In this episode of ShadowTalk, hosts Kim and Chris are joined by guest speaker Eric Knopp, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest research identifies Black Basta TTP changesAmazon seize APT29 domainsTango down: Redline & Meta Infostealers taken down by Dutch policeThe importance of supporting DEI programs in hiring practicesResources:https://www.reliaquest.com/blog/black-basta-social-engineering-technique-microsoft-teams/https://www.reliaquest.com/blog/5-critical-threat-actors-you-need-to-know-about/Eric Knopp: VP Security Operations for one of ReliaQuest’s customers, a large global financial services company. Eric has been in the IT industry for almost 30 years, with the past 11 in IT Security. He also has a passion for diversity, equity and inclusion, co-leading the DEI Committee in London. He also supports the cyber apprenticeship program in the UK.Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes. 

In this episode of ShadowTalk, host Kim is joined by Director of Threat Research Brandon Tirado and Threat Hunter Brian Kelly, to discuss the latest news in cybersecurity and threat research. Topics this week include:Scattered Spider x RansomHub: A New PartnershipUS Authorities Indict Anonymous Sudan LeadersCrypt Ghouls Deploys LockBit on Russian OrganizationsAPT41 Targets Gambling and Gaming Industry in New Financially-Motivated Campaign  Resources:https://www.reliaquest.com/resources/research-reports/five-ways-cyber-attackers-exploit-cloud-environments/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Brandon Tirado: Brandon Tirado is the Director of Threat Research for ReliaQuest. Brandon is a skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical and strategic viewpoints. Brian Kelly: Brian Kelly is an experienced Threat Hunter and Intrusion Response Operator with a deep understanding of adversary tactics, techniques, procedures (TTPs), and motivations. Beginning his career in IT, Brian swiftly transitioned into cybersecurity, where he actively hunts for threats within organizations and responds to ongoing incidents. His expertise in adversary emulation and TTP exploration empowers him to anticipate and counteract malicious activities. Positioned on the front lines, Brian offers invaluable and actionable insights on the current threat landscape for ShadowTalk.

In this episode of ShadowTalk, host Chris and Kim are joined by Detection researcher Corey Carter, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest reporting on ransomware activity in Q3 2024OpenAI confirm malicious use of ChatGPTRussian APT29 mass exploiting known vulnerabilitiesCISCO data reportedly breached by IntelBrokerResources:https://media.defense.gov/2024/Oct/09/2003562611/-1/-1/0/CSA-UPDATE-ON-SVR-CYBER-OPS.PDFhttps://www.reliaquest.com/blog/q3-2024-ransomware/Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes. Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Corey Carter: Corey Carter is a Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with his military background, equips him with a unique perspective on cybersecurity challenges. 

In this episode of ShadowTalk, host Chris and Kim are joined by detection researcher, Marken, to discuss the latest news in cybersecurity and threat research. Topics this week include:Cyber Threats Facing the Health Care and Social Assistance SectorSalt Typhoon Compromises US-based Telecoms Companies Microsoft and US DoJ Takedown Star Blizzard InfrastructureGorilla Botnet Conducts Large-Scale DDoS CampaignResources:https://www.reliaquest.com/blog/threats-health-care-social-assistance-landscape/

In this episode of ShadowTalk, host Chris and Kim are joined by guest Samantha Billy, AON U.S Broking Growth Leader, to discuss the latest news in cybersecurity and threat research. Topics this week include:The Critical Role of Cyber Insurance in Mitigating Cyber RiskEmbargo Ransomware Targeting CloudIranian Threat Actors Conducting Influence Ops Against US ElectionsNational Crime Agency Tease Lockbit UpdateResources:https://www.reliaquest.com/blog/2024-us-election-top-cyber-threats-organizational-impacts/

In this episode of ShadowTalk, host Chris and Kim, along with Threat Hunter Brian, discuss the latest news in cybersecurity and threat research. Topics this week include:Telegram Pivot 180: Agree to Share IP and Phone Data on Legal RequestsKaspersky Auto-Replace Software with UltraAV AntivirusDell Investigate Two Data BreachesReliaQuest Data Exfiltration Case Study

In this episode of ShadowTalk, host Chris, along with Corey and Anna, discuss the latest news in cyber security and threat research. Topics this week include:Threat actors express difficulty in retrieving stolen Fortinet dataAmadey malware's novel approach: Users locked in Kiosk Mode Aftermath of incident affecting Transport for London (TFL)ReliaQuest Response to Insider Threat CasesResources:https://www.reliaquest.com/blog/common-infostealers/

