Shows
Adversary Universe Podcast2025 Wrapped: Updates on This Year’s Hottest TopicsThis was a busy year for the Adversary Universe podcast. We covered the emergence of new adversaries, the weaponization of AI, critical CrowdStrike research, and how cyberattacks look in different regions of the world.
To recap 2025, we’re revisiting the topics that resonated most with our listeners to share year-end updates. Adam and Cristian cover the I-Soon data leaks, evolution of China as a nation-state threat, re-emergence of SCATTERED SPIDER, and the latest in ransomware-as-a-service. Tune in to learn the factors that may shape Chinese cyber operations in 2026 and why SCATTERED SPIDER activity looks different now compared to...
2025-12-3036 minAdversary Universe Podcast2025 Wrapped: Updates on This Year’s Hottest TopicsThis was a busy year for the Adversary Universe podcast. We covered the emergence of new adversaries, the weaponization of AI, critical CrowdStrike research, and how cyberattacks look in different regions of the world.
To recap 2025, we’re revisiting the topics that resonated most with our listeners to share year-end updates. Adam and Cristian cover the I-Soon data leaks, evolution of China as a nation-state threat, re-emergence of SCATTERED SPIDER, and the latest in ransomware-as-a-service. Tune in to learn the factors that may shape Chinese cyber operations in 2026 and why SCATTERED SPIDER activity looks different now compared to...
2025-12-3036 minAdversary Universe PodcastIs This Endgame? How Takedowns Are Reshaping eCrimeIn November 2025, a major public-private sector collaboration took down three significant malware networks. Operation Endgame involved law enforcement agencies from six EU countries, Australia, Canada, the U.K., and the U.S., along with Europol and 30 private sector partners, including CrowdStrike. The dismantled infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials.
Operation Endgame was a critical disruption of adversary operations — but it wasn’t the first. Law enforcement has for years sought to take down adversary infrastructure and often partners with private sector organizations like CrowdStrike to inform their operations. By disr...
2025-12-1835 minAdversary Universe PodcastIs This Endgame? How Takedowns Are Reshaping eCrimeIn November 2025, a major public-private sector collaboration took down three significant malware networks. Operation Endgame involved law enforcement agencies from six EU countries, Australia, Canada, the U.K., and the U.S., along with Europol and 30 private sector partners, including CrowdStrike. The dismantled infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials.
Operation Endgame was a critical disruption of adversary operations — but it wasn’t the first. Law enforcement has for years sought to take down adversary infrastructure and often partners with private sector organizations like CrowdStrike to inform their operations. By disr...
2025-12-1835 minAdversary Universe PodcastDefrosting Cybersecurity’s Cold Cases with CrowdStrike’s Tillmann WernerNot all cybercrimes are resolved. Some threat groups disappear completely, and some malware is never seen again. But sometimes, a long-dormant case is cracked open and elusive answers are found.
Tillmann Werner, VP of Intelligence Production at CrowdStrike, has been a member of the CrowdStrike Intelligence team since 2012 and has analyzed many of these cold cases. In this episode, he joins Adam to chat about unresolved cyberattacks, the adversaries behind them, and cases that remained inactive for years before new technology or data allowed experts to close them. While it’s frustrating to close a file without su...
2025-12-0434 minAdversary Universe PodcastDefrosting Cybersecurity’s Cold Cases with CrowdStrike’s Tillmann WernerNot all cybercrimes are resolved. Some threat groups disappear completely, and some malware is never seen again. But sometimes, a long-dormant case is cracked open and elusive answers are found.
Tillmann Werner, VP of Intelligence Production at CrowdStrike, has been a member of the CrowdStrike Intelligence team since 2012 and has analyzed many of these cold cases. In this episode, he joins Adam to chat about unresolved cyberattacks, the adversaries behind them, and cases that remained inactive for years before new technology or data allowed experts to close them. While it’s frustrating to close a file without su...
2025-12-0434 minAdversary Universe PodcastPrompted to Fail: The Security Risks Lurking in DeepSeek-Generated CodeCrowdStrike research into AI coding assistants reveals a new, subtle vulnerability surface: When DeepSeek-R1 receives prompts the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of it producing code with severe security flaws increases by up to 50%.
Stefan Stein, manager of the CrowdStrike Counter Adversary Operations Data Science team, joined Adam and Cristian for a live recording at Fal.Con 2025 to discuss how this project got started, the methodology behind the team’s research, and the significance of their findings.
The research began with a simple question: What are the security risks of us...
2025-11-2037 minAdversary Universe PodcastPrompted to Fail: The Security Risks Lurking in DeepSeek-Generated CodeCrowdStrike research into AI coding assistants reveals a new, subtle vulnerability surface: When DeepSeek-R1 receives prompts the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of it producing code with severe security flaws increases by up to 50%.
Stefan Stein, manager of the CrowdStrike Counter Adversary Operations Data Science team, joined Adam and Cristian for a live recording at Fal.Con 2025 to discuss how this project got started, the methodology behind the team’s research, and the significance of their findings.
The research began with a simple question: What are the security risks of us...
2025-11-2037 minAdversary Universe PodcastExtortion Rises and Nation-State Activity Intensifies: The CrowdStrike 2025 European Threat Landscape ReportEurope is a prime target for global adversaries. There is a strong emphasis on eCrime across the region as well as a rise in hacktivism and espionage stemming from ongoing conflicts.
The CrowdStrike 2025 European Threat Landscape Report breaks down these trends. In this episode, Adam and Cristian cover the highlights.
They start with cybercrime, a major theme of the report. The five most targeted European nations were the U.K., Germany, Italy, France, and Spain, which also represent the region’s largest economies (excluding Russia). The most targeted sectors were manufacturing, professional services, technology, industrials an...
2025-11-0627 minAdversary Universe PodcastExtortion Rises and Nation-State Activity Intensifies: The CrowdStrike 2025 European Threat Landscape ReportEurope is a prime target for global adversaries. There is a strong emphasis on eCrime across the region as well as a rise in hacktivism and espionage stemming from ongoing conflicts.
The CrowdStrike 2025 European Threat Landscape Report breaks down these trends. In this episode, Adam and Cristian cover the highlights.
They start with cybercrime, a major theme of the report. The five most targeted European nations were the U.K., Germany, Italy, France, and Spain, which also represent the region’s largest economies (excluding Russia). The most targeted sectors were manufacturing, professional services, technology, industrials an...
2025-11-0627 minAdversary Universe PodcastThriving Marketplaces and Regional Threats: The CrowdStrike 2025 APJ eCrime Landscape ReportIn the Asia Pacific and Japan (APJ) region, a burgeoning set of threat actors is emerging with a different language set, distinct tools, and an ecosystem where they interact with adversaries across the threat landscape.
The CrowdStrike 2025 APJ eCrime Landscape Report explores the trends and issues facing organizations operating in this part of the world. For example, criminal groups in APJ are focused on opportunistic big game hunting and primarily target organizations in manufacturing, technology, industrials and engineering, financial services, and professional services. The sale of phishing kits is popular, with some going for up to $1 million...
