Deep Dive into the 2020 Cyber Threat Intelligence Estimate

ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:

- REvil ransomware breathes new life into Gootkit malware
- C-level email credentials listed for sale on a cybercriminal marketplace
- Does REvil have ties to Maze and Egregor? A conversation about
source evaluation and attribution.
- Spam Haus reports that thousands of IPV4 addresses are suddenly
coming alive - is more BGP abuse on the horizon?

ShadowTalk hosts Alec, Charles, Austin, and Ivan bring you the latest in threat intelligence. This week they cover:
- Significant updates to the SolarWinds incident
- Overlaps of the "Sunburst" backdoor and malware known to be used
by the believed Russia-affiliated APT "Turla"
- Possible SolarWinds scam - SolarLeaks claiming to sell data stolen in SolarWinds attacks
- The newly identified Sunspot malware
- Mimecast reporting of a compromised certificate possibly related to SolarWinds - the team dives deeper
- DarkSide ransomware decryptor keys being released and how DarkSide responded

ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:

- REvil ransomware breathes new life into Gootkit malware
- C-level email credentials listed for sale on a cybercriminal marketplace
- Does REvil have ties to Maze and Egregor? A conversation about
source evaluation and attribution.
- Spam Haus reports that thousands of IPV4 addresses are suddenly
coming alive - is more BGP abuse on the horizon?

ShadowTalk hosts Alec, Charles, Austin, and Ivan bring you the latest in threat intelligence. This week they cover:
- Significant updates to the SolarWinds incident
- Overlaps of the "Sunburst" backdoor and malware known to be used
by the believed Russia-affiliated APT "Turla"
- Possible SolarWinds scam - SolarLeaks claiming to sell data stolen in SolarWinds attacks
- The newly identified Sunspot malware
- Mimecast reporting of a compromised certificate possibly related to SolarWinds - the team dives deeper
- DarkSide ransomware decryptor keys being released and how DarkSide responded

Research has shown that prominent threat actors, including the well documented ShinyHunters and GnosticPlayers, are targeting organizations globally by identifying exposed infrastructure access keys such as AWS and Oracle on sources such as GitHub to gain access to customer data, as well as identifying and download exposed customer data from exposed storage such as Amazon S3 Buckets, RSYNC and SMB servers.

This presentation by Digital Shadows details how these problems arise in the first place, how to detect them, and how to mitigate against from them occurring again in the future.

Research has shown that prominent threat actors, including the well documented ShinyHunters and GnosticPlayers, are targeting organizations globally by identifying exposed infrastructure access keys such as AWS and Oracle on sources such as GitHub to gain access to customer data, as well as identifying and download exposed customer data from exposed storage such as Amazon S3 Buckets, RSYNC and SMB servers.

This presentation by Digital Shadows details how these problems arise in the first place, how to detect them, and how to mitigate against from them occurring again in the future.

ShadowTalk hosts Stefano, Kim, Adam, and Dylan bring you the latest in threat intelligence. This week they cover:
- Post-holiday updates on SolarWinds - what have we missed?
- Ticketmaster gets fined $10 million for illegally accessing the internal
systems of a competitor, using the credentials of a former employee
- Apex Laboratory announced that it was the victim of a cyber attack -
what we know so far
- 2020 in review: What will the new year bring in the world of cyber
security?

ShadowTalk hosts Stefano, Kim, Adam, and Dylan bring you the latest in threat intelligence. This week they cover:
- Post-holiday updates on SolarWinds - what have we missed?
- Ticketmaster gets fined $10 million for illegally accessing the internal
systems of a competitor, using the credentials of a former employee
- Apex Laboratory announced that it was the victim of a cyber attack -
what we know so far
- 2020 in review: What will the new year bring in the world of cyber
security?

Join us for a panel discussion on the key findings from the 2020 Cyber Threat Intelligence Estimate. Todd Weber (CTO of Optiv) Jen Miller Osborn (Deputy Director of Threat Intelligence at Unit 42, Palo Alto Networks), and Rick Holland (CISO at Digital Shadows) discuss a range of topics outlined in the report.

Attendees will learn about:

- Ransomware trends, groups, and tactics
- The malicious use of PowerShell and what defenders can do about it
- The continuing popularity of account takeover
- The real impact of COVID-19. Were the initial fears realized?
- Looking ahead and planning for 2021

Join us for a panel discussion on the key findings from the 2020 Cyber Threat Intelligence Estimate. Todd Weber (CTO of Optiv) Jen Miller Osborn (Deputy Director of Threat Intelligence at Unit 42, Palo Alto Networks), and Rick Holland (CISO at Digital Shadows) discuss a range of topics outlined in the report.

Attendees will learn about:

- Ransomware trends, groups, and tactics
- The malicious use of PowerShell and what defenders can do about it
- The continuing popularity of account takeover
- The real impact of COVID-19. Were the initial fears realized?
- Looking ahead and planning for 2021