Podcast: CDPR Victimized, Ziggy’s End, and the Oldsmar Water Incident

Credential exposure is a high-priority issue, preventing attackers from accessing your systems or selling this access to the highest bidder in dark web criminal marketplaces.

Yet, not all detected exposed credentials are useful to security teams. Analysts must assess if the credentials are authentic or made up, if they are active or inactive, if the email and password matches the corporate format policy, and if they have been previously actioned— all to say, does this exposed credentials pair pose a risk to our organization?

Join us for a webinar to understand how this process is now automated in SearchLight by our Microsoft Azure AD integration, drastically reducing the time required to triage.

Credential exposure is a high-priority issue, preventing attackers from accessing your systems or selling this access to the highest bidder in dark web criminal marketplaces.

Yet, not all detected exposed credentials are useful to security teams. Analysts must assess if the credentials are authentic or made up, if they are active or inactive, if the email and password matches the corporate format policy, and if they have been previously actioned— all to say, does this exposed credentials pair pose a risk to our organization?

Join us for a webinar to understand how this process is now automated in SearchLight by our Microsoft Azure AD integration, drastically reducing the time required to triage.

ShadowTalk hosts Alec, Ivan, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:
- Cyberpunk and Witcher fans beware - threat actors target the CD Projekt
Red source code
- Ziggy ransomware calls it quits - is law enforcement activity driving this
impact?
- Oldsmar, FL water treatment facility gets hacked - could other critical
infrastructure be at risk?
- Researcher impacts dozens of tech firms through a supply chain attack,
winning a $130,000 ‘bug bounty’

ShadowTalk hosts Alec, Ivan, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:
- Cyberpunk and Witcher fans beware - threat actors target the CD Projekt
Red source code
- Ziggy ransomware calls it quits - is law enforcement activity driving this
impact?
- Oldsmar, FL water treatment facility gets hacked - could other critical
infrastructure be at risk?
- Researcher impacts dozens of tech firms through a supply chain attack,
winning a $130,000 ‘bug bounty’

ShadowTalk hosts Stefano, Adam, and Kim bring you the latest in threat intelligence. This week they cover:
- More threat actors and attack vectors are being investigated in the
SolarWinds compromise
- Law enforcement officials in the Netherlands are delivering an Emotet
update that will remove it from infected devices
- Kim talks Lebanese Cedar - What’s new in their latest attack?
- Adam reviews Nefilim ransomware - how were they able to gain access
and why it reinforces the need for securing employee accounts
- Plus, don’t miss the malware name of the week!

ShadowTalk hosts Stefano, Adam, and Kim bring you the latest in threat intelligence. This week they cover:
- More threat actors and attack vectors are being investigated in the
SolarWinds compromise
- Law enforcement officials in the Netherlands are delivering an Emotet
update that will remove it from infected devices
- Kim talks Lebanese Cedar - What’s new in their latest attack?
- Adam reviews Nefilim ransomware - how were they able to gain access
and why it reinforces the need for securing employee accounts
- Plus, don’t miss the malware name of the week!

In this webinar, we dive into ransomware and extortion. We take a look at:
- Trends from 2020
- What to expect in 2021
- Why is Ransomware a big deal?
- Copycat Crimes
- Initial access and business intelligence gathering
- APT's

In this webinar, we dive into ransomware and extortion. We take a look at:
- Trends from 2020
- What to expect in 2021
- Why is Ransomware a big deal?
- Copycat Crimes
- Initial access and business intelligence gathering
- APT's

ShadowTalk hosts Alec, Charles, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:
- Mimecast confirms SolarWinds attackers breached security certificate -
the latest updates
- The rise and fall of Emotet plus unique video footage of the takedown
- NetWalker ransomware targeted and taken down by US and Bulgarian
Law Enforcement
- Avaddon adopts a new tactic - could it become the MO of other threat
groups?
- North Korean threat actors go phishing for security researchers with fake
social media profiles

ShadowTalk hosts Alec, Charles, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover:
- Mimecast confirms SolarWinds attackers breached security certificate -
the latest updates
- The rise and fall of Emotet plus unique video footage of the takedown
- NetWalker ransomware targeted and taken down by US and Bulgarian
Law Enforcement
- Avaddon adopts a new tactic - could it become the MO of other threat
groups?
- North Korean threat actors go phishing for security researchers with fake
social media profiles

In this talk, Digital Shadows CISO, Rick Holland, will take you on a journey looking at 2020's top cybercrime hits. All your favorites will be included; "monkey see monkey do" ransomware, account takeover, and access keys on public-facing software repositories. Rick will also make fun of "derpweb" icebergs while mixing in some BBQ analogies.

In this talk, Digital Shadows CISO, Rick Holland, will take you on a journey looking at 2020's top cybercrime hits. All your favorites will be included; "monkey see monkey do" ransomware, account takeover, and access keys on public-facing software repositories. Rick will also make fun of "derpweb" icebergs while mixing in some BBQ analogies.

ShadowTalk hosts Stefano, Kim, and Adam bring you the latest in threat intelligence. This week they cover:

- FireEye, a top security firm, suffers a breach just weeks after
announcing a huge investment by Blackstone
- Phishing campaigns target the distribution of the Covid-19 vaccine
- Ransomware gangs resort to cold-calling victims in order to cash in
- Plus, the very festive ‘Malware name of the week’

ShadowTalk hosts Stefano, Kim, and Adam bring you the latest in threat intelligence. This week they cover:

- FireEye, a top security firm, suffers a breach just weeks after
announcing a huge investment by Blackstone
- Phishing campaigns target the distribution of the Covid-19 vaccine
- Ransomware gangs resort to cold-calling victims in order to cash in
- Plus, the very festive ‘Malware name of the week’