2025-10-2319 minAdversary Universe PodcastThriving Marketplaces and Regional Threats: The CrowdStrike 2025 APJ eCrime Landscape ReportIn the Asia Pacific and Japan (APJ) region, a burgeoning set of threat actors is emerging with a different language set, distinct tools, and an ecosystem where they interact with adversaries across the threat landscape.
The CrowdStrike 2025 APJ eCrime Landscape Report explores the trends and issues facing organizations operating in this part of the world. For example, criminal groups in APJ are focused on opportunistic big game hunting and primarily target organizations in manufacturing, technology, industrials and engineering, financial services, and professional services. The sale of phishing kits is popular, with some going for up to $1 million...
2025-10-2319 minAdversary Universe PodcastCloud Intrusions Rise, eCrime Thrives, Governments Under Attack: CrowdStrike 2025 Threat Hunting ReportIn the first half of 2025 alone, cloud intrusions were up 136% compared to all of 2024. China was a big driver — CrowdStrike saw a 40% year-over-year surge in intrusions from suspected cloud-conscious China-nexus threat actors. In the government sector, interactive intrusions increased 71%, and targeted intrusion activity jumped 185%.
The CrowdStrike OverWatch threat hunting team has a firsthand look at how adversaries are changing their techniques. In the CrowdStrike 2025 Threat Hunting Report, published today, the team shares observations, trends, and shifts seen in its threat hunting and adversary engagements over the past 12 months.
In this episode, Adam...
2025-08-0436 minAdversary Universe PodcastCloud Intrusions Rise, eCrime Thrives, Governments Under Attack: CrowdStrike 2025 Threat Hunting ReportIn the first half of 2025 alone, cloud intrusions were up 136% compared to all of 2024. China was a big driver — CrowdStrike saw a 40% year-over-year surge in intrusions from suspected cloud-conscious China-nexus threat actors. In the government sector, interactive intrusions increased 71%, and targeted intrusion activity jumped 185%.
The CrowdStrike OverWatch threat hunting team has a firsthand look at how adversaries are changing their techniques. In the CrowdStrike 2025 Threat Hunting Report, published today, the team shares observations, trends, and shifts seen in its threat hunting and adversary engagements over the past 12 months.
In this episode, Adam...
2025-08-0436 minAdversary Universe PodcastThe Return of SCATTERED SPIDERThey never really left — they just got quieter, faster, and bolder. In this episode of the Adversary Universe podcast, Adam and Cristian trace the resurgence of SCATTERED SPIDER, one of today’s most aggressive and sophisticated adversary groups.
Once known for SIM swapping and gaming community exploits, SCATTERED SPIDER has evolved into a high-speed, high-impact ransomware crew targeting the retail, insurance, and aviation sectors. Adam shares CrowdStrike’s front-line insights into how the group operates, from conducting help desk social engineering and bypassing multifactor authentication (MFA) to hijacking hypervisors and exfiltrating data via software as a service (SaaS...
2025-07-1733 minAdversary Universe PodcastThe Return of SCATTERED SPIDERThey never really left — they just got quieter, faster, and bolder. In this episode of the Adversary Universe podcast, Adam and Cristian trace the resurgence of SCATTERED SPIDER, one of today’s most aggressive and sophisticated adversary groups.
Once known for SIM swapping and gaming community exploits, SCATTERED SPIDER has evolved into a high-speed, high-impact ransomware crew targeting the retail, insurance, and aviation sectors. Adam shares CrowdStrike’s front-line insights into how the group operates, from conducting help desk social engineering and bypassing multifactor authentication (MFA) to hijacking hypervisors and exfiltrating data via software as a service (SaaS...
2025-07-1733 minAdversary Universe PodcastAsk Us (Almost) Anything: Threat Intel, Adversaries, and MoreYou asked, and we answered. This episode of the Adversary Universe podcast takes a deep dive into questions from our listeners.
What did you want to know? Well, a lot about adversaries, but also about career paths and the threat intel space. Tune in to hear the answers to questions like:
• How did you break into the threat intelligence space?
• Who is the first adversary CrowdStrike tracked?
• Who is an adversary that keeps you up at night and why?
• What was a jaw-dropping moment you experienced in tracking adversaries?
• If you didn’t work in infosec, what wo...
2025-07-0325 minAdversary Universe PodcastAsk Us (Almost) Anything: Threat Intel, Adversaries, and MoreYou asked, and we answered. This episode of the Adversary Universe podcast takes a deep dive into questions from our listeners.
What did you want to know? Well, a lot about adversaries, but also about career paths and the threat intel space. Tune in to hear the answers to questions like:
• How did you break into the threat intelligence space?
• Who is the first adversary CrowdStrike tracked?
• Who is an adversary that keeps you up at night and why?
• What was a jaw-dropping moment you experienced in tracking adversaries?
• If you didn’t work in infosec, what wo...
2025-07-0325 minAdversary Universe PodcastInside the CrowdStrike 2025 Latin America Threat Landscape ReportLatin America has become a hotspot for cyber activity. Threat actors around the world, particularly eCriminals, are targeting organizations operating in Central and South America, Mexico, and the Caribbean. Latin America-based cybercriminals are emerging as well.
The CrowdStrike 2025 Latin America Threat Landscape Report provides key insights into this activity. In its pages, the CrowdStrike Counter Adversary Operations team details the eCrime, targeted intrusions, hacktivist disruptions, and cyber espionage targeting organizations that operate in Latin America. And in this episode of the Adversary Universe podcast, Adam and Cristian give listeners a snapshot of the key findings. T...
2025-05-0820 minAdversary Universe PodcastInside the CrowdStrike 2025 Latin America Threat Landscape ReportLatin America has become a hotspot for cyber activity. Threat actors around the world, particularly eCriminals, are targeting organizations operating in Central and South America, Mexico, and the Caribbean. Latin America-based cybercriminals are emerging as well.
The CrowdStrike 2025 Latin America Threat Landscape Report provides key insights into this activity. In its pages, the CrowdStrike Counter Adversary Operations team details the eCrime, targeted intrusions, hacktivist disruptions, and cyber espionage targeting organizations that operate in Latin America. And in this episode of the Adversary Universe podcast, Adam and Cristian give listeners a snapshot of the key findings. T...
2025-05-0820 minAdversary Universe PodcastOCULAR SPIDER and the Rise of Ransomware-as-a-ServiceRansomware has become more difficult for organizations to defend against, but easier for adversaries to deploy. The rise of ransomware-as-a-service (RaaS) — a model in which ransomware operators write the malware and affiliates pay to launch it — has lowered the barrier to entry so threat actors of all skill levels can participate and profit.
OCULAR SPIDER is one such operator. This adversary, newly named by CrowdStrike, is associated with the development of ransomware variants including Cyclops, Knight, and RansomHub. They targeted hundreds of named victims between February 2024 and March 2025, according to CrowdStrike intelligence, and they focus on in...
2025-04-1029 minAdversary Universe PodcastOCULAR SPIDER and the Rise of Ransomware-as-a-ServiceRansomware has become more difficult for organizations to defend against, but easier for adversaries to deploy. The rise of ransomware-as-a-service (RaaS) — a model in which ransomware operators write the malware and affiliates pay to launch it — has lowered the barrier to entry so threat actors of all skill levels can participate and profit.
