ShadowTalk by Digital Shadows

This week's ShadowTalk podcast covers the latest developments and implications of the Russian-Urkaine War. Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-24-feb ***Resources from this week's podcast*** Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

This week's ShadowTalk podcast covers the latest in the Trickbot/Conti Sanctions, OneNote Documents, NATO DDoS Attacks. Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-17-feb ***Resources from this week's podcast*** Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

This week's ShadowTalk podcast covers the latest in the VMware ESXI Ransomware campaign, Killnet, SocGholish, and morel Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-feb ***Resources from this week's podcast*** Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

This week's ShadowTalk podcast covers the latest in the Hive ransomware takedown and dark web cybercriminal forum. Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-3-feb ***Resources from this week's podcast*** Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

This week's ShadowTalk podcast covers the drop in Ransomware profits, DDoS activity spikes against Russian ISP, and Microsoft implementing security changes following a months-long investigation. Get this week's intelligence summary at: resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-27-jan Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

Looking Back, Moving Forward. As 2023 gets into full swing, listen to our recap of 2022 including trends in cybercrime, espionage, hacktivism, and more. Plus, global industry forecasting for 2023. Get this week's intelligence summary at: resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-20-jan Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan give you the latest in threat intelligence. This week they cover: -Russian APT Turla -Chat GPT -Ransomware Group Lorenz TTP Changes Get this week's intelligence summary at: resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-13-jan Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

The first ShadowTalk Podcast of the New Year is here. Join host Chris for the latest happenings in threat intelligence and cyber security. Get this week's intelligence summary at: resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-6-jan Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Ivan give you the latest in threat intelligence. This week they cover: -Recent Vulnerabilities -Clop Ransomware -New Year's Resolutions Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-16-dec ***Resources from this week's podcast*** Payment Declined: Carding Cyber Criminals Fears for Their Future https://www.reliaquest.com/blog/web-carding-future/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Rick and Danny give you the latest in threat intelligence. This week they cover: -Russian and Ukraine Roundup -Lazarus Group Cryptocurrency Activity -Apple's Right to Repair Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-9-dec ***Resources from this week's podcast*** Vulnerability Intelligence Roundup: Five lessons learned since Log4Shell https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-five-lessons-learned-since-log4shell/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Rick, Ivan and Dean give you the latest in threat intelligence. This week they cover: -Sandworm deploying ransomware targeting Ukraine -Oracle RCE vulnerability actively exploited -300th Episode & Look forward ***Resources from this week's podcast*** Vulnerability Intelligence Roundup: Five lessons learned since Log4Shell https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-five-lessons-learned-since-log4shell/ Vice Society CISA advisory https://www.cisa.gov/uscert/ncas/alerts/aa22-249a Five ways security leaders can prepare for economic uncertainty by Rick https://www.scmagazine.com/perspective/strategy/five-ways-security-leaders-can-prepare-for-economic-uncertainty SANS CTI Summit https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2023/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Dani and Kim give you the latest in threat intelligence. This week they cover: -LockBit Arrest -Big Tech Layoffs -Black Friday Vulnerability Risks ***Resources from this week's podcast*** Black Friday Webinar https://www.reliaquest.com/resource/webinar/soc-talk-keeping-black-friday-cyber-threats-at-bay/?utm_source=Digital+Shadows&utm_medium=On-Demand+Webinar Keeping One Step Ahead of Black Friday Cyber Threats https://www.digitalshadows.com/blog-and-research/keeping-one-step-ahead-of-black-friday-cyber-threats/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Ivan, Rick and Andrew give you the latest in threat intelligence. This week they cover: -APT29 Windows Credential Roaming -Russian Hacktivists Targeting Ukraine with New Somnia Ransomware -LockBit Using Amadey Bot Malware, LockBit Affiliate Arrested Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-18-nov ***Resources from this week's podcast*** Cyber Threats to the FIFA World Cup Qatar 2022 https://www.digitalshadows.com/blog-and-research/cyber-threats-to-the-fifa-world-cup-qatar-2022/ Keeping One Step Ahead of Black Friday Cyber Threats https://www.digitalshadows.com/blog-and-research/keeping-one-step-ahead-of-black-friday-cyber-threats/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Kim gives you the latest in threat intelligence. This week they cover: -British Government Scanning UK Devices -Twitter's Verification Process -Latest Emotet Return Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-11-nov ***Resources from this week's podcast*** Cyber Threats to the FIFA World Cup Qatar 2022 https://www.digitalshadows.com/blog-and-research/cyber-threats-to-the-fifa-world-cup-qatar-2022/ Dark Web Recruitment: Malware, Phishing and Carding https://www.digitalshadows.com/blog-and-research/dark-web-recruitment-malware-phishing-and-carding/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Ivan give you the latest in threat intelligence. This week they cover: -APT10 leveraging antivirus to deploy LODEINFO malware -New Azov data wiper attempting to frame security researchers -New Emotet malicious spam campaign Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-04-nov ***Resources from this week's podcast*** Q3 2022 Vulnerability Roundup https://www.digitalshadows.com/blog-and-research/q3-2022-vulnerability-roundup/ 2023 Cyber Threat Predictions https://www.digitalshadows.com/blog-and-research/2023-cyber-threat-predictions/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