In this episode of ShadowTalk, host Chris Morgan, along with Marken Teder, discuss the latest news in cyber security and threat research. Topics this week include:Russia's Military Intelligence target CNI, identified using "Non-Lethal Acoustic Weapons" New Sextortion scam targets spousesPrivacy concerns with smart automobilesReliaQuest research into "Inc Ransom" Data Extortion Attack Resources:https://www.reliaquest.com/blog/inc-ransom-attack-analysis/ 

In this episode of ShadowTalk, hosts Chris and Kim, along with guest CISO Rob F, discuss the latest news in cyber security and threat research. Topics this week include:City of Columbus Ohio sue security researcher following ransomware breachDutch Data Protection Authority fine AI/Facial recognition companyBuilding security teams and improving your cyber maturityReliaQuest research into top attacker techniquesResources:https://www.reliaquest.com/blog/top-cyber-attacker-techniques/ 

In this episode of ShadowTalk, hosts Chris and Kim, along with Director of Threat Research Brandon Tirado and Threat Intelligence Analyst Anna, discuss the latest news in cyber security and threat research.Telegram CEO arrested in France over alleged criminal use of the platform Return of Volt Typhoon: China APT exploiting Versa high-severity bug Cybercriminals discuss exploiting physical security gaps to target SMEs

In this episode of ShadowTalk, host Kim, along with Corey and Gjergji, discusses the latest news in cyber security and threat research. Topics this week include:Data breach at NPD affecting millions resulted from exposed credentialsIran-linked APT groups abuse OpenAI to create US-election propagandaReliaQuest Research: Service Account AbuseResources:https://www.reliaquest.com/blog/exploring-impacket-abuse/https://www.reliaquest.com/blog/service-account-abuse/

In this episode of ShadowTalk, host Kim, along with Marken and Brian, discusses the latest news in cyber security and threat research. Topics this week include:Unusual Espionage: China-linked threat groups target Russian government, IT organizationsVicious Vulnerabilities: New vulnerability in all Windows systems with IPv6, Sonos Speaker flaws allow eavesdroppingReliaQuest Research: Data Exfiltration Tools and Malware LoadersResources:https://www.reliaquest.com/blog/exfiltration-toolshttps://www.reliaquest.com/blog/common-malware-loaders

In this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest Lead Threat Hunter Colin Ferris LIVE on the BlackHat show floor in Las Vegas to discuss:Takeaways from BlackHat CISO SummitReliaQuest presentation on Remote Monitoring & Management (RMM) toolsThings to look forward to at DEF CON 32

In this episode of ShadowTalk, hosts Chris and Kim, along with Ivan Righi, discuss the latest news in cyber security and threat research. Topics this week include:Rise of the Deepfakes: Threat actors target Ferrari, Fake North Korean IT worker fake's job interviewDevelopments in ransomware: Stormous v3, VSXI, Black Basta develop custom malwareReliaQuest Research: Beyond the Endpoint: Threats Bypassing your Endpoint Detection and Response (EDR) solutionsResources:https://www.reliaquest.com/blog/beyond-the-endpoint-cyber-threats-eluding-endpoint-detection/https://arstechnica.com/tech-policy/2024/07/us-security-firm-unwittingly-hired-apparent-nation-state-hacker-from-north-korea/https://www.drive.com.au/news/ferrari-ceo-impersonated-ai-deepfake-scam/

In this episode of ShadowTalk, hosts Chris and Kim, along with ReliaQuest CISO Rick Holland, and Detection Researcher Corey Carter, discuss the latest news in cyber security and threat research. Topics this week include:CrowdStrike Global IT Outage breaks records in impacting 8.5 million devices (1:22)The importance of accountability and trust when working with third party vendorsReliaQuest research into threats facing Financial & Insurance (18:46)Resources:https://www.reliaquest.com/blog/crowdstrike-outage-script-phishing-and-social-engineering-attacks/

In this episode of ShadowTalk, hosts Chris and Kim, along with guest CISO Craig McEwen, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest Research: Ransomware in Q2 2024Weekly roundup: Threat actors weaponizing exploits within 22 minutes, Disney/AT&T breachesLinking security strategy to expenditureSupporting cyber apprenticeships and investing in peopleResources:https://www.reliaquest.com/blog/q2-2024-ransomware/https://app.galabid.com/shawburyproms/items

In this episode of ShadowTalk, hosts Chris and Kim, along with Brian, discuss the latest news in cyber security and threat research.The influence of Generative Artificial Intelligence (GenAI) on cybercrimeTango down: Law enforcement takedown over 600 Cobalt Strike serversRecord breaking DDoS attack disclosed by researchersRockyou2024: 9.9 Billion stolen passwords posted onto BreachForumsResource: AI-powered Cybercrime Report

