In this episode of ShadowTalk, hosts Chris and Kim, along with Ivan and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include: Lockbit claim breach of the US Federal Reserve, but are they telling the truth? ReliaQuest research into misuse of Protocol Tunneling Fallout from the US Ban of Kaspersky Resources: https://www.reliaquest.com/blog/protocol-tunneling-tools-and-techniques/#:~:text=Protocol%20tunneling%20is%20a%20technique%20used%20to%20encapsulate...
Jun 27, 2024•32 min
In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include: Scattered Spider leader reportedly arrested, as group pivot to target SaaS solutions ReliaQuest research into supply chain compromise. Detections to improve your resilience Classifying insider threats and the difficulties of proving intent Resources: https://www.reliaquest.com/blog/what-is-scattered-spider/ https://www.reliaquest.com/blog/scattere...
Jun 20, 2024•43 min
In this Special Guest Episode of ShadowTalk, host Chris and one of ReliaQuest's CISOs Rick Holland are joined by University of Kansas Health System (UKHS) CISO Michael Meis to discuss the latest news in cyber security and threat research. Topics this week include: Significant threats facing healthcare: Ransomware, accidental insiders The influence of COVID on ransomware activity The immediate and long term impact of the Optum breach The importance of understanding your revenue cycle to weather t...
Jun 12, 2024•43 min
In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest Chief Strategy Officer Jason Pfeiffer LIVE on the InfoSec Europe show floor in London, UK to discuss: How InfoSec stacks up against the US cyber conferences Snowflake data breach affecting TicketMaster and others Cybercriminal reflections on generative AI Resources: https://www.reliaquest.com/blog/common-infostealers/...
Jun 05, 2024•27 min
In this episode of ShadowTalk host Corey, along with Gjergji and Brian, discuss the latest news in cyber security and threat research. Topics this week include: Microsoft set to begin the deprecation of VBScript in the second half of 2024 ReliaQuest research into the top three Infostealers Dive into a new crypto miner dubbed 'GhostEngine' ReliaQuest analysis of a BlackSuit ransomware attack Resources: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-n...
May 30, 2024•33 min
In this episode of ShadowTalk, host Chris, along with Director of Threat Research Brandon Tirado, discuss the latest news in cyber security and threat research. Topics this week include: Microsoft mandating multi-factor authentication across Azure ReliaQuest research exploring fileless malware and living against the land (LoTL) techniques Use of deepfakes in social engineering in 2024 Resources: https://www.reliaquest.com/blog/socgholish-fakeupdates/ https://www.reliaquest.com/blog/new-python-so...
May 22, 2024•42 min
In this episode of ShadowTalk, host Chris, along with Ivan and Marken, discuss the latest news in cyber security and threat research. Topics this week include: Recent ransomware attacks on the healthcare sector do not necessarily suggest a change in targeting preferences Black Basta pivot TTPs: New social engineering campaign using mass sign ups to mailing list spam Pain on the adversary, in having multiple controls to slow down an attacker, can greatly improve cyber resilience when combined wit...
May 15, 2024•35 min
In this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest CTO Joe Partlow and Chief Scientist Brian P. Murphy LIVE on the RSAC show floor in San Francisco, CA to discuss all things AI and automation.
May 09, 2024•27 min
In this episode of ShadowTalk, host Chris, along with Brian and Corey, discuss their career paths, as well as offering tips for individuals aiming to gain employment within cybersecurity. The importance of tact and developing both soft and hard skills Working around personnel constraints Picking the right vendors to compliment your security model Recommendations for advancing your own career
May 01, 2024•39 min
In this episode of ShadowTalk, host Chris, along Kim and one of ReliaQuest's CISO's Rick, discuss the latest news in cyber security and threat research. Topics this week include: APT28 Exploit 6 year old CISCO vulnerability ReliaQuest research on Iran/Israel Tensions Ransomware Rebrands Apple notify users impacted by Spyware Resources: https://www.reliaquest.com/blog/cyber-threats-linked-to-iran-israel-conflict/...