Weekly: Ukraine Activity Roundup, Vice Society Targeting Schools, Iranian Hacktivism ShadowTalk host Chris alongside guests Stefano give you the latest in threat intelligence. This week they cover: -Ukraine Activity Roundup -Vice Society Targeting Schools -Iranian Hacktivism Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-28-oct ***Resources from this week's podcast*** Q3 2022 Vulnerability Roundup https://www.digitalshadows.com/blog-and-research/q3-2022-vulnerability-roundup/ Have your Forgotten About Phishing?Ransomware in Q3 2022 https://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-2022-have-you-forgotten-about-phishing/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Rick and Ivan give you the latest in threat intelligence. This week they cover: -REvil connection to Ransom Cartel -Cryptocurrency hacks in Japan by Lazarus -Toyota T-Connect Attack Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-21-october ***Resources from this week's podcast*** Ransomware in Q3 2022 https://www.digitalshadows.com/blog-and-research/ransomware-in-q3-2022/ Alternative Future Analysis: Pro-Russian Hacktivism https://www.digitalshadows.com/blog-and-research/alternative-future-analysis-pro-russian-hacktivism/ Special: Geoff White and the Lazarus Heist https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/special-geoff-white-and-the-lazarus-heist Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Kim give you the latest in threat intelligence. This week they cover: -Recent DDoS attacks on US Airports -A Deep Dive Into Information Stealers Get this week's intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-14-oct

ShadowTalk host and Digital Shadows CISO Rick Holland alongside Michael Farnum Chief Technology Officer at Set Solutions and Greg Porterfield, Senior Security Consultant at Set Solutions give you the latest in threat intelligence. This episode they cover: -How Defenders Should Respond to The Uber Breach -2023 planning For more information about Set Solutions, check out their podcast: https://www.setsolutions.com/category/podcast/ Also, make sure you've looked at the details and have registered for Hou.Sec.Con 2022: https://web.cvent.com/event/0ac8a54d-fbe9-4a16-8510-49dcf538389f/summary

ShadowTalk host Nicole alongside guests Stefano and Ivan give you the latest in threat intelligence. This week they cover: -Potential first use of LockBit Builder leak -Ransomware Groups Destroying vs. Encrypting Data -Increase in Domain ShadowingLockBit Builder leak Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/20220930-dsweeklyintsum ***Resources from this week's podcast*** Who's Next In Lapsus$' Crosshairs? https://www.digitalshadows.com/blog-and-research/whos-next-in-lapsus-crosshairs/ Dark Web Recruitment: How Ransomware Groups Hire Cybercriminal Talent https://www.digitalshadows.com/blog-and-research/dark-web-recruitment-how-ransomware-groups-hire-cybercriminal-talent/ Guide to Domain Shadowing Detection https://ieeexplore.ieee.org/document/9148945

ShadowTalk host Nicole alongside Stefano give you the latest in threat intelligence. This week they cover: -LockBit Builder leak, -Lapsus$ breaches Rockstar Games and Uber, -Emotet pushes Quantum and Alphv ransomware Get this week's intelligence summary at: resources.digitalshadows.com/weekly-int…ry-23-sept

