Resources: https://linktr.ee/ReliaQuestShadowTalk

Did you know 99% of cloud identities are over-privileged, creating the perfect storm for attackers to seamlessly infiltrate your environment? Join host Kim along with intelligence analysts John & Alex as they discuss: 

• Chinese Nation-State Campaigns and Geopolitics (1:12)
• Malicious NPM Packages (7:20)
• TruffleNet Attacks on AWS (10:53)
• The Danger of Over-Privileged Cloud Identities (15:36)

Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.

Alexander Capraro: Alexander Capraro is a Cyber Threat Intelligence Analyst at ReliaQuest with over five years of experience in cybersecurity. With his prior experience as a Security Analyst, he specializes in incident response, malware campaign tracking, and OSINT investigations. 

Resources: https://linktr.ee/ReliaQuestShadowTalk

Picture this: You close a $50M acquisition on Friday and by Monday, attackers are in your network. Sound far-fetched? It's not. Join host Kim along with intelligence analyst John & Threat Hunter Leo as they discuss:

• Attackers Exploit WSUS Flaw (1:15)
• Qilin Deploys Cross-Platform Attacks (4:21)
• Lazarus Group Reignites Operation DreamJob (9:05)
• Threat Hunter Hacks: Active Cyber Threats in M&A (15:19)

Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.

Leo Dawson: Leo Dawson is a Threat Hunter on the ReliaQuest Threat Research Team. With a deep background in Experimental Physics and Artificial Intelligence, Leo brings a unique interdisciplinary perspective to cybersecurity. He is driven by a passion for leveraging these skills to proactively track, analyze, and understand threat actor campaigns while gaining deeper insights into their evolving tactics and behaviors. 

Resources: https://linktr.ee/ReliaQuestShadowTalk

Curious about the skills needed for modern cyber attacks? Join host Kim along with intelligence analysts John & Hayden as they discuss:

• Apple Patches Exploited Zero-Day (1:40)
• Hackers Abuse Linux Files to Drop Malware (3:50)
• Silk Typhoon Attacks Cloud Supply Chains (7:21)
• ReliaQuest Uncovers Cybercriminals' Most Sought After Skills (11:02)

Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. 

Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security. 

In this episode of ShadowTalk, host Ivan Righi, along with ReliaQuest's CISO Rick Holland and Detection Researcher Marken Teder, discuss the latest news in cyber security and threat research. Topics this week include:

• Apache ActiveMQ vulnerability (CVE-2023-46604) exploited by ransomware gangs
• Discussion over charges filed by the US SEC against SolarWinds
• Active exploitation of a Critical Atlassian Confluence flaw (CVE-2023-22518)
• An overview of QR code phishing threats

Resources:

• https://event.on24.com/wcc/r/4387339/A63BC17298406ECD68AABFFEF416702B?partnerref=organic

In this episode of ShadowTalk, host Kim, along with Caroline and Corey, discuss the latest news in cyber security and threat research. Topics this week include:

• The charges filed by the US SEC against SolarWinds
• A sneak-peak of the findings from our Vulnerabilities Roundup blog
• An overview of some vulnerabilities impacting users right now
• The Executive Order issued by the Biden administration on artificial intelligence.

In this episode of ShadowTalk, Host Chris Morgan is joined by one of ReliaQuest's CISO's Rick Holland, Threat Hunter Brian Kelly and Threat Intelligence Analyst Ivan Righi to discuss the latest news in cyber security and threat research. Topics this week include:

• The findings of ReliaQuest's Quarterly Ransomware Report recapping Q3 2023 activity.
•  ServiceNow vulnerability and what it means for you
• The latest on a security incident pertaining to authentication provider, Okta.

Resources:

• https://www.reliaquest.com/blog/ransomware-trends-q3-2023/

In this episode of ShadowTalk, host Chris, along with Kim and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include:

• Threat actors exploiting Critical CISCO IOS XE Vuln 
• Increase in Business Email Compromise (BEC) activity
• Social media platform Discord being used for malicious activity

In this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, James Xiang and Caroline Fenstermacher, discuss the latest news in cyber security and threat research. Topics this week include:

• Cyber threat implications from the Hamas - Israel Conflict
• Top Adversary Techniques: What We're Seeing Right Now
• Has Qakbot returned? 