Apr 25, 2024•38 min
In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. This weeks topics include: Palo Alto Critical Vulnerability under active exploitation ReliaQuest research on VPN attack surface management Optum Healthcare data breached by RansomHub group
Apr 17, 2024•45 min
In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include: Health sector Cybersecurity Coordination Center (HC3) issues alert warning regarding attackers using social engineering to target IT helpdesk's across the health sector ReliaQuest releases it's findings from it's Q1 Phishing report How improper permissions can lead to problems with new Microsoft Copilot AI Resources: https://www.reliaqu...
Apr 10, 2024•41 min
In this episode of ShadowTalk, host Kim, along with Brian, discuss the latest news in cyber security and threat research. Topics this week include: Sophisticated backdoor identified in XZ Utils Our Spotlight report on SEO poisoning Impersonation scams cost $1.1 billion in 2023
Apr 03, 2024•26 min
In this episode of ShadowTalk, host Chris, along with ReliaQuest Threat Hunter's Caroline and Corey discuss the latest news in cyber security and threat research. This week's topics include: Issues with Google AI-powered search generative experience recommending scam sites Spain high court judge issues temporary ban on messaging platform 'Telegram' Speculative Execution vulnerabilities found on Apple M Series and Intel Raptor Lake CPU's
Mar 27, 2024•31 min
In this episode of ShadowTalk, host Chris, along with Marken and ReliaQuest CISO Rick, discuss the latest news in cyber security and threat research. This week's topics include: 2021 AT&T breach released for free Magnet Goblin threat group exploiting 1-day vulnerabilities An introduction to ReliaQuest's Annual Threat Report (ATR)
Mar 20, 2024•36 min
In this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include: TeamCity Server critical vulnerability leaves potential for supply chain risk ReliaQuest research into advanced business email compromise (BEC) detections Microsoft compromised by Midnight Blizzard password spraying attack Resources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-mu...
Mar 13, 2024•39 min
In this episode of ShadowTalk, host Chris, along with Fearghal and Kim, discuss the latest news in cyber security and threat research. Topics include: An overview of the critical severity vulnerabilities affecting ConnectWise, patch now! ReliaQuest research into Browser Credential Dumping attacks The latest in the world of ransomware Update to National Institute of Standards and Technology (NIST) framework Resources: https://www.reliaquest.com/blog/browser-credential-dumping/...
Mar 06, 2024•23 min
In this episode of ShadowTalk, host Chris, along with Ivan, Caroline, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. This week's topics include: Lockbit return following law enforcement operation Recent Structured Analytical Technique (SAT) exercises ran by ReliaQuest The Optum Breach and what you need to know 'SubdoMailing' malvertising campaign leveraging compromised domains Resources: https://www.reliaquest.com/blog/lockbit-taken-down-what-c...
Feb 28, 2024•35 min
In this episode of ShadowTalk, host Chris, along with Brian, Kim, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. Topics this week include: Lockbit taken down by NCA led operation. Does this spell the end for the ransomware group? ReliaQuest research into abuse of Remote monitoring and management (RMM) tools Insider leaks Chinese government documents on Github Resources: https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/...
Feb 21, 2024•39 min
In this episode of ShadowTalk, host Chris, along with Marken and Corey, discuss the latest news in cyber security and threat research. Topics this week include: ReliaQuest research into changes observed on SocGholish infection chain Update to Volt Typhoon campaign affecting US CNI Furore over reporting on Toothbrush smart devices reportedly used in DDoS attacks Canada bans Flipper Zero consumer hacking device, over car theft concerns Resources: https://www.reliaquest.com/blog/new-python-socgholi...
Feb 14, 2024•45 min
In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest CISO Rick Holland, Director of Threat Research Brandon Tirado and Intelligence Collection Analyst Fearghal Hughes to discuss the latest news in cyber security and threat research. Topics this week include: Breach of Remote Desktop Application 'AnyDesk' results Continued Ivanti vulnerability exploitations The rise of BEC deepfake social engineering attacks ReliaQuest's top priorities for the remainder of Q1 2024 Resources: h...