ShadowTalk host Chris alongside Danny give you the latest in threat intelligence. This week they cover: -Intermittent Encryption Tactics, -Geopolitical Developments in Cyber Crime Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-16-sept ***Resources from this week's podcast*** There's No Honor Among Thieves: Carding Forum Staff Defraud Users In An ESCROW Scam https://www.digitalshadows.com/blog-and-research/theres-no-honor-among-thieves-carding-forum-staff-defraud-users-in-an-escrow-scam/ Ransomware Franchising: How Do Groups Get Started https://www.digitalshadows.com/blog-and-research/ransomware-franchising-how-do-groups-get-started/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside Ivan and Chris give you the latest in threat intelligence. This week they cover: -Increase in hacktivism since the Russian invasion of Ukraine -Threat Actors Targeting the Education Sector -New NTF Trends in Cyber Attacks Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-09-sept ***Resources from this week's podcast*** APT Spotlight Series: APT41 https://www.digitalshadows.com/blog-and-research/apt-spotlight-series-apt41/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Kim and Digital Shadows CISO Rick you the latest in threat intelligence. This week they cover: Details of the August attack on LastPass Coordinated and Precise Infrastructure Attacks in Montenegro Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-02-sept ***Resources from this week's podcast*** “Looking For Pentesters”: How Forum Life Has Conformed To The Ransomware Ban https://www.digitalshadows.com/blog-and-research/looking-for-pentesters-how-forum-life-has-conformed-to-the-ransomware-ban/ “I'm Tired Of Living In Poverty” – Russian-Speaking Cyber Criminals Feeling The Economic Pinch https://www.digitalshadows.com/blog-and-research/im-tired-of-living-in-poverty-russian-speaking-cyber-criminals-feeling-the-economic-pinch/

ShadowTalk host Chris alongside Kim and Ivan bring you the latest in threat intelligence. This week they cover: - Lloyd's of London Ltd. confirms policies state what they will and won't cover - The LockBit sites have been shut down due to a DDoS attack - Charming Kitten uses a new tool to gather targeted email accounts Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-26-aug ***Resources from this week's podcast*** Vulnerability Intelligence RoundUp: Cloudy With A Chance Of Zero Days https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-cloudy-with-a-chance-of-zero-days/ What We're Reading This Month: August 2022 https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-august-2022/

ShadowTalk host Nicole alongside CISO Rick Holland bring you the latest in threat intelligence. This week they cover: - BlackHat and Defcon recap - Microsoft's Patch Tuesday - North Korea fake Coinbase jobs Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-19-aug ***Resources from this week's podcast*** Stop The Line: Cyber Threats Facing Manufacturing https://www.digitalshadows.com/blog-and-research/stop-the-line-cyber-threats-facing-manufacturing/ Honker Union: Has The Grandfather Of Chinese Hacktivism Returned? https://www.digitalshadows.com/blog-and-research/honker-union-has-the-grandfather-of-chinese-hacktivism-returned/

ShadowTalk host Chris alongside Stefano bring you the latest in threat intelligence. This week they cover: - History of ransomware - Details of the deBridge hack - Thoughts and recommendations for organizations targeted multiple times Get this week's intelligence summary at: ***Resources from this week's podcast*** Tensions Between The PRC And Taiwan: What's Happening? https://www.digitalshadows.com/blog-and-research/tensions-between-the-prc-and-taiwan-whats-happening/ Meet DUMPS Forum: A Pro-Ukraine, Anti-Russia Cybercriminal Forum https://www.digitalshadows.com/blog-and-research/meet-dumps-forum-a-pro-ukraine-anti-russia-cybercriminal-forum/

ShadowTalk host Stefano alongside Chris bring you the latest in threat intelligence. This week they cover: - 911 proxy service ends protection for cybercriminals - ALPHV (aka BlackCat) ransomware claims attack on European gas pipeline - Cyber threat implications from recent news in Taiwan & China Get this week's intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-05-aug ***Resources from this week's podcast*** The Boy Who Cried Ransomware: The Trustworthiness Of Ransomware Groups https://www.digitalshadows.com/blog-and-research/the-boy-who-cried-ransomware-the-trustworthiness-of-ransomware-groups/ ReliaQuest And Digital Shadows – The Next Stage Of The Journey https://www.digitalshadows.com/blog-and-research/reliaquest-and-digital-shadows-the-next-stage-of-the-journey/