In this episode of ShadowTalk, hosts Chris and Kim, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:TeamViewer compromised by APT29 in supply chain attackMOVEit in the headlines again, critical severity vulnerability disclosedPopular Content Delivery Network (CDN) providers compromised in supply chain attacksReliaQuest research in a case study attributed to the Medusa ransomware groupResources: https://www.reliaquest.com/blog/medusa-attack-analysis/

In this episode of ShadowTalk, hosts Chris and Kim, along with Ivan and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include:Lockbit claim breach of the US Federal Reserve, but are they telling the truth? ReliaQuest research into misuse of Protocol TunnelingFallout from the US Ban of KasperskyResources:https://www.reliaquest.com/blog/protocol-tunneling-tools-and-techniques/#:~:text=Protocol%20tunneling%20is%20a%20technique%20used%20to%20encapsulate,be%20transmitted%20through%20a%20secure%20or%20otherwise-allowed%20protocol.

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:Scattered Spider leader reportedly arrested, as group pivot to target SaaS solutionsReliaQuest research into supply chain compromise. Detections to improve your resilienceClassifying insider threats and the difficulties of proving intentResources:https://www.reliaquest.com/blog/what-is-scattered-spider/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/https://www.reliaquest.com/blog/software-supply-chain-risk-management/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/

In this Special Guest Episode of ShadowTalk, host Chris and one of ReliaQuest's CISOs Rick Holland are joined by University of Kansas Health System (UKHS) CISO Michael Meis to discuss the latest news in cyber security and threat research. Topics this week include:Significant threats facing healthcare: Ransomware, accidental insidersThe influence of COVID on ransomware activityThe immediate and long term impact of the Optum breachThe importance of understanding your revenue cycle to weather the storm of a breachMethods of maintaining engagement and retaining staffAI and automation: Improving timeliness and efficiency of incident response

In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest Chief Strategy Officer Jason Pfeiffer LIVE on the InfoSec Europe show floor in London, UK to discuss:How InfoSec stacks up against the US cyber conferencesSnowflake data breach affecting TicketMaster and othersCybercriminal reflections on generative AIResources:https://www.reliaquest.com/blog/common-infostealers/

In this episode of ShadowTalk host Corey, along with Gjergji and Brian, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft set to begin the deprecation of VBScript in the second half of 2024 ReliaQuest research into the top three Infostealers Dive into a new crypto miner dubbed 'GhostEngine' ReliaQuest analysis of a BlackSuit ransomware attack Resources:https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-next-steps/ba-p/4148301https://www.reliaquest.com/blog/common-infostealers/https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine https://www.reliaquest.com/blog/blacksuit-attack-analysis/ 

In this episode of ShadowTalk, host Chris, along with Director of Threat Research Brandon Tirado, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft mandating multi-factor authentication across AzureReliaQuest research exploring fileless malware and living against the land (LoTL) techniques Use of deepfakes in social engineering in 2024Resources:https://www.reliaquest.com/blog/socgholish-fakeupdates/https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/living-off-the-land-fileless-malware/ 

In this episode of ShadowTalk, host Chris, along with Ivan and Marken, discuss the latest news in cyber security and threat research. Topics this week include:Recent ransomware attacks on the healthcare sector do not necessarily suggest a change in targeting preferencesBlack Basta pivot TTPs: New social engineering campaign using mass sign ups to mailing list spamPain on the adversary, in having multiple controls to slow down an attacker, can greatly improve cyber resilience when combined with network visibility Initial access brokers (IAB) continuing to play a crucial role in facilitating cybercrimeResources:https://www.reliaquest.com/blog/q1-2024-attacker-trends/

In this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest CTO Joe Partlow and Chief Scientist Brian P. Murphy LIVE on the RSAC show floor in San Francisco, CA to discuss all things AI and automation.