Feb 07, 2024•48 min
In this episode of ShadowTalk, host Chris, along with James and Ivan, discuss the latest news in cyber security and threat research. Topics this week include: The emergence of Killnet 2.0 Best practices for Baselining Detection Rules Insights from ReliaQuest's Q4 2023 Ransomware blog Resources: https://www.reliaquest.com/blog/q4-2023-ransomware/
Jan 31, 2024•30 min
In this episode of ShadowTalk, host Corey, along with Kim and Caroline, discuss the latest news in cyber security and threat research. Topics this week include: Midnight Blizzard Targeting Microsoft Threat research on Attacker techniques observed from Customer incidents Two new Citrix NetScaler vulnerabilities being exploited in the wild Resources: https://www.reliaquest.com/blog/top-cyber-threat-techniques-q4-2023 https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nat...
Jan 24, 2024•31 min
In this episode of ShadowTalk, host Chris, along with Brian, Gjergji and ReliaQuest CISO Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include: Ivanti Zero-day vulnerabilities under mass exploitation ReliaQuest research into misuse of Valid Accounts Risk posed through emerging Internet of Things (IoT) devices Resources: https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secur...
Jan 17, 2024•40 min
In this episode of ShadowTalk, host Chris, along with Marken and Fearghal, discuss the latest news in cyber security and threat research. Topics this week include: A recap of major developments in 2023: Ransomware, Business Email Compromise, Living off the land (LotL) The influence of Generative AI on cyber threats Lockbit targeting healthcare providers in Germany
Jan 10, 2024•33 min
In this episode of ShadowTalk, host Chris, along with Rick and Kim, discuss the latest news in cyber security and threat research. Topics this week include: ALPHV targeted in law enforcement operation A look back at major events from the previous 12 months Predictions for the cyber threat landscape in 2024 'Expense in depth' and maximising investments Resources: https://www.reliaquest.com/blog/double-extortion-attack-analysis/ https://www.reliaquest.com/blog/alphv-ransomware-site-outage/ https:/...
Dec 20, 2023•48 min
In this episode of ShadowTalk, host Corey Carter, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include: An overview of a ReliaQuest report on a sophisticated incident involving a technique known as Bring Your Own Vulnerable Driver (BYOVD). ALPHV ransomware site outage rumored to be caused by law enforcement. Apps vulnerable to Log4Shell still being exploited by Advanced Persistence Threats. FBI releases ...
Dec 13, 2023•36 min
In this episode of ShadowTalk, host Chris, along with Caroline and James, discuss the latest news in cyber security and threat research. Topics this week include: Ransomware groups increasingly targeting ESXi Cyber Threats to the Airline industry Incidents affecting CNI in the US, UK, and Israel Resources: https://www.gov.uk/government/news/response-to-a-news-report-on-cyber-security-at-sellafield https://www.cshub.com/attacks/news/lockbit-hackers-publish-43gb-of-stolen-boeing-data-following-cyb...
Dec 06, 2023•30 min
In this episode of ShadowTalk, host Corey, along with Rick, Marken, and James, discuss the latest news in cyber security and threat research. Topics this week include: An overview of ReliaQuest's latest report covering EDR Pitfalls and Best Practices. Latest updates to Okta's Support Case Management System intrusion that occurred in October. Discussion on guidelines released for secure AI system development by CISA and UK NCSC. Infostealers making headlines after allegedly being able to restore ...
Nov 29, 2023•44 min
In this episode of ShadowTalk, host Ivan, along with Brandon and Colin discuss the latest news in cyber security and threat research. Topics this week include: AlphaV filing a complaint with the SEC ReliaQuest case study on the Scattered Spider attack Sandworm hacker group conducts "largest ever" attack on Danish infrastructure Resources: https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/...
Nov 22, 2023•33 min