ShadowTalk host Nicole alongside Ivan and CISO Rick Holland bring you the latest in threat intelligence. This week they cover: - Entrust suffered a ransomware attack - Ex-Coinbase manager charged in first crypto insider-trading case - Redeemer ransomware builder Get this week's intelligence summary at: ***Resources from this week's podcast*** Holy Ghost's Bargain Basement Approach To Ransomware https://www.digitalshadows.com/blog-and-research/holy-ghosts-bargain-basement-approach-to-ransomware/ July edition of What we are reading this month https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-july-2022/ How To Paint Your Best Cyber Threat Landscape: My Three Top Tips From ENISA's Methodology Report https://www.digitalshadows.com/blog-and-research/how-to-paint-your-best-cyber-threat-landscape-my-three-top-tips-from-enisas-methodology-report/

ShadowTalk host Stefano alongside Chris and Dani bring you the latest in threat intelligence. This week they cover: * HolyGhost6 ransomware operation linked with North Korea * Explanation on how malware is created and distributed * Russia fines Google for failing to delete YouTube videos ***Resources from this week's podcast*** Q2 2022 Vulnerability Roundup https://www.digitalshadows.com/blog-and-research/q2-2022-vulnerability-roundup/ Breach Forums – When Student Becomes The Teacher https://www.digitalshadows.com/blog-and-research/breach-forums-when-student-becomes-the-teacher/ How To Paint Your Best Cyber Threat Landscape: My Three Top Tips From ENISA's Methodology Report https://www.digitalshadows.com/blog-and-research/how-to-paint-your-best-cyber-threat-landscape-my-three-top-tips-from-enisas-methodology-report/ Microsoft links Holy Ghost ransomware operation to North Korean hackers https://www.bleepingcomputer.com/news/security/microsoft-links-holy-ghost-ransomware-operation-to-north-korean-hackers/ Russia fines Google $358 million for not removing banned info https://www.bleepingcomputer.com/news/security/russia-fines-google-358-million-for-not-removing-banned-info/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Nicole, Ivan, and Rick bring you the latest in threat intelligence. This week they cover: * Microsoft Patch Tuesday * Chinese cyber espionage groups target Russia * Hive ransomware group takes LockBit information to upgrade to Rust * IBM Security X-Force finds evidence on TrickBot attacking Ukraine ***Resources from this week's podcast*** Ransomware in Q2 2022: Ransomware is Back in Business https://www.digitalshadows.com/blog-and-research/ransomware-in-q2-2022-ransomware-is-back-in-business/ Offensive Nation-State Cyber Threats: Who Takes The Top Spot? https://www.digitalshadows.com/blog-and-research/offensive-nation-state-cyber-threats-who-takes-the-top-spot/ Chinese Cyber Espionage Groups Increasingly Targeting Russia https://www.infosecurity-magazine.com/news/chinese-cyber-espionage-russia/ Hive Ransomware Upgrades to Rust for More Sophisticated Encryption Method https://thehackernews.com/2022/07/hive-ransomware-upgrades-to-rust-for.html Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine https://securityintelligence.com/posts/trickbot-group-systematically-attacking-ukraine/ Conti ransomware gang takes over TrickBot malware operation https://www.bleepingcomputer.com/news/security/conti-ransomware-gang-takes-over-trickbot-malware-operation/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Dani bring you the latest in threat intelligence. This week they cover: * Roughly 1 billion Chinese citizens' data breached * British Army's Youtube and Twitter accounts hacked and used to promote cryptocurrency scams * HackerOne employee steals bug reports to sell ***Resources from this week's podcast*** What We're Reading This Month: June 2022 https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-june-2022/ Hacker claims to have stolen 1 bln records of Chinese citizens from police https://www.reuters.com/world/china/hacker-claims-have-stolen-1-bln-records-chinese-citizens-police-2022-07-04/ British Army's YouTube and Twitter accounts were hacked to promote crypto scams https://www.theverge.com/2022/7/3/23193668/british-army-youtube-twitter-accounts-hacked-promote-crypto-scam-fraud Rogue HackerOne employee steals bug reports to sell on the side https://www.bleepingcomputer.com/news/security/rogue-hackerone-employee-steals-bug-reports-to-sell-on-the-side/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Stefano and Kim bring you the latest in threat intelligence. This week they cover: * Recent advances in cyber threat intelligence and end-point protection have helped Ukraine * Conti finally shuts down data leak and negotiates with victims * LockBit debuts ransomware bug bounty program ***Resources from this week's podcast*** Market Differentiation: Cybercriminal Forums' Unusual Features Designed To Attract Users https://www.digitalshadows.com/blog-and-research/market-differentiation-cybercriminal-forums-unusual-features-designed-to-attract-users/ NATO Leaders Are Meeting At The Madrid Summit 2022: What Is Going To Happen? https://www.digitalshadows.com/blog-and-research/nato-leaders-are-meeting-at-the-madrid-summit-2022-what-is-going-to-happen/ Defending Ukraine: Early Lessons from the Cyber War https://blogs.microsoft.com/on-the-issues/2022/06/22/defending-ukraine-early-lessons-from-the-cyber-war/ Conti ransomware finally shuts down data leak, negotiation sites https://www.bleepingcomputer.com/news/security/conti-ransomware-finally-shuts-down-data-leak-negotiation-sites/ LockBit 3.0 Debuts With Ransomware Bug Bounty Program https://www.darkreading.com/threat-intelligence/lockbit-3-debut-bug-bounty-program Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Stefano and Kim bring you the latest in threat intelligence. This week they cover: * AlphV breaching victims' data in open source * 'BidenCash' website sells your credit card information for only 15 cents * Account Takeover paper ***Resources from this week's podcast*** POLONIUM: Proxy Warfare And Iran's Cyber Strategy https://www.digitalshadows.com/blog-and-research/polonium-proxy-warfare-and-irans-cyber-strategy/ Vulnerability Intelligence Roundup: Leveraging The OODA Loop For Vulnerability Management https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-leveraging-the-ooda-loop-for-vulnerability-management/ Credential Stuffing: What Is It, Are You At Risk? https://www.digitalshadows.com/blog-and-research/credential-stuffing-what-is-it-are-you-at-risk/ ALPHV/BlackCat ransomware gang starts publishing victims' data on the clear web https://securityaffairs.co/wordpress/132339/malware/blackcat-ransomware-clear-web.html New 'BidenCash' site sells your stolen credit card for just 15 cents https://www.bleepingcomputer.com/news/security/new-bidencash-site-sells-your-stolen-credit-card-for-just-15-cents/ The Anatomy of a Cyberattack https://www.wsj.com/articles/anatomy-cyberattack-11654543046 Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Ivan, Nicole, and Rick bring you the latest in threat intelligence. This week they cover: * Cybersecurity researchers disclosed a new Windows zero-day vulnerability * Conti shuts down affiliate program * Cybercriminals discuss LockBit vs Mandiant ***Resources from this week's podcast*** Weak Credentials Are Fueling A New Generation Of Cyber Threats https://www.digitalshadows.com/blog-and-research/weak-credentials-are-fueling-a-new-generation-of-cyber-threats/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Xue, and Kim bring you the latest in threat intelligence. This week they cover: - LockBit x Mandiant PR stunt - Bohrium targets victims in various geographies Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-jun/ ***Resources from this week's podcast*** Killnet: The Hactivist Group That Started A Global Cyber War: https://www.digitalshadows.com/blog-and-research/killnet-the-hactivist-group-that-started-a-global-cyber-war/ -Ransomware Gangs and PR Stunts: Why LockBit Faked a Ransomware Attack Against Mandiant https://www.digitalshadows.com/blog-and-research/ransomware-gangs-and-pr-stunts-why-lockbit-faked-a-ransomware-attack-against-mandiant/