OCULAR SPIDER is one such operator. This adversary, newly named by CrowdStrike, is associated with the development of ransomware variants including Cyclops, Knight, and RansomHub. They targeted hundreds of named victims between February 2024 and March 2025, according to CrowdStrike intelligence, and they focus on in...
2025-04-1029 minAdversary Universe PodcastNSOCKS: Insights into a Million-Dollar Residential Proxy ServiceWhen an adversary wants to target an organization, they want to make it look like they’re coming from a regional or local internet service provider. This makes their activity seem more legitimate and buys time until they get caught. Proxies, which adversaries can use to conceal the origin of malicious traffic, are essential to this process.
NSOCKS is a residential proxy provider that CrowdStrike researchers dug into to learn more about how it was constructed and proactively identify how adversaries were using it to mask their attacks. They found that a range of internet of...
2025-03-1331 minAdversary Universe PodcastNSOCKS: Insights into a Million-Dollar Residential Proxy ServiceWhen an adversary wants to target an organization, they want to make it look like they’re coming from a regional or local internet service provider. This makes their activity seem more legitimate and buys time until they get caught. Proxies, which adversaries can use to conceal the origin of malicious traffic, are essential to this process.
NSOCKS is a residential proxy provider that CrowdStrike researchers dug into to learn more about how it was constructed and proactively identify how adversaries were using it to mask their attacks. They found that a range of internet of...
2025-03-1331 minAdversary Universe PodcastChina’s Cyber Enterprise Grows: CrowdStrike 2025 Global Threat ReportChina’s cyber enterprise is rapidly growing: China-nexus activity was up 150% across industries in 2024, with a 200-300% surge in key sectors such as financial services, media, manufacturing, and industrials/engineering. CrowdStrike identified seven new China-nexus adversaries in 2024.
“After decades investing in offensive cyber capabilities, China has achieved parity with some of the top players out there, and I think that is the thing that should terrify everybody,” Adam says.
China-nexus threat actors aren’t the only ones evolving their cyber operations. As the CrowdStrike 2025 Global Threat Report shows, nation-state and eCrime adversaries spanning regions and skill lev...
2025-02-2734 minAdversary Universe PodcastChina’s Cyber Enterprise Grows: CrowdStrike 2025 Global Threat ReportChina’s cyber enterprise is rapidly growing: China-nexus activity was up 150% across industries in 2024, with a 200-300% surge in key sectors such as financial services, media, manufacturing, and industrials/engineering. CrowdStrike identified seven new China-nexus adversaries in 2024.
“After decades investing in offensive cyber capabilities, China has achieved parity with some of the top players out there, and I think that is the thing that should terrify everybody,” Adam says.
China-nexus threat actors aren’t the only ones evolving their cyber operations. As the CrowdStrike 2025 Global Threat Report shows, nation-state and eCrime adversaries spanning regions and skill lev...
2025-02-2734 minAdversary Universe PodcastCross-Domain Attacks: Know Them, Find Them, Stop ThemAdversaries have realized their time-honored attack methods involving clunky malware and malicious attachments are no longer working, largely due to endpoint detection and response tools alerting security teams to their activity. To improve their success rate, many are turning to cross-domain attacks.
Cross-domain attacks span multiple domains within an organization’s environment; namely, identity, endpoint and cloud. An adversary most often starts with a set of stolen credentials, which allows them to log in and operate under the guise of a legitimate employee. From there, they might target the cloud control plane to access more accounts or pi...
2024-12-1240 minAdversary Universe PodcastLIMINAL PANDA and the Implications of Global Telco TargetingOn Nov. 19, 2024, Adam testified in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. This was the first time he publicly spoke about LIMINAL PANDA, a China-nexus state-sponsored threat actor that has been targeting telecommunications organizations since at least 2020.
LIMINAL PANDA is a newly named adversary, but CrowdStrike has been tracking its activity for over three years. It uses custom tools and demonstrates extensive knowledge of telco networks, including the connections between providers. And it's not alone: There are multiple adversaries targeting telcos, with good...
2024-11-2739 minAdversary Universe PodcastLIMINAL PANDA and the Implications of Global Telco TargetingOn Nov. 19, 2024, Adam testified in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. This was the first time he publicly spoke about LIMINAL PANDA, a China-nexus state-sponsored threat actor that has been targeting telecommunications organizations since at least 2020.
LIMINAL PANDA is a newly named adversary, but CrowdStrike has been tracking its activity for over three years. It uses custom tools and demonstrates extensive knowledge of telco networks, including the connections between providers. And it's not alone: There are multiple adversaries targeting telcos, with good...
2024-11-2739 minAdversary Universe PodcastExploring Offensive Security with CrowdStrike Red TeamersIf a business wants to know what an adversary might be capable of, they can seek the help of a red team. These cybersecurity professionals are tasked with emulating adversary activity to achieve specific objectives in their clients’ environments. Their goal is to find an organization’s weaknesses — before a real adversary does — so it can strengthen its security posture. But what does a red team actually do, and who are the people on these teams?
In this episode, Cristian is joined by CrowdStrike Director of Professional Services Vincent Uguccioni and Professional Services Principal Consultant Brent Harrell to dive...
2024-11-0747 minAdversary Universe PodcastExploring Offensive Security with CrowdStrike Red TeamersIf a business wants to know what an adversary might be capable of, they can seek the help of a red team. These cybersecurity professionals are tasked with emulating adversary activity to achieve specific objectives in their clients’ environments. Their goal is to find an organization’s weaknesses — before a real adversary does — so it can strengthen its security posture. But what does a red team actually do, and who are the people on these teams?
In this episode, Cristian is joined by CrowdStrike Director of Professional Services Vincent Uguccioni and Professional Services Principal Consultant Brent Harrell to dive...
2024-11-0747 minAdversary Universe PodcastThe Latest in China-Taiwan Cyber TensionsChina and Taiwan have a long history of geopolitical tension that has evolved from land and sea to cyberspace. Relations between the two recently took an interesting turn when the Chinese Ministry of State Security (MSS) claimed hacktivist entity Anonymous 64 targeted China and its territories with attempted disinformation and public communication disruption. The Chinese government further alleged the activity was directed by the Taiwanese government, whose officials are investigating the activity and expressed the claims are false.
These allegations mark an interesting shift in the relations between China and Taiwan. In this episode, Adam and Cristian start...
2024-10-2433 minAdversary Universe PodcastThe Latest in China-Taiwan Cyber TensionsChina and Taiwan have a long history of geopolitical tension that has evolved from land and sea to cyberspace. Relations between the two recently took an interesting turn when the Chinese Ministry of State Security (MSS) claimed hacktivist entity Anonymous 64 targeted China and its territories with attempted disinformation and public communication disruption. The Chinese government further alleged the activity was directed by the Taiwanese government, whose officials are investigating the activity and expressed the claims are false.
These allegations mark an interesting shift in the relations between China and Taiwan. In this episode, Adam and Cristian start...
2024-10-2433 minAdversary Universe PodcastHow CrowdStrike Tracked INDRIK SPIDER from Origin to TakedownOn Oct. 1, 2024, an international law enforcement coalition announced the disruption of a senior member of INDRIK SPIDER, who was also an affiliate of the BITWISE SPIDER ransomware as a service operation. CrowdStrike often works with law enforcement to identify, track and stop cyber threats, and we played a key role in this operation.