Resources:

• https://www.reliaquest.com/blog/iranian-cyber-threats-practical-advice-for-security-professionals/

In this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland and Corey Carter discuss the latest news in cyber security and threat research. Topics this week include:

• 2023 National Cyber Security Awareness Month (NCSAM) 
• Progress FTP Server
• The risk posed by open Remote Desktop Protocol (RDP) Sessions
• IronNet ceasure operations

Resources:

•  https://www.reliaquest.com/blog/cybersecurity-awareness-automation/ 
• https://www.reliaquest.com/blog/israel-hamas-implications-for-cyber-threats/ 

In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:

• Hunting for MFA bypass techniques
• Exploitation of a Zero-day LibWebP Vulnerability
• Threat actors targeting VMWare ESXI

Resources:

https://www.reliaquest.com/blog/mfa-bypass-techniques/#:~:text=Attackers%20also%20bypass%20MFA%20by,for%20sale%20on%20cybercriminal%20platforms. 

In this episode of ShadowTalk, host Kim, along with Caroline and Brian, discuss the latest news in cyber security and threat research. Topics this week include:

• A deep dive into popular MFA bypass techniques and how to mitigate them
• How a misconfigured SAS token led to a big Microsoft data breach
• The latest ALPHV ransomware attack

Resources:

• https://www.reliaquest.com/blog/domain-redirection-attacks-wrong-turns-in-cyberspace/

In this episode of ShadowTalk, host and ReliaQuest CISO Rick Holand and ReliaQuest Threat Research team members Corey Carter and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include:

•  A deep dive on domain redirection attacks
• New ransomware report from the UK government
• New Managed Engine zero-day exploited by multiple threat actors
• Anonymous Sudan Telegram bans and DDoS attacks.

Resources:

• https://www.ncsc.gov.uk/whitepaper/ransomware-extortion-and-the-cyber-crime-ecosystem
• https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a
• https://www.reliaquest.com/blog/5-macos-infostealers/
• https://www.reliaquest.com/blog/cisos-guide-six-steps-to-start-adopting-ai/

In this episode of ShadowTalk, host Roman, along with Corey and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:

• A deep dive of malware loader SocGhoulish
• Artificial intelligence: implications, security concerns, and use by cybercriminals
• LockBit leaking top secret information from the UK’s Ministry of Defence

Resources: 

• https://www.reliaquest.com/blog/the-3-malware-loaders-behind-80-of-incidents
• https://www.reliaquest.com/blog/socgholish-fakeupdates
• https://www.reliaquest.com/blog/lockbit-ransomware-2023

Resources: https://linktr.ee/ReliaQuestShadowTalk

Intrigued by Warlock ransomware's Chinese connection? Join host Kim along with intelligence analysts Joey & John as they discuss:

• \Warlock Ransomware Attacks Against Telecoms (3:12)
• New FortiSIEM Flaw Exploited in the Wild (5:19)
• Man-in-the-Prompt Attack Steals Data from LLMs (8:04)
• How ReliaQuest Tracks Ransomware Groups and Evolving Cyber Threats (12:36)

Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.

Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs. 

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. 

In this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:

• The FBI operation targeting Qakbot infrastructure
• Barracuda Zero-Day targeted by Peoples Republic of China (PRC) aligned actors
• The resurgence and future of Hacktivism

In this episode of ShadowTalk, host Dean Murphy, along with one of ReliaQuest's CISO's Rick Holland and Threat Hunter Brian Kelly, discuss the latest news in cyber security and threat research. Topics this week include:

• Malware Loaders
• Ransomware Runbooks 
• Generative AI 
• Barracuda ESG - Zero-Day

Resources:

• https://www.reliaquest.com/blog/lockbit-ransomware-2023/
• https://analyst1.com/ransomware-diaries-volume-1/
• https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-gangs-attack-playbook/
• https://www.reliaquest.com/news-and-press/reliaquest-adds-ai-capabilities-to-greymatter-intelligent-analysis/
• https://www.reliaquest.com/blog/understanding-generative-ai-in-cybersecurity/
• https://www.reliaquest.com/blog/intersection-generative-ai-cybersecurity/
• https://www.mandiant.com/resources/blog/threat-actors-generative-ai-limited
• https://www.ic3.gov/Media/News/2023/230823.pdf 