ShadowTalk host Chris alongside Nicole and special guest Geoff White cover the cybercrime group Lazarus and their impact in cyber security. In this special episode, they discuss: * Geoff's new book 'The Lazarus Heist' * An overview of the Lazarus Group * How North Korea created one of the most sophisticated cyber crime groups in the world **Resources from this special podcast** Find Geoff on Twitter: https://twitter.com/geoffwhite247 Find Geoff on LinkedIn: https://www.linkedin.com/in/geoffwhite247/ Pre-order Geoff's book 'The Lazarus Heist' now: https://www.penguin.co.uk/books/447/447163/the-lazarus-heist/9780241554258.html Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html  Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

Digital Shadows CISO Rick Holland hosts this edition of ShadowTalk. Rick is joined by repeat special guest David Thejl-Clayton, Senior Advisor in Cyber Defense at Combitech. They discuss: - Rick and David's thoughts on the 2022 DBIR report (Full disclosure, they are fanboys) - Research that shows how APT groups primarily go after known vulnerabilities and not 0days - David's experience helping customers create their custom version of the DBIR ***Resources from this week's podcast*** Find David on Twitter: https://twitter.com/DCSecuritydk Find David on LinkedIn: https://www.linkedin.com/in/davidclayton454/ 2022 Data Breach Investigations Report: https://www.verizon.com/business/resources/reports/dbir/ Vocabulary for Event Recording and Information Sharing (VERIS): http://veriscommunity.net/ SANS CTI Summit - VERISIZE your way into CTI: https://www.youtube.com/watch?v=AwMC6INC5TE Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats https://arxiv.org/abs/2205.07759 VSec Community: https://vsec.dk/about/ Checkout the “Roll your own DBIR” Templates on GitHub here: https://github.com/cvpl-fdca/rollyourown-DBIR