In this episode, Adam and Cristian are joined by a member of CrowdStrike’s intelligence collection team to dive into the takedown, the years of cybercrime evolution that led to it and how CrowdStrike collects the intel that informs organizations and aids law enforcement ac...
2024-10-1053 minAdversary Universe PodcastHow CrowdStrike Tracked INDRIK SPIDER from Origin to TakedownOn Oct. 1, 2024, an international law enforcement coalition announced the disruption of a senior member of INDRIK SPIDER, who was also an affiliate of the BITWISE SPIDER ransomware as a service operation. CrowdStrike often works with law enforcement to identify, track and stop cyber threats, and we played a key role in this operation.
In this episode, Adam and Cristian are joined by a member of CrowdStrike’s intelligence collection team to dive into the takedown, the years of cybercrime evolution that led to it and how CrowdStrike collects the intel that informs organizations and aids law enforcement ac...
2024-10-1053 minAdversary Universe PodcastComing Soon to Las Vegas: Adversary Universe Previews #FalCon2024Next week marks the start of Fal.Con 2024. CrowdStrike’s annual conference brings together cybersecurity leaders and practitioners, as well as our customers and partners, in Las Vegas for four days of keynotes, breakout sessions, workshops and demos.
Adam and Cristian will both be speaking at this year’s show. In this episode, they share the talks they’re most excited about and how they tie into the broader threat landscape. Some sessions will dive into insights from the CrowdStrike Counter Adversary Operations team; some will explore how adversaries are using large language models (LLMs) and how to def...
2024-09-1214 minAdversary Universe PodcastComing Soon to Las Vegas: Adversary Universe Previews #FalCon2024Next week marks the start of Fal.Con 2024. CrowdStrike’s annual conference brings together cybersecurity leaders and practitioners, as well as our customers and partners, in Las Vegas for four days of keynotes, breakout sessions, workshops and demos.
Adam and Cristian will both be speaking at this year’s show. In this episode, they share the talks they’re most excited about and how they tie into the broader threat landscape. Some sessions will dive into insights from the CrowdStrike Counter Adversary Operations team; some will explore how adversaries are using large language models (LLMs) and how to def...
2024-09-1214 minAdversary Universe PodcastIntern Spotlight: Starting A Cyber Career with CrowdStrikeFor students aspiring to work in cybersecurity, sitting in a classroom isn’t enough to gain the skills and experience they need to succeed. Industry internships are invaluable opportunities to learn how security pros operate in the real world and understand the responsibilities each role requires.
CrowdStrike’s University Program welcomes interns across virtually every field to gain this real-world experience. This summer, David Feldman and Chandler McClellan interned for the CrowdStrike threat intelligence and Falcon Adversary OverWatch teams, respectively. Like many cybersecurity pros, both David and Chandler found their way into the industry after first exploring diff...
2024-08-2936 minAdversary Universe PodcastIntern Spotlight: Starting A Cyber Career with CrowdStrikeFor students aspiring to work in cybersecurity, sitting in a classroom isn’t enough to gain the skills and experience they need to succeed. Industry internships are invaluable opportunities to learn how security pros operate in the real world and understand the responsibilities each role requires.
CrowdStrike’s University Program welcomes interns across virtually every field to gain this real-world experience. This summer, David Feldman and Chandler McClellan interned for the CrowdStrike threat intelligence and Falcon Adversary OverWatch teams, respectively. Like many cybersecurity pros, both David and Chandler found their way into the industry after first exploring diff...
2024-08-2936 minAdversary Universe PodcastHunting the Rogue Insiders Operating for FAMOUS CHOLLIMAFAMOUS CHOLLIMA, a new adversary CrowdStrike is tracking, has recently made headlines for its insider threat activity. In April 2024, CrowdStrike Services responded to the first of several incidents in which FAMOUS CHOLLIMA threat actors targeted 30+ US-based companies. The insiders claimed to be US residents and were hired for remote IT positions, which granted them access they exploited to attempt data exfiltration, install malware and conduct other malicious activity. CrowdStrike has now informed more than 100 companies they have hired these threat actors as employees.
In this episode, Adam and Cristian dig into the details of who FAMOUS CHOLLIMA...
2024-08-2131 minAdversary Universe PodcastHunting the Rogue Insiders Operating for FAMOUS CHOLLIMAFAMOUS CHOLLIMA, a new adversary CrowdStrike is tracking, has recently made headlines for its insider threat activity. In April 2024, CrowdStrike Services responded to the first of several incidents in which FAMOUS CHOLLIMA threat actors targeted 30+ US-based companies. The insiders claimed to be US residents and were hired for remote IT positions, which granted them access they exploited to attempt data exfiltration, install malware and conduct other malicious activity. CrowdStrike has now informed more than 100 companies they have hired these threat actors as employees.
In this episode, Adam and Cristian dig into the details of who FAMOUS CHOLLIMA...
2024-08-2131 minAdversary Universe PodcastWhen the Adversary Knows They’re CaughtHow do adversaries react when they know they’re being tracked? How do they respond to organizations that are on to them — and how do they know what the defenders know?
In this episode, Adam and Cristian explore how adversary behavior shifts as their activity is discovered and tracked. Today’s adversaries carefully research their victims. They read corporate blog posts and craft their techniques based on the information defenders share. As this intelligence becomes more detailed, organizations like CrowdStrike are forced to consider an important question: How much information can they share when they know adversaries are lo...
2024-06-1334 minAdversary Universe PodcastWhen the Adversary Knows They’re CaughtHow do adversaries react when they know they’re being tracked? How do they respond to organizations that are on to them — and how do they know what the defenders know?
In this episode, Adam and Cristian explore how adversary behavior shifts as their activity is discovered and tracked. Today’s adversaries carefully research their victims. They read corporate blog posts and craft their techniques based on the information defenders share. As this intelligence becomes more detailed, organizations like CrowdStrike are forced to consider an important question: How much information can they share when they know adversaries are lo...
2024-06-1334 minAdversary Universe PodcastUnderstanding Social Engineering with Shelly Giesbrecht, Director, Professional ServicesSocial engineering is not a new threat — adversaries have long used psychological manipulation to gain access, money, information and more. But as we learn in this episode from Shelly Giesbrecht, Director of Professional Services at CrowdStrike, it remains a top cybersecurity challenge for all organizations.
Today’s social engineers are more convincing than ever. Gone are the days of clunky phishing emails rife with spelling errors. Modern social engineering attacks arrive as convincing and well-crafted text messages, emails and voice calls. They prey on human emotion and instinct, creating situations where technology can’t always help.
“It...
2024-05-2342 minAdversary Universe PodcastUnderstanding Social Engineering with Shelly Giesbrecht, Director, Professional ServicesSocial engineering is not a new threat — adversaries have long used psychological manipulation to gain access, money, information and more. But as we learn in this episode from Shelly Giesbrecht, Director of Professional Services at CrowdStrike, it remains a top cybersecurity challenge for all organizations.
Today’s social engineers are more convincing than ever. Gone are the days of clunky phishing emails rife with spelling errors. Modern social engineering attacks arrive as convincing and well-crafted text messages, emails and voice calls. They prey on human emotion and instinct, creating situations where technology can’t always help.