In this episode of ShadowTalk, host Chris, along with Brian and Corey, discuss their career paths, as well as offering tips for individuals aiming to gain employment within cybersecurity.The importance of tact and developing both soft and hard skillsWorking around personnel constraints  Picking the right vendors to compliment your security modelRecommendations for advancing your own career

In this episode of ShadowTalk, host Chris, along Kim and one of ReliaQuest's CISO's Rick, discuss the latest news in cyber security and threat research. Topics this week include:APT28 Exploit 6 year old CISCO vulnerabilityReliaQuest research on Iran/Israel TensionsRansomware RebrandsApple notify users impacted by SpywareResources:https://www.reliaquest.com/blog/cyber-threats-linked-to-iran-israel-conflict/

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. This weeks topics include:Palo Alto Critical Vulnerability under active exploitation ReliaQuest research on VPN attack surface managementOptum Healthcare data breached by RansomHub group

In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:Health sector Cybersecurity Coordination Center (HC3) issues alert warning regarding attackers using social engineering to target IT helpdesk's across the health sectorReliaQuest releases it's findings from it's Q1 Phishing reportHow improper permissions can lead to problems with new Microsoft Copilot AIResources:https://www.reliaquest.com/blog/health-care-social-engineering-campaign/https://www.reliaquest.com/blog/phishing-tactics-and-trends-2024/

In this episode of ShadowTalk, host Kim, along with Brian, discuss the latest news in cyber security and threat research. Topics this week include:Sophisticated backdoor identified in XZ UtilsOur Spotlight report on SEO poisoningImpersonation scams cost $1.1 billion in 2023

In this episode of ShadowTalk, host Chris, along with ReliaQuest Threat Hunter's Caroline and Corey discuss the latest news in cyber security and threat research. This week's topics include:Issues with Google AI-powered search generative experience recommending scam sitesSpain high court judge issues temporary ban on messaging platform 'Telegram'Speculative Execution vulnerabilities found on Apple M Series and Intel Raptor Lake CPU's

In this episode of ShadowTalk, host Chris, along with Marken and ReliaQuest CISO Rick, discuss the latest news in cyber security and threat research. This week's topics include:2021 AT&T breach released for free Magnet Goblin threat group exploiting 1-day vulnerabilitiesAn introduction to ReliaQuest's Annual Threat Report (ATR)

In this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:TeamCity Server critical vulnerability leaves potential for supply chain riskReliaQuest research into advanced business email compromise (BEC) detectionsMicrosoft compromised by Midnight Blizzard password spraying attackResources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://blog.jetbrains.com/teamcity/2024/03/our-approach-addressing-recently-discovered-vulnerabilities-in-teamcity-on-premises/ https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://www.reliaquest.com/blog/business-email-compromise-detection/

In this episode of ShadowTalk, host Chris, along with Fearghal and Kim, discuss the latest news in cyber security and threat research. Topics include:An overview of the critical severity vulnerabilities affecting ConnectWise, patch now!ReliaQuest research into Browser Credential Dumping attacksThe latest in the world of ransomwareUpdate to National Institute of Standards and Technology (NIST) frameworkResources:https://www.reliaquest.com/blog/browser-credential-dumping/ 

In this episode of ShadowTalk, host Chris, along with Ivan, Caroline, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. This week's topics include:Lockbit return following law enforcement operationRecent Structured Analytical Technique (SAT) exercises ran by ReliaQuestThe Optum Breach and what you need to know'SubdoMailing' malvertising campaign leveraging compromised domainsResources:https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/

In this episode of ShadowTalk, host Chris, along with Brian, Kim, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. Topics this week include:Lockbit taken down by NCA led operation. Does this spell the end for the ransomware group?ReliaQuest research into abuse of Remote monitoring and management (RMM) toolsInsider leaks Chinese government documents on GithubResources:https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/

In this episode of ShadowTalk, host Chris, along with Marken and Corey, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest research into changes observed on SocGholish infection chainUpdate to Volt Typhoon campaign affecting US CNIFurore over reporting on Toothbrush smart devices reportedly used in DDoS attacksCanada bans Flipper Zero consumer hacking device, over car theft concerns Resources:https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/socgholish-fakeupdates/

In this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest CISO Rick Holland, Director of Threat Research Brandon Tirado and Intelligence Collection Analyst Fearghal Hughes to discuss the latest news in cyber security and threat research. Topics this week include:Breach of Remote Desktop Application 'AnyDesk' resultsContinued Ivanti vulnerability exploitationsThe rise of BEC deepfake social engineering attacksReliaQuest's top priorities for the remainder of Q1 2024Resources:https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&eventid=4448957&sessionid=1&key=3FBF0E608FF3216DD9F1526D92EE5CCE&groupId=5180806&partnerref=website&sourcepage=registerhttps://event.on24.com/wcc/r/4387339/A63BC17298406ECD68AABFFEF416702B?partnerref=organic

In this episode of ShadowTalk, host Chris, along with James and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:The emergence of Killnet 2.0 Best practices for Baselining Detection RulesInsights from ReliaQuest's Q4 2023 Ransomware blogResources:https://www.reliaquest.com/blog/q4-2023-ransomware/

