Hi [[ session.user.profile.firstName ]]

Podcast: Supply Chain Attacks Rule The Day, Plus The FBI Takes On Web-Shells

ShadowTalk hosts Alec, Ivan, Charles, and newcomer, Sean, bring you the latest in threat intelligence. This week they cover:
- Ivan dives into FBI actions against web-shells from compromised Exchange servers
- Codecov supply chain attacks - Charles brings us the latest
- The team discuss the Pulse Secure VPN bug
- Plus, don’t forget our special 200th episode next week!
Recorded Apr 30 2021 24 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Threat Researchers Alec Alvarado, Charles Ragland, Ivan Righi, and Sean Nikkel
Presentation preview: Podcast: Supply Chain Attacks Rule The Day, Plus The FBI Takes On Web-Shells
  • Channel
  • Channel profile
  • Podcast: Kaseya, REvil Goes Dark, and PrintNightmare Update Aug 5 2021 2:00 pm UTC 18 mins
    Sean, Matthew, and Charles
    ShadowTalk hosts Sean, Matthew, and Charles bring you the latest in threat intelligence. This week they cover:

    - Kaseya announces patches have been pushed to VSA SaaS platform on 12 July
    - REvil going dark
    - An update to the PrintNightmare situation
  • Podcast: Microsoft Exchange attribution, NSO Spyware, Zero-days, and Clippy Jul 30 2021 2:00 pm UTC 51 mins
    Digital Shadows Threat Researchers, Stefano De Blasi, Saul Burban, Rory Donovan and Kim Bromley
    ShadowTalk hosts Stefano, Saul, Rory, and Kim bring you the latest in threat intelligence. This week they cover:
    - Microsoft Exchange server attach attributed to China
    - At least 180 journalists have been selected as targets by clients of the cybersurveillance company NSO Group
    - Zero-day exploits in 2021
    - Tor gets an update
  • 2021: The Year of Third-Party Risk Recorded: Jul 27 2021 29 mins
    Digital Shadows Threat Intelligence Manager, Alec Alvarado
    Join Digital Shadows Threat Intelligence Manager, Alec Alvarado, as he dives into trends and incidents associated with third-party risk so far this year. In this session we’ll cover:

    - Term clarification - defining third-party risk
    - Historical examples of attacks and tactics used
    - Cybercriminal trends and patterns
    - Forecasting for the future and how to mitigate these types of risks
  • 2021: The Year of Third-Party Risk Recorded: Jul 27 2021 29 mins
    Digital Shadows Threat Intelligence Manager, Alec Alvarado
    Join Digital Shadows Threat Intelligence Manager, Alec Alvarado, as he dives into trends and incidents associated with third-party risk so far this year. In this session we’ll cover:

    - Term clarification - defining third-party risk
    - Historical examples of attacks and tactics used
    - Cybercriminal trends and patterns
    - Forecasting for the future and how to mitigate these types of risks
  • Enterprise Cyber Crime Update Recorded: Jul 22 2021 56 mins
    Ben Johnson, Field CTO, Digital Shadows and Brandon Kaier, Field CTO, Red8
    Motivating reasons for those who perpetrate cyber crime is changing. While money is still a primary motivator, the number of fake websites designed to accept payment for hospitals and web based businesses is going up exponentially. Cyber crime is however, rapidly expanding from just being about money to corporate/state sponsored espionage and ideology. One of the biggest trends in ransomware attacks is the attempt to hide the fact that a threat element has been in your network for months or even years. If you thought the attack was for money have you thought why you were targeted?Just recently Go Fund Me suffered a data breach. Why would a site whose primary purpose is to help those in need be attacked?

    How does your organization ensure that it’s intellectual property, customer information, business reputation, and interface with your customer base isn’t being sold or highjacked? Come join us as we discuss these topics and more.
  • Enterprise Cyber Crime Update Recorded: Jul 22 2021 56 mins
    Ben Johnson, Field CTO, Digital Shadows and Brandon Kaier, Field CTO, Red8
    Motivating reasons for those who perpetrate cyber crime is changing. While money is still a primary motivator, the number of fake websites designed to accept payment for hospitals and web based businesses is going up exponentially. Cyber crime is however, rapidly expanding from just being about money to corporate/state sponsored espionage and ideology. One of the biggest trends in ransomware attacks is the attempt to hide the fact that a threat element has been in your network for months or even years. If you thought the attack was for money have you thought why you were targeted?Just recently Go Fund Me suffered a data breach. Why would a site whose primary purpose is to help those in need be attacked?

