWinds executives APT29 hunting for credentials Our new, shiny Annual Threat Report Resources: https://www.reuters.com/technology/solarwinds-executives-receive-wells-notice-us-sec-2023-06-23/ https://www.scmagazine.com/brief/identity-and-access/apt29-intensifies-cre...
Jun 30, 2023•28 min
In this episode of ShadowTalk, host Chris, along with Dani, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include: The latest updates related to Cl0p's exploitation of MOVEit zero-day Killnet targeting European financial institutions Insights drawn from our closed sources team The team's observations on this years InfoSec conference Resources: https://www.reliaquest.com/blog/clop-leaks-first-victims/ https://techmonito...
Jun 23, 2023•42 min
In this episode of ShadowTalk, host Chris, along with Colin and Caroline, discuss the latest news in cyber security and threat research. Topics this week include: The latest updates related to Clop's exploitation of MOVEit zero-day An overview of the Gootloader initial access malware Fortinet RCE CVE-2023-27997 Ukraine's Cyber Anarchy Squad take down Infotel Resources: https://www.reliaquest.com/blog/clop-leaks-first-victims/ https://www.scmagazine.com/news/device-security/fortinet-patches-criti...
Jun 19, 2023•33 min
In this episode of ShadowTalk, host Stefano, along with Rick, Dean, and Ivan, discuss the latest news in cyber security and threat research. Topics this week include: What you need to know on the MOVEit Zero-day vulnerability and the latest Cl0p updates Infostealers ecosystem: most common malware, impact, and mitigation strategies Key insights from the latest Verizon's DBIR issue Resources: https://www.reliaquest.com/blog/moveit-vulnerability-update-clop-claims-responsibility/ https://www.verizo...
Jun 09, 2023•32 min
In this episode of ShadowTalk, host Chris, along with Gjergji and Ivan, discuss the latest news in cyber security and threat research. Topics this week include: What you need to know on the MOVEit Zero-day vulnerability RaidForums user's data breached The Buhti ransomware taking a unique approach to targeting victims Resources: https://www.reliaquest.com/blog/moveit-transfer-zero-day/ https://www.bleepingcomputer.com/news/security/new-buhti-ransomware-gang-uses-leaked-windows-linux-encryptors/ h...
Jun 02, 2023•18 min
Summary: In this episode of ShadowTalk, host Stefano, along with Kim, Rick, and Dean, discuss the latest news in cyber security and threat research. Topics this week include: An investigation into the GootLoader malware The latest operation from hacktivist group Intrusion Truth A cyber espionage campaign conduct by Volt Typhoon RQ Exponent conference debrief Resources: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a https://www.washingtonpost.com/politics/2023/05/15/they-dox-...
May 26, 2023•30 min
In this episode of ShadowTalk, host Chris Morgan , along with Caroline Fenstermacher and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include: Revisiting the SocGholish malware distribution framework Getting pricked by the Cactus ransomware Greatness Phishing-as-a-service Resources: https://www.reliaquest.com/blog/socgholish-fakeupdates/ https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.html https://www.bleepingcomputer.com/n...
May 19, 2023•31 min
Summary: In this episode of ShadowTalk, host Stefano, along with Caroline and Colin, discuss the latest news in cyber security and threat research. Topics this week include: Five Eyes agencies takedown FSB-linked Snake malware Hunting Kubernetes for privilege escalation techniques Investigation offers insights into Caffeine PhaaS platform Resources: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129a https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/cont...
May 12, 2023•37 min
In this episode of ShadowTalk, host Chris Morgan is joined by Corey Carter and Ivan Righi to discuss: A day in the life of a Threat Engineer at ReliaQuest ALPHV leaking internal comm's related to victims incident response High Severity vulnerability affecting Veeam back servers exploited in the wild (CVE-2023-27532)
May 05, 2023•26 min
In this episode of ShadowTalk, host Stefano, along with Kim, Ivan, and Brandon, discuss the latest news in cyber security and threat research. Topics this week include: Highlights from the ReliaQuest Ransomware Quarterly Report Q1 2023 A supply-chain of a supply-chain: 3CX Update Analysis of Russia-Ukraine cyber operations A look into recent shifts in the cybercriminal ecosystem Resources: https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/ https://www.ncsc.gov.uk/news/new-analysis-eccri...
