ShadowTalk: Powered by ReliaQuest
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.www.reliaquest.com
Weekly: GootLoader, Intrusion Truth, Volt Typhoon, and Exponent conference debrief
Summary: In this episode of ShadowTalk, host Stefano, along with Kim, Rick, and Dean, discuss the latest news in cyber security and threat research. Topics this week include:An investigation into the GootLoader malwareThe latest operation from hacktivist group Intrusion TruthA cyber espionage campaign conduct by Volt TyphoonRQ Exponent conference debriefSources:https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144ahttps://www.washingtonpost.com/politics/2023/05/15/they-dox-chinese-hackers-now-theyre-back/
Weekly: SocGholish, Cactus Ransomware, Greatness Phishing-as-a-service
In this episode of ShadowTalk, host Chris Morgan , along with Caroline Fenstermacher and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:Revisiting the SocGholish malware distribution framework Getting pricked by the Cactus ransomwareGreatness Phishing-as-a-service Resources:https://www.reliaquest.com/blog/socgholish-fakeupdates/https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.htmlhttps://www.bleepingcomputer.com/news/security/new-greatness-service-simplifies-microsoft-365-phishing-attacks/
Weekly: Snake malware takedown, Kubernetes hunts, and Caffeine Phishing-as-a-Service
Summary: In this episode of ShadowTalk, host Stefano, along with Caroline and Colin, discuss the latest news in cyber security and threat research. Topics this week include:Five Eyes agencies takedown FSB-linked Snake malwareHunting Kubernetes for privilege escalation techniquesInvestigation offers insights into Caffeine PhaaS platformSources:https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129ahttps://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/whitepapers/kubernetes-privilege-escalation-excessive-permissions-in-popular-platformshttps://www.bleepingcomputer.com/news/security/caffeine-service-lets-anyone-launch-microsoft-365-phishing-attacks/
Weekly: ReliaQuest Threat Management, ALPHV, Veeam Vulnerability Exploited
In this episode of ShadowTalk, host Chris Morgan is joined by Corey Carter and Ivan Righi to discuss:A day in the life of a Threat Engineer at ReliaQuestALPHV leaking internal comm's related to victims incident responseHigh Severity vulnerability affecting Veeam back servers exploited in the wild (CVE-2023-27532)
Weekly: RQ Ransomware Report, 3CX Update, Russia-Ukraine Cyber Operations, and Cybercriminal Ecosystems
In this episode of ShadowTalk, host Stefano, along with Kim, Ivan, and Brandon, discuss the latest news in cyber security and threat research. Topics this week include:Highlights from the ReliaQuest Ransomware Quarterly Report Q1 2023A supply-chain of a supply-chain: 3CX UpdateAnalysis of Russia-Ukraine cyber operationsA look into recent shifts in the cybercriminal ecosystemResources:https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/https://www.ncsc.gov.uk/news/new-analysis-eccri-highlights-ukraine-defence-against-russian-offensivehttps://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise
Special: RSA Conference 2023
In this episode, host and CISO Rick Holland is joined by ReliaQuest's Chief Technical Officer Joe Partlow and Chief Strategy Officer Jason Pfeiffer to discuss cyber trends they're seeing across RSA Conference 2023, the benefits of such an event, AI in cyber and more.
Weekly: Vulnerability Quarterly Roundup, Domino Backdoor, Lockbit Targeting MacOS
In this episode of ShadowTalk, host Chris Morgan, along with Dani and Dean Murphy, discuss the latest news in cyber security and threat research. Topics this week include:A breakdown of ReliaQuest's latest Vulnerability quarterly reportAftermath of the ransomware attack affecting CapitaThe "Domino" Backdoor and "Project Nemesis" information stealing malwareLockbit targeting macOSResources:https://www.reliaquest.com/blog/2023-q1-vulnerabilities-cves/https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/
Weekly: Cobalt Strike takedown, latest MERCURY campaign, Patch Tuesday
In this episode of ShadowTalk, host Stefano, along with Caroline and Kitch, discuss the latest news in cyber security and threat research. Topics this week include:A new approach in malicious infrastructure takedownThe latest TTPs of MERCURY aka MuddyWaterWhat's new on this Patch Tuesday?Resources:https://blogs.microsoft.com/on-the-issues/2023/04/06/stopping-cybercriminals-from-abusing-security-tools/https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2023-patch-tuesday-fixes-1-zero-day-97-flaws/
Weekly: Genesis Market seizure, Vulkan Files, and new Microsoft Security Update
In this episode of ShadowTalk, host Stefano, along with Ivan and Corey, discuss the latest news in cyber security and threat research. Topics this week include:The prominent Genesis Market has been seized: What's next?Confidential Vulkan Files expose ties between Russian APTs and private sectorMicrosoft mitigates malicious attachments delivered via OneNoteResources:https://news.sky.com/story/notorious-criminal-marketplace-genesis-market-which-sold-stolen-bank-details-taken-down-12850517https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tacticshttps://www.securityweek.com/microsoft-onenote-starts-blocking-dangerous-file-extensions/https://www.reliaquest.com/blog/top-reads-march-2023/
Weekly: 3CX supply chain attack, Rostec deanonymize Telegram, IcedID
In this early released episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, Kim Bromley, and Colin Ferris discuss the latest news in cyber security and threat research. Topics this week include:Implications from the 3CX supply-chain attack and what you need to do going forwardRussian telco Rostec deanonymizing Telegram usersUpdates to the IcedID malwareEpisode resources:https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/https://www.reliaquest.com/blog/3cx-trojan-attack/https://www.bleepingcomputer.com/news/security/russia-s-rostec-allegedly-can-de-anonymize-telegram-users/https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/