“It...
2024-05-2342 minAdversary Universe PodcastHacktivism and the JACKALs Behind ItThe rise of hacktivism — the use of hacking techniques to make a statement supporting a political or social cause — is often associated with the Occupy Wall Street movement and the Anonymous hacktivist collective. But the practice of hacking as a form of civil disobedience goes back to the 1990s. It has taken many forms in the years since, driven by a wide range of hacktivists around the world.
In this episode, Adam and Cristian trace the history of hacktivism to its early days, dive into high-profile examples and explain the practice of “faketivism” often used among nation-states. They sha...
2024-05-0937 minAdversary Universe PodcastHacktivism and the JACKALs Behind ItThe rise of hacktivism — the use of hacking techniques to make a statement supporting a political or social cause — is often associated with the Occupy Wall Street movement and the Anonymous hacktivist collective. But the practice of hacking as a form of civil disobedience goes back to the 1990s. It has taken many forms in the years since, driven by a wide range of hacktivists around the world.
In this episode, Adam and Cristian trace the history of hacktivism to its early days, dive into high-profile examples and explain the practice of “faketivism” often used among nation-states. They sha...
2024-05-0937 minAdversary Universe PodcastBuilding a Strong Threat Hunting Program with Andrew MunchbachOrganizations fear adversaries will attack. Threat hunters assume adversaries are already in the system — and their investigations seek unusual behavior that may indicate malicious activity is afoot.
Andrew Munchbach, CrowdStrike’s Global VP, Field Engineering, joins Adam and Cristian in this week’s episode to explore what threat hunting is, how it works, and what makes a good threat hunting program.
As CrowdStrike’s “Chief Reddit Officer”, Andrew also shares how he came to run CrowdStrike’s Reddit account and discusses the platform’s evolving role in communicating with the security community. Now with nearly 20,000 followers, Crowd...
2024-04-2536 minAdversary Universe PodcastBuilding a Strong Threat Hunting Program with Andrew MunchbachOrganizations fear adversaries will attack. Threat hunters assume adversaries are already in the system — and their investigations seek unusual behavior that may indicate malicious activity is afoot.
Andrew Munchbach, CrowdStrike’s Global VP, Field Engineering, joins Adam and Cristian in this week’s episode to explore what threat hunting is, how it works, and what makes a good threat hunting program.
As CrowdStrike’s “Chief Reddit Officer”, Andrew also shares how he came to run CrowdStrike’s Reddit account and discusses the platform’s evolving role in communicating with the security community. Now with nearly 20,000 followers, Crowd...
2024-04-2536 minAdversary Universe PodcastAdversary Attribution: What It Means and How It WorksToday’s conversation explores a common question around adversary activity: Why does attribution matter? When a cyberattack hits, why go to the trouble of learning who is behind it? Each attempt at an intrusion can reveal a lot about an adversary — who they are, what they’re doing and what their motivations may be.
This information can not only inform your response to an attack but how you strengthen your security architecture against future attacks. In this episode, Adam and Cristian discuss the importance of knowing who the adversary is and what they’re after.
They go...
2024-04-1149 minAdversary Universe PodcastAdversary Attribution: What It Means and How It WorksToday’s conversation explores a common question around adversary activity: Why does attribution matter? When a cyberattack hits, why go to the trouble of learning who is behind it? Each attempt at an intrusion can reveal a lot about an adversary — who they are, what they’re doing and what their motivations may be.
This information can not only inform your response to an attack but how you strengthen your security architecture against future attacks. In this episode, Adam and Cristian discuss the importance of knowing who the adversary is and what they’re after.
They go...
2024-04-1149 minAdversary Universe PodcastLIVE from Gov Threat Summit: A Chat with Morgan Adamski, Chief of the NSA’s Cybersecurity Collaboration CenterThe National Security Agency’s Cybersecurity Collaboration Center (CCC) was created based on a growing need for the public and private sectors to work together and share insights to understand adversaries’ intentions, as well as the scope and scale of their activity. In this special episode of the Adversary Universe podcast, Adam and Cristian are joined by Morgan Adamski, Chief of the CCC and government security expert, onstage at CrowdStrike’s Gov Threat Summit in Washington, D.C.
“We both had different pieces of the puzzle,” said Adamski of the NSA and private sector organizations, which collect different...
2024-03-2825 minAdversary Universe PodcastLIVE from Gov Threat Summit: A Chat with Morgan Adamski, Chief of the NSA’s Cybersecurity Collaboration CenterThe National Security Agency’s Cybersecurity Collaboration Center (CCC) was created based on a growing need for the public and private sectors to work together and share insights to understand adversaries’ intentions, as well as the scope and scale of their activity. In this special episode of the Adversary Universe podcast, Adam and Cristian are joined by Morgan Adamski, Chief of the CCC and government security expert, onstage at CrowdStrike’s Gov Threat Summit in Washington, D.C.
“We both had different pieces of the puzzle,” said Adamski of the NSA and private sector organizations, which collect different...
2024-03-2825 minAdversary Universe PodcastCrowdStrike CSO Shawn Henry on Election Security, Nation-State Threats and His FBI CareerCrowdStrike Chief Security Officer Shawn Henry joined CrowdStrike as employee number 19 after a 24-year career at the FBI, where he retired as the Bureau’s Executive Assistant Director.
Today, he joins Adam and Cristian for a wide-ranging conversation exploring his early days at CrowdStrike and transition to the private sector, his perspective on the 2016 DNC breach and the risks modern elections face. Adversaries have numerous opportunities to sway voters’ opinions — and now they have the technology to wield greater influence through misinformation and disinformation campaigns.
“I think we've just scratched the surface with AI from a deepfa...
2024-03-1444 minAdversary Universe PodcastCrowdStrike CSO Shawn Henry on Election Security, Nation-State Threats and His FBI CareerCrowdStrike Chief Security Officer Shawn Henry joined CrowdStrike as employee number 19 after a 24-year career at the FBI, where he retired as the Bureau’s Executive Assistant Director.
Today, he joins Adam and Cristian for a wide-ranging conversation exploring his early days at CrowdStrike and transition to the private sector, his perspective on the 2016 DNC breach and the risks modern elections face. Adversaries have numerous opportunities to sway voters’ opinions — and now they have the technology to wield greater influence through misinformation and disinformation campaigns.
“I think we've just scratched the surface with AI from a deepfa...
2024-03-1444 minAdversary Universe PodcastA Human at the Keyboard: CrowdStrike Reports 60% Jump in Interactive IntrusionsThe days of automated cyberattacks are dwindling: last year CrowdStrike saw a 60% jump in interactive intrusions, a type of attack in which a human is on the other side, working to break in and navigating their target environment as soon as they gain access. Most (75% of) attacks in 2023 didn’t involve malware at all — in nearly all cases, the adversary relied on identity-related techniques or exploited an unmanaged device.
The threat landscape is constantly evolving as adversaries explore new tactics. And as the CrowdStrike 2024 Global Threat Report shows, a lot can change in a year. We’re seeing more adversaries, operati...