In this episode of ShadowTalk, host Chris, along with one of Brandon and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include:

• Recap of DefCon conference
• The latest updates regarding Clop's exploitation of MOVEit zero-day
• The return of the infamous Raccoon Stealer

In this episode, one of ReliaQuest's CISO's Rick Holland is joined by threat hunters Colin Ferris and Caroline Fenstermacher to discuss the presence of AI at BlackHat, Device Code Phishing, trends from the Russia-Ukraine War and lastly how to make the most of a visit to DEF CON.

In this episode, one of ReliaQuest's CISO's Rick Holland and Chief Technology Officer Joe Partlow are joined by Freeport LNG CISO, Todd Beebe and Ciena CISO Ryan Hammer to discuss all things BlackHat 2023.

 In this episode of ShadowTalk, host Chris, along with one of ReliaQuest's CISOs Rick, and James, discuss the latest news in cyber security and threat research. Topics this week include:

• Themes in recent Business Email Compromise (BEC) activity
• A breakdown of ReliaQuest research into threats facing the Professional, Scientific, and Technical Services (PSTS) sector
• The influence of AI on the cyber threat landscape 
• ReliaQuest activities at BlackHat 2023 conference

In this episode of ShadowTalk, host Roman, along with Ivan and Brandon, discuss the latest news in cyber security and threat research. Topics this week include:

• Twitter becoming X security concerns
• Cl0p names 71 new victims
• ReliaQuest releases Q2 ransomware report
• Hackers target Norwegian government ministries with Ivanti zero-day exploit
• ALPHV ransomware group creates API key for its data leak site

Resources:

• https://www.bleepingcomputer.com/news/security/norway-says-ivanti-zero-day-was-used-to-hack-govt-it-systems/
• https://www.bleepingcomputer.com/news/security/alphv-ransomware-adds-data-leak-api-in-new-extortion-strategy/

In this episode of ShadowTalk, host Chris, along with Brian and James, discuss the latest news in cyber security and threat research. Topics this week include:

• ReliaQuest research into common attacker techniques
• An update on Clop's exploitation of the MOVEit vulnerability 
• ChatGPT rival with ‘no ethical boundaries’ sold on dark web

Resources:

• https://www.reliaquest.com/blog/top-adversary-techniques-july-2023/
• https://www.reliaquest.com/blog/clop-leaks-first-victims/
• https://www.zdnet.com/article/wormgpt-what-to-know-about-chatgpts-malicious-cousin/

In this episode of ShadowTalk, host Dean Murphy, one of ReliaQuests CISO's Rick Holland and threat research teamers Colin Ferris and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include:

• Chinese hackers breach Microsoft Cloud
• Strava App – Tracked and Killed
• Cl0p Update
• Remote Monitoring and Management Software – RMM

Resources:

• https://www.cnn.com/2023/07/11/europe/russian-submarine-commander-killed-krasnador-intl/index.html
• https://www.telegraph.co.uk/news/2023/07/11/russian-submarine-commander-shot-strava-krasnodar-vinnytsia/
• https://jsac.jpcert.or.jp/archive/2023/pdf/JSAC2023_1_1_yamashige-nakatani-tanaka_en.pdf
• https://www.reliaquest.com/blog/clop-leaks-first-victims/
• https://www.cisa.gov/sites/default/files/2023-07/aa23-193a_joint_csa_enhanced_monitoring_to_detect_apt_activity_targeting_outlook_online.pdf
• https://www.washingtonpost.com/national-security/2023/07/12/microsoft-hack-china/
• https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/
• https://www.whitehouse.gov/briefing-room/statements-releases/2023/07/13/fact-sheet-biden-harrisadministration-publishes-thenational-cybersecurity-strategyimplementation-plan/

In this episode of ShadowTalk, host Chris Morgan, along with Corey Carter, Jonny Elrod, Gjergji Paco, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:

• Threat actors obfuscating activity through virtualization
• LockBit claim to have impacted Taiwanese semiconductor giant TSMC
• CISA identify new exploited vulnerabilities
• New critical vulnerability impacting Fortinet, FortiOS and FortiProxy SSL-VPN appliances

Resources:

• https://www.reliaquest.com/blog/virtual-machines-defense-evasion/
• https://www.bleepingcomputer.com/news/security/cisa-orders-govt-agencies-to-patch-bugs-exploited-by-russian-hackers/
• https://thehackernews.com/2023/07/alert-330000-fortigate-firewalls-still.html
• https://www.scmagazine.com/brief/ransomware/tsmc-discloses-data-breach-from-lockbit-claimed-attack-against-third-party

Resources: https://linktr.ee/ReliaQuestShadowTalk

Want to know if ShinyHunters and Scattered Spider are really working together? Join host Kim along with detection engineer Marken as they discuss:

• WinRAR Zero-Day Exploited in RomCom Attacks (1:44)
• New EDR Killer Popular with Ransomware Groups (4:30)
• Data Breach Reveal Kimsuky Inner Workings (11:31)
• ReliaQuest Uncovers Potential ShinyHunters x Scattered Spider Collaboration (15:00)

Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.

Marken Teder: Threat Detection Engineer at ReliaQuest, with a total of 7 years at the company. A native Estonian, he has previously worked as an Incident Response Analyst, Content Developer, and Security Architect. Marken's extensive experience in detection and response brings a robust technical perspective to discussions.

In this episode of ShadowTalk, host Stefano, along with Kim Bromley, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:

• The SEC reportedly charging SolarWinds executives
• APT29 hunting for credentials
• Our new, shiny Annual Threat Report

Resources:

• https://www.reuters.com/technology/solarwinds-executives-receive-wells-notice-us-sec-2023-06-23/
• https://www.scmagazine.com/brief/identity-and-access/apt29-intensifies-credential-stealing-attacks
• https://www.reliaquest.com/resources/research-reports/annual-threat-report/

In this episode of ShadowTalk, host Chris, along with Dani, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:

• The latest updates related to Cl0p's exploitation of MOVEit zero-day
• Killnet targeting European financial institutions
• Insights drawn from our closed sources team
• The team's observations on this years InfoSec conference

Resources:

• https://www.reliaquest.com/blog/clop-leaks-first-victims/ 
• https://techmonitor.ai/technology/cybersecurity/killnet-revil-and-anonymous-threaten-swift-with-destructive-attack-in-48-hours 

In this episode of ShadowTalk, host Chris, along with Colin and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:

• The latest updates related to Clop's exploitation of MOVEit zero-day
• An overview of the Gootloader initial access malware
• Fortinet RCE CVE-2023-27997
• Ukraine's Cyber Anarchy Squad take down Infotel

Resources:

• https://www.reliaquest.com/blog/clop-leaks-first-victims/
• https://www.scmagazine.com/news/device-security/fortinet-patches-critical-rce-fortigate-ssl-vpn-appliances
• https://www.bleepingcomputer.com/news/security/ukrainian-hackers-take-down-service-provider-for-russian-banks/

In this episode of ShadowTalk, host Stefano, along with Rick, Dean, and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:

• What you need to know on the MOVEit Zero-day vulnerability and the latest Cl0p updates 
• Infostealers ecosystem: most common malware, impact, and mitigation strategies
• Key insights from the latest Verizon's DBIR issue

Resources:

• https://www.reliaquest.com/blog/moveit-vulnerability-update-clop-claims-responsibility/ 
• https://www.verizon.com/business/resources/reports/dbir/

In this episode of ShadowTalk, host Chris, along with Gjergji and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:

• What you need to know on the MOVEit Zero-day vulnerability
• RaidForums user's data breached
• The Buhti ransomware taking a unique approach to targeting victims

Resources:

• https://www.reliaquest.com/blog/moveit-transfer-zero-day/
• https://www.bleepingcomputer.com/news/security/new-buhti-ransomware-gang-uses-leaked-windows-linux-encryptors/
• https://www.bleepingcomputer.com/news/security/new-hacking-forum-leaks-data-of-478-000-raidforums-members/

Summary: In this episode of ShadowTalk, host Stefano, along with Kim, Rick, and Dean, discuss the latest news in cyber security and threat research. Topics this week include:

• An investigation into the GootLoader malware
• The latest operation from hacktivist group Intrusion Truth
• A cyber espionage campaign conduct by Volt Typhoon
• RQ Exponent conference debrief

Resources:

• https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a
• https://www.washingtonpost.com/politics/2023/05/15/they-dox-chinese-hackers-now-theyre-back/

In this episode of ShadowTalk, host Chris Morgan , along with Caroline Fenstermacher and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:

• Revisiting the SocGholish malware distribution framework 
• Getting pricked by the Cactus ransomware
• Greatness Phishing-as-a-service 

Resources:

• https://www.reliaquest.com/blog/socgholish-fakeupdates/
• https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.html
• https://www.bleepingcomputer.com/news/security/new-greatness-service-simplifies-microsoft-365-phishing-attacks/

Summary: In this episode of ShadowTalk, host Stefano, along with Caroline and Colin, discuss the latest news in cyber security and threat research. Topics this week include:

• Five Eyes agencies takedown FSB-linked Snake malware
• Hunting Kubernetes for privilege escalation techniques
• Investigation offers insights into Caffeine PhaaS platform

Resources:

• https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129a
• https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/whitepapers/kubernetes-privilege-escalation-excessive-permissions-in-popular-platforms
• https://www.bleepingcomputer.com/news/security/caffeine-service-lets-anyone-launch-microsoft-365-phishing-attacks/

In this episode of ShadowTalk, host Chris Morgan is joined by Corey Carter and Ivan Righi to discuss:

• A day in the life of a Threat Engineer at ReliaQuest
• ALPHV leaking internal comm's related to victims incident response
• High Severity vulnerability affecting Veeam back servers exploited in the wild (CVE-2023-27532)

In this episode of ShadowTalk, host Stefano, along with Kim, Ivan, and Brandon, discuss the latest news in cyber security and threat research. Topics this week include:

• Highlights from the ReliaQuest Ransomware Quarterly Report Q1 2023
• A supply-chain of a supply-chain: 3CX Update
• Analysis of Russia-Ukraine cyber operations
• A look into recent shifts in the cybercriminal ecosystem

Resources:

• https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/
• https://www.ncsc.gov.uk/news/new-analysis-eccri-highlights-ukraine-defence-against-russian-offensive
• https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise

Akira ransomware group is exploiting potential zero-day vulnerabilities, and digital risk protection (DRP) threats are rapidly evolving. Join host Joey, along with intelligence analysts John and Hayden, as they dive into:

• Akira Ransomware Exploiting a Potential Zero Day
• Plague Backdoor Emerges as Silent Intruder
• Evolving Tactics of North Korean Attacker
• DRP Threats Surge Amid Organizational Growth

Resources: https://linktr.ee/ReliaQuestShadowTalk

Joseph Keyes: Joseph Keyes is a Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs. 

John Dilgen: John Dilgen is a Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. 

Hayden Evans: Hayden Evans is a Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security. 

In this episode, host and CISO Rick Holland is joined by ReliaQuest's Chief Technical Officer Joe Partlow and Chief Strategy Officer Jason Pfeiffer to discuss 

• cyber trends they're seeing across RSA Conference 2023
• the benefits of such an event
• AI in cyber and more.

In this episode of ShadowTalk, host Chris Morgan, along with Dani and Dean Murphy, discuss the latest news in cyber security and threat research. Topics this week include:

• A breakdown of ReliaQuest's latest Vulnerability quarterly report
• Aftermath of the ransomware attack affecting Capita
• The "Domino" Backdoor and "Project Nemesis" information stealing malware
• Lockbit targeting macOS

Resources:

• https://www.reliaquest.com/blog/2023-q1-vulnerabilities-cves/
• https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/

In this episode of ShadowTalk, host Stefano, along with Caroline and Kitch, discuss the latest news in cyber security and threat research. Topics this week include:

• A new approach in malicious infrastructure takedown
• The latest TTPs of MERCURY aka MuddyWater
• What's new on this Patch Tuesday?