In this episode of ShadowTalk, host Corey, along with Kim and Caroline, discuss the latest news in cyber security and threat research. Topics this week include: Midnight Blizzard Targeting Microsoft Threat research on Attacker techniques observed from Customer incidents Two new Citrix NetScaler vulnerabilities being exploited in the wildResources:https://www.reliaquest.com/blog/top-cyber-threat-techniques-q4-2023https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/ https://www.theregister.com/2024/01/18/citrix_netscaler_bugs_attacked/

In this episode of ShadowTalk, host Chris, along with Brian, Gjergji and ReliaQuest CISO Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:Ivanti Zero-day vulnerabilities under mass exploitationReliaQuest research into misuse of Valid Accounts Risk posed through emerging Internet of Things (IoT) devicesResources:https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US 

In this episode of ShadowTalk, host Chris, along with Marken and Fearghal, discuss the latest news in cyber security and threat research.  Topics this week include:A recap of major developments in 2023: Ransomware, Business Email Compromise, Living off the land (LotL)The influence of Generative AI on cyber threatsLockbit targeting healthcare providers in Germany

In this episode of ShadowTalk, host Chris, along with Rick and Kim, discuss the latest news in cyber security and threat research.  Topics this week include:ALPHV targeted in law enforcement operationA look back at major events from the previous 12 monthsPredictions for the cyber threat landscape in 2024'Expense in depth' and maximising investmentsResources:https://www.reliaquest.com/blog/double-extortion-attack-analysis/https://www.reliaquest.com/blog/alphv-ransomware-site-outage/ https://www.justice.gov/media/1329536/dl?inline=&utm_medium=email&utm_source=govdelivery

In this episode of ShadowTalk, host Corey Carter, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research.  Topics this week include:An overview of a ReliaQuest report on a sophisticated incident involving a technique known as Bring Your Own Vulnerable Driver (BYOVD).ALPHV ransomware site outage rumored to be caused by law enforcement.Apps vulnerable to Log4Shell still being exploited by Advanced Persistence Threats.FBI releases policy notice that informs cyber victims how they can request to delay public disclosures to the Securities and Exchange Commission.Resources:https://www.sonatype.com/resources/log4j-vulnerability-resource-centerhttps://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram/https://www.reliaquest.com/blog/alphv-ransomware-site-outage/https://www.fbi.gov/file-repository/fbi-policy-notice-120623.pdf/viewhttps://www.kovrr.com/blog-post/cybersecurity-legal-and-financial-experts-share-their-reactions-to-the-secs-latest-cyber-disclosure-regulations

In this episode of ShadowTalk, host Chris, along with Caroline and James, discuss the latest news in cyber security and threat research. Topics this week include:Ransomware groups increasingly targeting ESXiCyber Threats to the Airline industryIncidents affecting CNI in the US, UK, and IsraelResources:https://www.gov.uk/government/news/response-to-a-news-report-on-cyber-security-at-sellafieldhttps://www.cshub.com/attacks/news/lockbit-hackers-publish-43gb-of-stolen-boeing-data-following-cyber-attackhttps://www.theregister.com/2023/11/29/water_authority_ciso_iran/https://www.bleepingcomputer.com/news/security/linux-version-of-qilin-ransomware-focuses-on-vmware-esxi/

In this episode of ShadowTalk, host Corey, along with Rick, Marken, and James, discuss the latest news in cyber security and threat research.  Topics this week include:An overview of ReliaQuest's latest report covering EDR Pitfalls and Best Practices.Latest updates to Okta's Support Case Management System intrusion that occurred in October.Discussion on guidelines released for secure AI system development by CISA and UK NCSC.Infostealers making headlines after allegedly being able to restore expired Google cookies. Resources:Okta's Support Case Management System Intrusion Update-https://sec.okta.com/harfilesProactive Defense: Positioning your IR Team for Success webinar-https://event.on24.com/wcc/r/4388361/F9C6D55AEEB34F33683F29973F48D174?partnerref=shadowtalk CISA and UK NCSC Joint Guidelines-https://www.cisa.gov/news-events/alerts/2023/11/26/cisa-and-uk-ncsc-unveil-joint-guidelines-secure-ai-system-development Scattered Spider Blog-https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/

In this episode of ShadowTalk, host Ivan, along with Brandon and Colin discuss the latest news in cyber security and threat research. Topics this week include:AlphaV filing a complaint with the SECReliaQuest case study on the Scattered Spider attackSandworm hacker group conducts "largest ever" attack on Danish infrastructureResources:https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/