ShadowTalk host Chris alongside Ivan, and Nicole bring you the latest in threat intelligence. This week they cover: - Insider Threat Actor at Chinese real estate brokerage is sentenced to 7 years in prison - Microsoft Patch Tuesday mishap - NFT scams Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-20-may-2022 ***Resources from this week's podcast***: Vulnerability Intelligence Round-Up: The Good, The Bad and The Risky: https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-round-up-the-good-the-bad-and-the-risky/ Mustang Panda: https://www.digitalshadows.com/blog-and-research/advanced-persistent-threat-group-feature-mustang-panda/ What we're reading this month: https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-may-2022/ Angry IT Admin Wipes Employers Databases Gets 7 Years in Prison https://www.bleepingcomputer.com/news/security/angry-it-admin-wipes-employer-s-databases-gets-7-years-in-prison/ Microsoft May Patch Tuesday Updates Cause Windows Ad Authentication Errors https://threatpost.com/microsofts-may-patch-tuesday-updates-cause-windows-ad-authentication-errors/179631/ Fake Binance NFT Mystery Box Bots Steal Victims Crypto Wallets https://www.bleepingcomputer.com/news/security/fake-binance-nft-mystery-box-bots-steal-victims-crypto-wallets/

ShadowTalk host Stefano alongside Kim bring you the latest in threat intelligence. This week they cover: * Costa Rica declares state of emergency because of Conti * The European Council formally attributes VIASAT attack to Russia * Five years since the WannaCry incident ***Resources from this week's podcast*** Five Years After The WannaCry Dumpster Fire, Ransomware Remains A Global Threat https://www.digitalshadows.com/blog-and-research/five-years-after-the-wannacry-dumpster-fire-ransomware-remains-a-global-threat/ US offers $15 million reward for info on Conti ransomware gang https://www.bleepingcomputer.com/news/security/us-offers-15-million-reward-for-info-on-conti-ransomware-gang/ Viasat shares details on KA-SAT satellite service cyberattack https://www.bleepingcomputer.com/news/security/viasat-shares-details-on-ka-sat-satellite-service-cyberattack/ Satellite outage knocks out thousands of Enercon's wind turbines https://www.reuters.com/business/energy/satellite-outage-knocks-out-control-enercon-wind-turbines-2022-02-28/ Viasat confirms satellite modems were wiped with AcidRain malware https://www.bleepingcomputer.com/news/security/viasat-confirms-satellite-modems-were-wiped-with-acidrain-malware/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan and Nicole bring you the latest in threat intelligence. This week they cover: * REvil ransomware returns with new malware * Moshen Dragon targeting telecommunication service providers in Central Asia * Russian hackers utilize embassy emails to target governments ***Resources from this week's podcast*** ALPHV: THE FIRST RUST-BASED RANSOMWARE https://www.digitalshadows.com/blog-and-research/alphv-the-first-rust-based-ransomware/ Colonial Pipeline One Year Later: What's Changed? https://www.digitalshadows.com/blog-and-research/colonial-pipeline-one-year-later-whats-changed/ REvil ransomware returns: New malware sample confirms gang is back https://www.bleepingcomputer.com/news/security/revil-ransomware-returns-new-malware-sample-confirms-gang-is-back/ Chinese cyber-espionage group Moshen Dragon targets Asian telcos https://www.bleepingcomputer.com/news/security/chinese-cyber-espionage-group-moshen-dragon-targets-asian-telcos/ Russian hackers compromise embassy emails to target governments https://www.bleepingcomputer.com/news/security/russian-hackers-compromise-embassy-emails-to-target-governments/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Xue, Kim, & Rory bring you the latest in threat intelligence. This week they cover: * Cybercrime group Lapsus$ is back * Cyber activity in the Russia-Ukraine war so far ***Resources from this week's podcast*** The Russia – Ukraine War: Two Months In https://www.digitalshadows.com/blog-and-research/the-russia-ukraine-war-two-months-in/ Opportunity In The Midst Of Chaos: Russian-Speaking Cybercriminals Grapple With Sanctions And Forum Takedowns https://www.digitalshadows.com/blog-and-research/russian-speaking-cybercriminals-grapple-with-sanctions-and-forum-takedowns/ Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code