Resources:

• https://blogs.microsoft.com/on-the-issues/2023/04/06/stopping-cybercriminals-from-abusing-security-tools/
• https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/
• https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2023-patch-tuesday-fixes-1-zero-day-97-flaws/

In this episode of ShadowTalk, host Stefano, along with Ivan and Corey, discuss the latest news in cyber security and threat research. Topics this week include:

• The prominent Genesis Market has been seized: What's next?
• Confidential Vulkan Files expose ties between Russian APTs and private sector
• Microsoft mitigates malicious attachments delivered via OneNote

Resources:

• https://news.sky.com/story/notorious-criminal-marketplace-genesis-market-which-sold-stolen-bank-details-taken-down-12850517
• https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics
• https://www.securityweek.com/microsoft-onenote-starts-blocking-dangerous-file-extensions/
• https://www.reliaquest.com/blog/top-reads-march-2023/

In this early released episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, Kim Bromley, and Colin Ferris discuss the latest news in cyber security and threat research. Topics this week include:

• Implications from the 3CX supply-chain attack and what you need to do going forward
• Russian telco Rostec de-anonymizing Telegram users
• Updates to the IcedID malware

Resources:

• https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/
• https://www.reliaquest.com/blog/3cx-trojan-attack/
• https://www.bleepingcomputer.com/news/security/russia-s-rostec-allegedly-can-de-anonymize-telegram-users/
• https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/

In this episode of ShadowTalk, host Chris Morgan, along with Ivan Righi and Caroline Fenstermacher, discuss the latest news in the cyber security and the information security landscape. Topics this week include:

• Implications following the arrest of BreachForums administrator Pompompurin
• Cryptojacking activity group the TeamTNT threat group 
• Microsoft Outlook bug CVE-2023-23397

Resources:

• https://www.reliaquest.com/blog/breachforums-arrest-fbi/
• https://www.reliaquest.com/blog/cyber-threats-svb-collapse/
• https://www.reliaquest.com/platform/phishing-analyzer/

In this episode of ShadowTalk, host Stefano De Blasi, along with Rick Holland and Brandon Tirado, discuss cyber threats related to the SVB collapse, the FBI IC3 report and Cl0p ransomware: zero-day vulnerability and victims.

Resources: 

• https://www.reliaquest.com/blog/cyber-threats-svb-collapse/?
• https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf
• https://www.reliaquest.com/blog/qbot-black-basta-ransomware/
• https://www.reliaquest.com/blog/html-smuggling-dark-web/

In this episode of ShadowTalk, host Stefano, along with Caroline and Dean, discuss:

• the new US National Cybersecurity Strategy
• the return of Emotet
• zero-day exploited by the Cl0p ransomware group.

This weeks ShadowTalk host Chris, along with Rick, Kitch and Corey, discuss:

• the email threat of HTML Smuggling
• the latest guidance on logging from CISA.

This week's ShadowTalk podcast covers the latest developments and implications of the Russian-Urkaine War.

Resources:

• https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-24-feb

Resources: https://linktr.ee/ReliaQuestShadowTalk

Curious how the latest CrushFTP exploit works? Join host Kim along with intelligence analyst Hayden and threat hunter Leo as they discuss:

• BreachForums Back, XSS Out (1:28)
• Warlock Ransomware Hits SharePoint (5:28)
• Fire Ant Stings ESXi (9:39)
• ReliaQuest Uncovers CrushFTP Attack Chain (13:35

Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.

Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security.

Leo Dawson: Threat Hunter on the ReliaQuest Threat Research Team. With a deep background in Experimental Physics and Artificial Intelligence, Leo brings a unique interdisciplinary perspective to cybersecurity. He is driven by a passion for leveraging these skills to proactively track, analyze, and understand threat actor campaigns while gaining deeper insights into their evolving tactics and behaviors. 

This week's ShadowTalk podcast covers the latest in the Trickbot/Conti Sanctions, OneNote Documents, NATO DDoS Attacks.

Resources:

• https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-17-feb

This week's ShadowTalk podcast covers the latest in the VMware ESXI Ransomware campaign, Killnet, SocGholish, and more. 

Resources:

• https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-feb

This week's ShadowTalk podcast covers the latest in the Hive ransomware takedown and dark web cybercriminal forum.

Resources: 

• https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-3-feb