Apr 28, 2023•47 min
In this episode, host and CISO Rick Holland is joined by ReliaQuest's Chief Technical Officer Joe Partlow and Chief Strategy Officer Jason Pfeiffer to discuss cyber trends they're seeing across RSA Conference 2023 the benefits of such an event AI in cyber and more.
Apr 26, 2023•18 min
In this episode of ShadowTalk, host Chris Morgan, along with Dani and Dean Murphy, discuss the latest news in cyber security and threat research. Topics this week include: A breakdown of ReliaQuest's latest Vulnerability quarterly report Aftermath of the ransomware attack affecting Capita The "Domino" Backdoor and "Project Nemesis" information stealing malware Lockbit targeting macOS Resources: https://www.reliaquest.com/blog/2023-q1-vulnerabilities-cves/ https://www.reliaquest.com/blog/2023-ran...
Apr 21, 2023•38 min
In this episode of ShadowTalk, host Stefano, along with Caroline and Kitch, discuss the latest news in cyber security and threat research. Topics this week include: A new approach in malicious infrastructure takedown The latest TTPs of MERCURY aka MuddyWater What's new on this Patch Tuesday? Resources: https://blogs.microsoft.com/on-the-issues/2023/04/06/stopping-cybercriminals-from-abusing-security-tools/ https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-...
Apr 14, 2023•35 min
In this episode of ShadowTalk, host Stefano, along with Ivan and Corey, discuss the latest news in cyber security and threat research. Topics this week include: The prominent Genesis Market has been seized: What's next? Confidential Vulkan Files expose ties between Russian APTs and private sector Microsoft mitigates malicious attachments delivered via OneNote Resources: https://news.sky.com/story/notorious-criminal-marketplace-genesis-market-which-sold-stolen-bank-details-taken-down-12850517 htt...
Apr 07, 2023•23 min
In this early released episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, Kim Bromley, and Colin Ferris discuss the latest news in cyber security and threat research. Topics this week include: Implications from the 3CX supply-chain attack and what you need to do going forward Russian telco Rostec de-anonymizing Telegram users Updates to the IcedID malware Resources: https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/ https://www.reliaquest....
Mar 30, 2023•34 min
In this episode of ShadowTalk, host Chris Morgan, along with Ivan Righi and Caroline Fenstermacher, discuss the latest news in the cyber security and the information security landscape. Topics this week include: Implications following the arrest of BreachForums administrator Pompompurin Cryptojacking activity group the TeamTNT threat group Microsoft Outlook bug CVE-2023-23397 Resources: https://www.reliaquest.com/blog/breachforums-arrest-fbi/ https://www.reliaquest.com/blog/cyber-threats-svb-col...
Mar 24, 2023•28 min
In this episode of ShadowTalk, host Stefano De Blasi, along with Rick Holland and Brandon Tirado, discuss cyber threats related to the SVB collapse, the FBI IC3 report and Cl0p ransomware: zero-day vulnerability and victims. Resources: https://www.reliaquest.com/blog/cyber-threats-svb-collapse/? https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf https://www.reliaquest.com/blog/qbot-black-basta-ransomware/ https://www.reliaquest.com/blog/html-smuggling-dark-web/...
Mar 17, 2023•37 min
In this episode of ShadowTalk, host Stefano, along with Caroline and Dean, discuss: the new US National Cybersecurity Strategy the return of Emotet zero-day exploited by the Cl0p ransomware group.
Mar 17, 2023•32 min