https://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan, Rick, and Nicole bring you the latest in threat intelligence. This week they cover: * Security researchers find connection between Conti and Karakurt * Chernovite's Pipedream malware targets ICS networks * Lazarus hacking group is targeting organizations in the cryptocurrency and blockchain industries ***Resources from this week's podcast*** The Power Of Data Analysis In Threat Intelligence – Part 2: Machine Learning https://www.digitalshadows.com/blog-and-research/the-power-of-data-analysis-in-threat-intelligence-part-2-machine-learning// What We're Reading This Month: April 2022 https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-april-2022/ The Role Of Non-Fungible Tokens (NFTs) In Facilitating Cybercrime https://www.digitalshadows.com/blog-and-research/the-role-of-non-fungible-tokens-in-facilitating-cybercrime/ Karakurt revealed as data extortion arm of Conti cybercrime syndicate https://www.bleepingcomputer.com/news/security/karakurt-revealed-as-data-extortion-arm-of-conti-cybercrime-syndicate/ Dragos estimates that Chernovite's Pipedream malware targets ICS networks https://industrialcyber.co/threats-attacks/dragos-estimates-that-chernovites-pipedream-malware-targets-ics-networks/ US warns of Lazarus hackers using malicious cryptocurrency apps https://www.bleepingcomputer.com/news/security/us-warns-of-lazarus-hackers-using-malicious-cryptocurrency-apps/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Rory bring you the latest in threat intelligence. This week they cover: * 'RaidForums' has been shut down and seized * SandWorm targets electrical substations in Ukraine * The resurgence of hacktivism in the Russia-Ukraine conflict ***Resources from this week's podcast*** Q1 2022 Vulnerability Roundup https://www.digitalshadows.com/blog-and-research/q1-2022-vulnerability-roundup/ Q1 2022 Ransomware Roundup https://www.digitalshadows.com/blog-and-research/q1-2022-ransomware-roundup/ One of the world's biggest hacker forums taken down https://www.europol.europa.eu/media-press/newsroom/news/one-of-world%E2%80%99s-biggest-hacker-forums-taken-down Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover: * Spring4Shell: The Internet security disaster that wasn't * New Borat remote access malware is no laughing matter * FIN7 hackers evolve toolset, work with multiple ransomware gangs ***Resources from this week's podcast*** Intelligence Collection Plans: Preparation Breeds Success https://www.digitalshadows.com/blog-and-research/intelligence-collection-plans-preparation-breeds-success/ Team A Vs Team B: What Is Motivating Lapsus$? https://www.digitalshadows.com/blog-and-research/team-a-vs-team-b-what-is-motivating-lapsus/ Five Things We Learned From The Conti Chat Logs https://www.digitalshadows.com/blog-and-research/five-things-we-learned-from-the-conti-chat-logs/ Explaining Spring4Shell: The Internet security disaster that wasn't https://arstechnica.com/information-technology/2022/04/explaining-spring4shell-the-internet-security-disaster-that-wasnt/ New Borat remote access malware is no laughing matter https://www.bleepingcomputer.com/news/security/new-borat-remote-access-malware-is-no-laughing-matter/ FIN7 hackers evolve toolset, work with multiple ransomware gangs https://www.bleepingcomputer.com/news/security/fin7-hackers-evolve-toolset-work-with-multiple-ransomware-gangs/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Chris and Rick bring you the latest on structured analytical techniques. This episode they cover: *Why they use SATs in their intel team *How they came up with the idea to analyze Lapsus$ *How they chose Team A/Team B and how they prepared it *How the exercise performed *Future research direction ***Resources from this special podcast*** Meet Lapsus$: An Unusual Group In The Cyber Extortion Business 
https://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/ The Okta Breach: What We Know So Far https://www.digitalshadows.com/blog-and-research/the-okta-breach-what-we-know-so-far/ A Tradecraft Primer: Structured Analytic Techniques for Improving Intelligence Analysis https://www.stat.berkeley.edu/~aldous/157/Papers/Tradecraft%20Primer-apr09.pdf Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html  Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