    How does your organization ensure that it’s intellectual property, customer information, business reputation, and interface with your customer base isn’t being sold or highjacked? Come join us as we discuss these topics and more.
  • Podcast: Kaseya Attack Updates, Fancy Lazarus, and Spyware on Google Play Recorded: Jul 16 2021 58 mins
    Digital Shadows Threat Researchers, Adam Cook, Dylan Gray, Xue Peh and Stefano De Blasi
    ShadowTalk hosts Stefano, Dylan, Adam, and Xue, bring you the latest in threat intelligence. This week they cover:
    - Xue takes us through the Kaseya ransomware supply-chain attack - REvil’s involvement and “Happy Blog”
    - Adam discusses a new threat group, Fancy Lazarus - where did they come from and what are their methods?
    - Dylan dives into malicious spyware apps found on Google Play that steal Facebook users’ logins and passwords - what we know so far
    - Plus, Adam’s malware name of the week and more!
  • Podcast: Kaseya Attack Updates, Fancy Lazarus, and Spyware on Google Play Recorded: Jul 16 2021 58 mins
    Digital Shadows Threat Researchers, Adam Cook, Dylan Gray, Xue Peh and Stefano De Blasi
    ShadowTalk hosts Stefano, Dylan, Adam, and Xue, bring you the latest in threat intelligence. This week they cover:
    - Xue takes us through the Kaseya ransomware supply-chain attack - REvil’s involvement and “Happy Blog”
    - Adam discusses a new threat group, Fancy Lazarus - where did they come from and what are their methods?
    - Dylan dives into malicious spyware apps found on Google Play that steal Facebook users’ logins and passwords - what we know so far
    - Plus, Adam’s malware name of the week and more!
  • Dark Web Monitoring: Best Practices and Use Cases Recorded: Jul 13 2021 31 mins
    Michael Marriott, Director, Product Marketing Manager
    Dark web monitoring is not a use case in and of itself. Instead, it encompasses a variety of different use cases such as exposed credential monitoring, fraud, and insider threat monitoring. If security leaders want to successfully operationalize intelligence from dark web sources, then focusing on such specific use cases is critical.

    In this webinar we'll cover:
    - Most popular use cases
    - Best practices for dark web monitoring
    - Outline different types of maturity
    - Provide a checklist for legal considerations
  • Dark Web Monitoring: Best Practices and Use Cases Recorded: Jul 13 2021 31 mins
    Michael Marriott, Director, Product Marketing Manager
    Dark web monitoring is not a use case in and of itself. Instead, it encompasses a variety of different use cases such as exposed credential monitoring, fraud, and insider threat monitoring. If security leaders want to successfully operationalize intelligence from dark web sources, then focusing on such specific use cases is critical.

    In this webinar we'll cover:
    - Most popular use cases
    - Best practices for dark web monitoring
    - Outline different types of maturity
    - Provide a checklist for legal considerations
  • Podcast: LinkedIn Breach, Marketo Marketplace, Playstation Breach, and More! Recorded: Jul 9 2021 37 mins
    Threat Researchers Sean Nikkel, Ivan Righi, and CISO Rick Holland
    ShadowTalk hosts Sean, Ivan and Digital Shadows CISO, Rick Holland, bring you the latest in threat intelligence. This week they cover:
    - The team touch on the most recent LinkedIn breach exposing 700 Million user details
    - Sean and Rick talk about the latest developments of the PrintNightmare incident
    - Ivan dives into the Marketo data theft marketplace - What’s the future for this group?
    - Rick discusses the latest PlayStation 3 console ID’s leak and how it’s different to previous breaches
    What we know about the mysterious Western Digital MyBook attack
  • Podcast: LinkedIn Breach, Marketo Marketplace, Playstation Breach, and More! Recorded: Jul 9 2021 37 mins
    Threat Researchers Sean Nikkel, Ivan Righi, and CISO Rick Holland
    ShadowTalk hosts Sean, Ivan and Digital Shadows CISO, Rick Holland, bring you the latest in threat intelligence. This week they cover:
    - The team touch on the most recent LinkedIn breach exposing 700 Million user details
    - Sean and Rick talk about the latest developments of the PrintNightmare incident
    - Ivan dives into the Marketo data theft marketplace - What’s the future for this group?
    - Rick discusses the latest PlayStation 3 console ID’s leak and how it’s different to previous breaches
    What we know about the mysterious Western Digital MyBook attack
  • Podcast: Google Releases Supply-Chain Framework, New NATO Agreements, and More! Recorded: Jul 2 2021 30 mins
    Digital Shadows Threat Researchers, Chris Morgan, Kim Bromley, and Stefano De Blasi
    ShadowTalk hosts Stefano, Chris, and Kim, bring you the latest in threat intelligence. This week they cover:
    - Kim dives into Google’s new Supply Chain Attack framework - how will it operate?
    - Chris discusses South Korea's energy research institute networks being compromised by North Korean
    threat actors - how did they gain access?
    - The team talk new NATO agreements that put cybersecurity at the forefront
  • Podcast: Google Releases Supply-Chain Framework, New NATO Agreements, and More! Recorded: Jul 2 2021 30 mins
    Digital Shadows Threat Researchers, Chris Morgan, Kim Bromley, and Stefano De Blasi
    ShadowTalk hosts Stefano, Chris, and Kim, bring you the latest in threat intelligence. This week they cover:
    - Kim dives into Google’s new Supply Chain Attack framework - how will it operate?
    - Chris discusses South Korea's energy research institute networks being compromised by North Korean
    threat actors - how did they gain access?
    - The team talk new NATO agreements that put cybersecurity at the forefront
  • Podcast: VPN Vulnerabilities, EA Gets Attacked, Plus Clop Affiliate Arrests Recorded: Jun 28 2021 22 mins
    Threat Researchers Sean Nikkel, Charles Ragland, and Ivan Righi
    ShadowTalk hosts Sean, Ivan, and Charles bring you the latest in threat intelligence. This week they cover:
    - The team discusses the most recent EA breach - what’s the history of attacks against software/game developers?
    - Charles dives into the latest on VPN vulnerabilities - why does this problem persist?
    - Ivan talks about Clop arrests - how big of a player is Clop in the world of cyber crime?
    - Predictions for the ransomware scene in the future - can we expect more intervention by law enforcement?
  • Podcast: VPN Vulnerabilities, EA Gets Attacked, Plus Clop Affiliate Arrests Recorded: Jun 28 2021 22 mins
    Threat Researchers Sean Nikkel, Charles Ragland, and Ivan Righi
    ShadowTalk hosts Sean, Ivan, and Charles bring you the latest in threat intelligence. This week they cover:
    - The team discusses the most recent EA breach - what’s the history of attacks against software/game developers?
    - Charles dives into the latest on VPN vulnerabilities - why does this problem persist?
    - Ivan talks about Clop arrests - how big of a player is Clop in the world of cyber crime?
    - Predictions for the ransomware scene in the future - can we expect more intervention by law enforcement?
  • Ransomware Trends in Q1 2021 Recorded: Jun 22 2021 30 mins
    Jamie Hart, Digital Shadows Cyber Threat Intelligence Analyst
    Jamie takes us through the newest trends in ransomware for the top of 2021. In this session we cover:

    - Popular tactics by threat actors
    - Most commonly targeted industries and geographies
    - Attacks we've seen so far this year
    - What we can expect for the threat landscape in the short term
  • Ransomware Trends in Q1 2021 Recorded: Jun 22 2021 30 mins
    Jamie Hart, Digital Shadows Cyber Threat Intelligence Analyst
    Jamie takes us through the newest trends in ransomware for the top of 2021. In this session we cover:

    - Popular tactics by threat actors
    - Most commonly targeted industries and geographies
    - Attacks we've seen so far this year
    - What we can expect for the threat landscape in the short term
  • Podcast: Chinese Cyber Espionage, GitHub Takedowns, and EURO 2020 Predictions Recorded: Jun 18 2021 56 mins
    Digital Shadows Threat Researchers, Chris Morgan, Adam Cook, Stefano De Blasi, and Rory Donovan
    ShadowTalk hosts Stefano, Adam, Chris, and newcomer, Rory, bring you the latest in threat intelligence. This week they cover:
    - Adam takes us through the latest cyber espionage campaigns attributed to Chinese-state-sponsored APT groups
    - Rory discusses a sophisticated law enforcement campaign targeting criminal syndicates all over the world
    - Chris dives into the new GitHub policies - what led to these new guidelines?
    - The team talks about updates on the Colonial Pipeline incident - what’s the latest?
    - Plus, the group makes EURO 2020 predictions
  • Podcast: Chinese Cyber Espionage, GitHub Takedowns, and EURO 2020 Predictions Recorded: Jun 18 2021 56 mins
    Digital Shadows Threat Researchers, Chris Morgan, Adam Cook, Stefano De Blasi, and Rory Donovan
    ShadowTalk hosts Stefano, Adam, Chris, and newcomer, Rory, bring you the latest in threat intelligence. This week they cover:
    - Adam takes us through the latest cyber espionage campaigns attributed to Chinese-state-sponsored APT groups
    - Rory discusses a sophisticated law enforcement campaign targeting criminal syndicates all over the world
    - Chris dives into the new GitHub policies - what led to these new guidelines?
    - The team talks about updates on the Colonial Pipeline incident - what’s the latest?
    - Plus, the group makes EURO 2020 predictions
The Leader in Digital Risk Protection
Digital Shadows SearchLight protects organizations against external risk exposure. Organizations register their company names, brand names, domains, and document marketings for monitoring. Through the SearchLight portal, we provide the most relevant and critical digital risks with complete visibility, context, recommended actions, and ways to remediate the risk.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Podcast: Supply Chain Attacks Rule The Day, Plus The FBI Takes On Web-Shells
  • Live at: Apr 30 2021 9:30 am
  • Presented by: Threat Researchers Alec Alvarado, Charles Ragland, Ivan Righi, and Sean Nikkel
  • From:
Your email has been sent.
or close