2024-02-2235 minAdversary Universe PodcastA Human at the Keyboard: CrowdStrike Reports 60% Jump in Interactive IntrusionsThe days of automated cyberattacks are dwindling: last year CrowdStrike saw a 60% jump in interactive intrusions, a type of attack in which a human is on the other side, working to break in and navigating their target environment as soon as they gain access. Most (75% of) attacks in 2023 didn’t involve malware at all — in nearly all cases, the adversary relied on identity-related techniques or exploited an unmanaged device.
The threat landscape is constantly evolving as adversaries explore new tactics. And as the CrowdStrike 2024 Global Threat Report shows, a lot can change in a year. We’re seeing more adversaries, operati...
2024-02-2235 minAdversary Universe PodcastThe Dark Personality Traits Fueling CybercrimeCrowdStrike has long said, “You don’t have a malware problem — you have an adversary problem.” Much like we analyze the malware and tools used in cyberattacks, we must also learn about the people who orchestrate them.
Adam and Cristian are joined by Cameron Malin, a behavioral profiler who specializes in understanding adversaries and the “why” behind their activity. Cameron built the FBI’s Cyber Behavioral Analysis Unit, which works to understand the motivations for cybercrime across different types of offenses and has focused for years on exploring why adversaries do what they do. In this episode, he discusses h...
2024-02-1545 minAdversary Universe PodcastThe Dark Personality Traits Fueling CybercrimeCrowdStrike has long said, “You don’t have a malware problem — you have an adversary problem.” Much like we analyze the malware and tools used in cyberattacks, we must also learn about the people who orchestrate them.
Adam and Cristian are joined by Cameron Malin, a behavioral profiler who specializes in understanding adversaries and the “why” behind their activity. Cameron built the FBI’s Cyber Behavioral Analysis Unit, which works to understand the motivations for cybercrime across different types of offenses and has focused for years on exploring why adversaries do what they do. In this episode, he discusses h...
2024-02-1545 minAdversary Universe PodcastDemystifying North Korea: Why the "Hermit Kingdom" Is a Cyber Threat to WatchThough the inner workings of North Korea remain a mystery to much of the world, its global cyber activity has been tracked and analyzed for years. CrowdStrike’s Counter Adversary Operations team, which tracks five North Korean threat actors, has a unique perspective on the country’s evolution as a global cybersecurity threat and the many ways it has used cyber capabilities to achieve its goals.
In this episode, Adam and Cristian trace the history of North Korean cyber operations from its early days of destructive attacks to its focus on financial gain and espionage. Tune in for...
2024-02-0139 minAdversary Universe PodcastDemystifying North Korea: Why the "Hermit Kingdom" Is a Cyber Threat to WatchThough the inner workings of North Korea remain a mystery to much of the world, its global cyber activity has been tracked and analyzed for years. CrowdStrike’s Counter Adversary Operations team, which tracks five North Korean threat actors, has a unique perspective on the country’s evolution as a global cybersecurity threat and the many ways it has used cyber capabilities to achieve its goals.
In this episode, Adam and Cristian trace the history of North Korean cyber operations from its early days of destructive attacks to its focus on financial gain and espionage. Tune in for...
2024-02-0139 minAdversary Universe PodcastAI Through the Defender’s Lens: A Chat with CrowdStrike’s Global CTOCristian is joined by CrowdStrike Global CTO Elia Zaitsev to revisit the world of AI and large language models (LLMs), this time from the perspective of modern defenders.
While this space has seen explosive growth in the past year, most organizations are still working to determine how LLM technology fits into their cybersecurity strategies. In this episode, Cristian and Elia unpack the rapid evolution of AI models — a trend the two consider both exciting and frightening — and examine how LLMs are empowering defenders, their effect on automation in the enterprise and why humans will continue to be part...
2024-01-1841 minAdversary Universe PodcastAI Through the Defender’s Lens: A Chat with CrowdStrike’s Global CTOCristian is joined by CrowdStrike Global CTO Elia Zaitsev to revisit the world of AI and large language models (LLMs), this time from the perspective of modern defenders.
While this space has seen explosive growth in the past year, most organizations are still working to determine how LLM technology fits into their cybersecurity strategies. In this episode, Cristian and Elia unpack the rapid evolution of AI models — a trend the two consider both exciting and frightening — and examine how LLMs are empowering defenders, their effect on automation in the enterprise and why humans will continue to be part...
2024-01-1841 minAdversary Universe PodcastInside Russia’s Laboratory of Cyber Operations — and BeyondIn mid-December 2023, an adversary CrowdStrike tracks as VOODOO BEAR targeted Ukrainian telecom provider Kyivstar, wreaking havoc and disrupting thousands of systems and assets.
The Russia-linked adversary has for years treated Ukraine as its “lab of offensive cyber operations”, testing attack techniques and demonstrating the destructive behavior it has become known for since it emerged in late 2010.
In this episode, Adam and Cristian dive into the details of the recent Kyivstar attack and how it aligns with VOODOO BEAR’s history of disruptive cyberattacks, both in Ukraine and around the world. They also pull back the curtai...
2024-01-1141 minAdversary Universe PodcastInside Russia’s Laboratory of Cyber Operations — and BeyondIn mid-December 2023, an adversary CrowdStrike tracks as VOODOO BEAR targeted Ukrainian telecom provider Kyivstar, wreaking havoc and disrupting thousands of systems and assets.
The Russia-linked adversary has for years treated Ukraine as its “lab of offensive cyber operations”, testing attack techniques and demonstrating the destructive behavior it has become known for since it emerged in late 2010.
In this episode, Adam and Cristian dive into the details of the recent Kyivstar attack and how it aligns with VOODOO BEAR’s history of disruptive cyberattacks, both in Ukraine and around the world. They also pull back the curtai...
2024-01-1141 minAdversary Universe PodcastInside the ”Alphabet Soup” of Incident Reporting RegulationsOrganizations around the world must navigate a growing number of cyber incident reporting regulations mandated by government bodies.
In the U.S., these regulations come from agencies including the Securities and Exchange Commission (SEC), Federal Trade Commission (FTC), Cybersecurity and Infrastructure Security Agency (CISA) and others. This “alphabet soup” of regulations, as Cristian puts it, can be tough for businesses to understand and follow — especially as the threat landscape evolves and compliance requirements change.
In this episode, Cristian is joined by Drew Bagley, VP and Counsel for Privacy and Policy at CrowdStrike, to dig into the de...
2023-12-1456 minAdversary Universe PodcastInside the ”Alphabet Soup” of Incident Reporting RegulationsOrganizations around the world must navigate a growing number of cyber incident reporting regulations mandated by government bodies.
In the U.S., these regulations come from agencies including the Securities and Exchange Commission (SEC), Federal Trade Commission (FTC), Cybersecurity and Infrastructure Security Agency (CISA) and others. This “alphabet soup” of regulations, as Cristian puts it, can be tough for businesses to understand and follow — especially as the threat landscape evolves and compliance requirements change.
In this episode, Cristian is joined by Drew Bagley, VP and Counsel for Privacy and Policy at CrowdStrike, to dig into the de...
2023-12-1456 minAdversary Universe PodcastData Extortion Dethrones Ransomware as the Threat to WatchToday’s adversaries are working smarter, not harder — and it’s clear in the way their tactics are evolving.