Bem-vindo ao Shadow Talk em Português! Neste episódio, Ivan, Matheus, e Daniel falam sobre: - A história do grupo Lapsus$ e como eles são diferentes - Conexões do Lapsus$ no Brasil - Reações de outros hackers sobre este grupo - Recomendações de como se proteger do Lapsus$ ***Recursos deste podcast*** Meet Lapsus$: An Unusual Group In The Cyber Extortion Business https://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/ Weekly Intelligence Summary 25th Mar https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-25th-mar Assine nosso e-mail de inteligência de ameaças: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html

ShadowTalk host Stefano alongside Kim, Xue, and Rick bring you the latest in threat intelligence. This week they cover a recap of a highly dynamic quarter including: * Log4j complex mitigation and remediation * REvil arrests * Cybercrime and Russia-Ukraine War * Extortion and the emergence of Lapsus$ ***Resources from this week's podcast*** Log4j: What's Happened Since https://www.digitalshadows.com/blog-and-research/log4j-whats-happened-since/ The Log4j Zero-Day: What We Know So Far https://www.digitalshadows.com/blog-and-research/the-log4j-zero-day-what-we-know-so-far/ Meet Lapsus$: An Unusual Group In The Cyber Extortion Business https://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/ How Cybercriminals Are Using Messaging Platforms https://www.digitalshadows.com/blog-and-research/how-cybercriminals-are-using-messaging-platforms/ Ransomware Q4 Overview https://www.digitalshadows.com/blog-and-research/ransomware-q4-overview/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

Bienvenido a ShadowTalk en Español! En este episodio, Stefano y Dani van a discutir: * Lapsus$: Un grupo inusual en el negocio de la extorsión cibernética * Cómo Lapsus$ conducen sus ataques * Ataques de alto perfil y la brecha de Okta *** Si hoy has escuchado algo que te resulte curioso, no olvides consultar el contenido disponible en la sección de archivos adjuntos más abajo *** Los blogs de Digital Shadows en Lapsus$: Meet Lapsus$: An Unusual Group In The Cyber Extortion Business https://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/ The Okta Breach: What We Know So Far https://www.digitalshadows.com/blog-and-research/the-okta-breach-what-we-know-so-far/ Come siempre, si teneis algún comentario sobre este episodio o si queréis saber mas de algún tema, escribenos a shadowtalk@digitalshadows.com y estaremos muy felices para tomar sus preguntas!

ShadowTalk host Chris alongside Kim, Ivan, and Rick bring you the latest in threat intelligence. This week they cover: * Lapsus$ threat group targets several large companies * Russia/Ukraine war shows no sign of slowing down * TransUnion unveils enhanced data breach ***Resources from this week's podcast*** Vulnerability Intelligence Round-Up: Russia-Ukraine War https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-round-up-russia-ukraine-war/ The Okta Breach: What We Know So Far https://www.digitalshadows.com/blog-and-research/the-okta-breach-what-we-know-so-far/ Russia's Second Front: The War On Information https://www.digitalshadows.com/blog-and-research/russias-second-front-the-war-on-information/ Okta hack puts thousands of businesses on high alert https://www.theverge.com/2022/3/22/22990637/okta-breach-single-sign-on-lapsus-hacker-group?utm_campaign=theverge&utm_content=chorus&utm_medium=social&utm_source=twitter Statement by President Biden on our Nation's Cybersecurity https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/statement-by-president-biden-on-our-nations-cybersecurity/ TransUnion Unveils Enhanced Data Breach Support Service in the UK https://newsroom.transunion.co.uk/transunion-unveils-enhanced-data-breach-support-service-in-the-uk/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Austin, Stefano, and Rick bring you the latest on the war between Russia and Ukraine. This episode they cover: * Putin and the Russian military forces * The cybersecurity realm in the midst of war * Continuation and timeline of the ongoing conflict ***Resources from this special podcast*** Statement by President Biden on Our Nation's Cybersecurity https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/statement-by-president-biden-on-our-nations-cybersecurity/ News and Updates Related to the Russian Invasion of Ukraine https://resources.digitalshadows.com/russian-news-and-updates Donate to the Ukraine crisis via Red Cross https://donate.redcross.org.uk/appeal/ukraine-crisis-appeal Digital Forensic Research Lab medium.com/dfrlab