In this episode, Adam and Cristian explore the way adversaries are shifting their focus to data extortion. Instead of deploying noisy ransomware, more threat actors are quietly stealing data and threatening to publicly leak it if they’re not paid. Tune in to learn what’s driving this change, why data extortion is successful and what it means for organizations of all sizes and industries.
Get your copy of the CrowdStrike 2023 Overwatch Threat Hunting Report.
Read t...
2023-11-3025 minAdversary Universe PodcastData Extortion Dethrones Ransomware as the Threat to WatchToday’s adversaries are working smarter, not harder — and it’s clear in the way their tactics are evolving.
In this episode, Adam and Cristian explore the way adversaries are shifting their focus to data extortion. Instead of deploying noisy ransomware, more threat actors are quietly stealing data and threatening to publicly leak it if they’re not paid. Tune in to learn what’s driving this change, why data extortion is successful and what it means for organizations of all sizes and industries.
Get your copy of the CrowdStrike 2023 Overwatch Threat Hunting Report.
Read t...
2023-11-3025 minAdversary Universe PodcastUrgent Care Required: The State of Healthcare CybersecurityAt a time when breaches make headlines daily, the healthcare sector is among the most popular adversary targets.
Cyberattacks against healthcare organizations have spiked in recent years, disrupting patient care, jeopardizing safety and privacy, and obstructing compliance with industry regulations. In this episode, Cristian is joined by Dennis Egan, director of healthcare services for CrowdStrike, and Drex DeFord, executive healthcare strategist at CrowdStrike, to discuss the impact of cyber threats against healthcare, challenges we see in the space, the urgent need for healthcare providers to strengthen their security and the steps they should take to defend against...
2023-11-1647 minAdversary Universe PodcastUrgent Care Required: The State of Healthcare CybersecurityAt a time when breaches make headlines daily, the healthcare sector is among the most popular adversary targets.
Cyberattacks against healthcare organizations have spiked in recent years, disrupting patient care, jeopardizing safety and privacy, and obstructing compliance with industry regulations. In this episode, Cristian is joined by Dennis Egan, director of healthcare services for CrowdStrike, and Drex DeFord, executive healthcare strategist at CrowdStrike, to discuss the impact of cyber threats against healthcare, challenges we see in the space, the urgent need for healthcare providers to strengthen their security and the steps they should take to defend against...
2023-11-1647 minAdversary Universe PodcastIran’s Rise from Nascent Threat Actor to Global Adversary“Iran’s digital presence is something we don’t want to underestimate.”
Though its cyber activity has been making headlines during a dynamic past few weeks, Iran’s history as a major player in the threat landscape spans decades. In this episode, Adam and Cristian take you back to the days of Stuxnet and trace Iran’s evolution from nascent threat actor to prominent nation-state adversary. Tune in to learn how hacktivism has played a role in its history, why CrowdStrike uses “KITTEN” to categorize adversaries who operate on behalf of Iran, and how key political events and cyber threat...
2023-11-0949 minAdversary Universe PodcastIran’s Rise from Nascent Threat Actor to Global Adversary“Iran’s digital presence is something we don’t want to underestimate.”
Though its cyber activity has been making headlines during a dynamic past few weeks, Iran’s history as a major player in the threat landscape spans decades. In this episode, Adam and Cristian take you back to the days of Stuxnet and trace Iran’s evolution from nascent threat actor to prominent nation-state adversary. Tune in to learn how hacktivism has played a role in its history, why CrowdStrike uses “KITTEN” to categorize adversaries who operate on behalf of Iran, and how key political events and cyber threat...
2023-11-0949 minAdversary Universe PodcastInside China’s Evolution as a Global Security ThreatChina is the source of some of the most prolific and aggressive nation-state cyber activity organizations face.
Every business vertical, across every geography, is affected by China’s unrelenting focus on growth and power. In this episode, Adam and Cristian take you through the evolution of Chinese threat activity from the early 2010s through today, closely examining the myriad ways they seek to build influence, the industries they target along the way and the threat actors linked to Chinese cyberattacks.
Additional resources:
Download your copy of the 2023 Global Threat Report
Get your custom threat lan...
2023-11-0245 minAdversary Universe PodcastInside China’s Evolution as a Global Security ThreatChina is the source of some of the most prolific and aggressive nation-state cyber activity organizations face.
Every business vertical, across every geography, is affected by China’s unrelenting focus on growth and power. In this episode, Adam and Cristian take you through the evolution of Chinese threat activity from the early 2010s through today, closely examining the myriad ways they seek to build influence, the industries they target along the way and the threat actors linked to Chinese cyberattacks.
Additional resources:
Download your copy of the 2023 Global Threat Report
Get your custom threat lan...
2023-11-0245 minAdversary Universe PodcastHave You Been Breached?A cyberattack is any security team’s worst nightmare — but the earlier a breach is detected, the faster you can respond and mitigate the damage.
In this episode, we’ll share the warning signs that could indicate a breach has occurred, the immediate next steps to take in the incident response process, and why having the right data is essential to a successful recovery.
Please note that all references to "Falcon" in this episode refer to the CrowdStrike Falcon® platform.
2023-10-1938 minAdversary Universe PodcastHave You Been Breached?A cyberattack is any security team’s worst nightmare — but the earlier a breach is detected, the faster you can respond and mitigate the damage.
In this episode, we’ll share the warning signs that could indicate a breach has occurred, the immediate next steps to take in the incident response process, and why having the right data is essential to a successful recovery.
Please note that all references to "Falcon" in this episode refer to the CrowdStrike Falcon® platform.
2023-10-1938 minAdversary Universe PodcastInside the AI, Cloud and Platform Innovations Previewed at Fal.Con 2023Adversaries are moving and innovating at a rapid pace — but so are we.
In this bonus episode, Adam and Cristian chat about the biggest announcements from Fal.Con, CrowdStrike’s annual conference, which took place last week in Las Vegas. Tune in to hear their take on new and developing technologies like Charlotte AI Investigator and Falcon Foundry, why they’re excited about the Bionic acquisition and some of the standout moments in an action-packed week.
Some brief disclaimers about products discussed in this episode:
Charlotte AI is a text-based interface in the Falcon platfo...
2023-09-2922 minAdversary Universe PodcastInside the AI, Cloud and Platform Innovations Previewed at Fal.Con 2023Adversaries are moving and innovating at a rapid pace — but so are we.
In this bonus episode, Adam and Cristian chat about the biggest announcements from Fal.Con, CrowdStrike’s annual conference, which took place last week in Las Vegas. Tune in to hear their take on new and developing technologies like Charlotte AI Investigator and Falcon Foundry, why they’re excited about the Bionic acquisition and some of the standout moments in an action-packed week.
Some brief disclaimers about products discussed in this episode:
Charlotte AI is a text-based interface in the Falcon platfo...
2023-09-2922 minAdversary Universe PodcastRansomware Actors Mark Their Calendars for Back-to-SchoolSchool is back in session — and adversaries have already done their homework.
They know educational institutions often lack the resources and expertise to keep up with the wave of ransomware, data extortion and other attacks pummeling their systems. Cristian and Adam examine why schools are a common target, the threats they face and how they can best defend themselves. In this episode, we also hear from special guest Jason Rooks, CIO at Parkway School District, who shares his perspective on fighting modern threats and creating a culture of cybersecurity.
Learn More:
The...
2023-09-0748 minAdversary Universe PodcastRansomware Actors Mark Their Calendars for Back-to-SchoolSchool is back in session — and adversaries have already done their homework.
They know educational institutions often lack the resources and expertise to keep up with the wave of ransomware, data extortion and other attacks pummeling their systems. Cristian and Adam examine why schools are a common target, the threats they face and how they can best defend themselves. In this episode, we also hear from special guest Jason Rooks, CIO at Parkway School District, who shares his perspective on fighting modern threats and creating a culture of cybersecurity.
Learn More:
The...
2023-09-0748 minAdversary Universe PodcastInvisible Threats: Discovering, Tracking and Mitigating VulnerabilitiesVulnerabilities are the unlocked doors allowing adversaries a foothold into your organization.
Left unpatched, they provide an entryway for intruders to break in, move laterally and wreak havoc. This episode shares everything you want to know about vulnerability intelligence: What types of vulnerabilities are most common? How should organizations prioritize patching? What is an n-day flaw? Learn the answers to these questions, and more, from Adam, Cristian, and special guest Nina Padavil, Solutions Engineer and Threat Advisor at CrowdStrike.
Learn more about External Attack Surface Management challenges and recommendations: https://www.crowdstrike.com/cybersecurity-101/external-attack-surface-management/
2023-08-2434 minAdversary Universe PodcastInvisible Threats: Discovering, Tracking and Mitigating VulnerabilitiesVulnerabilities are the unlocked doors allowing adversaries a foothold into your organization.
Left unpatched, they provide an entryway for intruders to break in, move laterally and wreak havoc. This episode shares everything you want to know about vulnerability intelligence: What types of vulnerabilities are most common? How should organizations prioritize patching? What is an n-day flaw? Learn the answers to these questions, and more, from Adam, Cristian, and special guest Nina Padavil, Solutions Engineer and Threat Advisor at CrowdStrike.
Learn more about External Attack Surface Management challenges and recommendations: https://www.crowdstrike.com/cybersecurity-101/external-attack-surface-management/
2023-08-2434 minAdversary Universe PodcastIntel-Led Threat Hunting with CrowdStrike Counter Adversary Operations“Scary and incredible.” “Terrifying.”
Adam and Cristian dig into new data from CrowdStrike’s recently formed Counter Adversary Operations Unit. A new report reveals adversaries are growing faster and smarter, with a focus on collecting identities and pilfering cloud environments.
In this episode, learn what’s behind the massive 583% year-over-year jump in Kerberoasting attacks and the 147% jump in access broker ads, as well as how to keep up with adversaries with breakout times down to 79 minutes.
Learn more:
Get your copy of the CrowdStrike 2023 Overwatch Threat Hunting Report: crowdstrike.com/threat-hunting-report
2023-08-1023 minAdversary Universe PodcastIntel-Led Threat Hunting with CrowdStrike Counter Adversary Operations“Scary and incredible.” “Terrifying.”
Adam and Cristian dig into new data from CrowdStrike’s recently formed Counter Adversary Operations Unit. A new report reveals adversaries are growing faster and smarter, with a focus on collecting identities and pilfering cloud environments.
In this episode, learn what’s behind the massive 583% year-over-year jump in Kerberoasting attacks and the 147% jump in access broker ads, as well as how to keep up with adversaries with breakout times down to 79 minutes.
Learn more:
Get your copy of the CrowdStrike 2023 Overwatch Threat Hunting Report: crowdstrike.com/threat-hunting-report
2023-08-1023 minAdversary Universe PodcastIs Microsoft’s Monoculture a National Security Risk?Multiple U.S. government agencies were recently breached after adversaries exploited vulnerabilities in Microsoft’s Azure Active Directory. With Microsoft vulnerabilities at the heart of some of the worst breaches in recent history, many in the cybersecurity industry are beginning to wonder: Do the dangers of the Microsoft monoculture outweigh the benefits?
In this special bonus episode, Adam and Cristian break down this breach and examine the history of breaches exploiting Microsoft technology on their path to answer a pivotal question: Has Microsoft's monoculture become a national security risk?
Learn more:
Your choice of...
2023-08-0321 minAdversary Universe PodcastIs Microsoft’s Monoculture a National Security Risk?Multiple U.S. government agencies were recently breached after adversaries exploited vulnerabilities in Microsoft’s Azure Active Directory. With Microsoft vulnerabilities at the heart of some of the worst breaches in recent history, many in the cybersecurity industry are beginning to wonder: Do the dangers of the Microsoft monoculture outweigh the benefits?
In this special bonus episode, Adam and Cristian break down this breach and examine the history of breaches exploiting Microsoft technology on their path to answer a pivotal question: Has Microsoft's monoculture become a national security risk?
Learn more:
Your choice of...
2023-08-0321 minAdversary Universe PodcastCloud is the New BattlegroundMost organizations rely on cloud services or infrastructure to power their day-to-day operations — and adversaries know it. In this episode, we’ll explore how threat actors use the cloud to their advantage: how they breach cloud environments, the actions they take once they’re in, and the ways they use the cloud as a tool in their attacks. We’ll also discuss how organizations often unknowingly put their cloud environments at risk and the steps they can take to strengthen their cloud security.
The cloud is the new attack surface. Get an overview of today’s cloud thr...
2023-07-2724 minAdversary Universe PodcastCloud is the New BattlegroundMost organizations rely on cloud services or infrastructure to power their day-to-day operations — and adversaries know it. In this episode, we’ll explore how threat actors use the cloud to their advantage: how they breach cloud environments, the actions they take once they’re in, and the ways they use the cloud as a tool in their attacks. We’ll also discuss how organizations often unknowingly put their cloud environments at risk and the steps they can take to strengthen their cloud security.
The cloud is the new attack surface. Get an overview of today’s cloud thr...
2023-07-2724 minAdversary Universe PodcastWho is the Adversary?Behind every cyberattack, there is an adversary. These adversaries target organizations large and small, across all industries, to steal money, information and more from their victims.
Understanding these adversaries can help you protect your business — and we’re here to help. In the first episode of the Adversary Universe Podcast, we introduce you to our expert hosts, Adam Meyers and Cristian Rodriguez, and begin to tell the story of modern adversaries: who they are, how they’re tracked, and why you should learn more about them.
Additional resources:
Learn more about the podcast: https://www.cr...
2023-07-1324 minAdversary Universe PodcastWho is the Adversary?Behind every cyberattack, there is an adversary. These adversaries target organizations large and small, across all industries, to steal money, information and more from their victims.
Understanding these adversaries can help you protect your business — and we’re here to help. In the first episode of the Adversary Universe Podcast, we introduce you to our expert hosts, Adam Meyers and Cristian Rodriguez, and begin to tell the story of modern adversaries: who they are, how they’re tracked, and why you should learn more about them.
Additional resources:
Learn more about the podcast: https://www.cr...
2023-07-1324 minAdversary Universe PodcastAdversary Universe Podcast TrailerWelcome to the Adversary Universe podcast, the best place to learn about the threat actors behind today’s cyberattacks.
We’ll dig deep into the adversaries we’re tracking here at CrowdStrike, the tactics and techniques they employ, threats we’ve seen in the wild, and most importantly, how all of this information can help you better defend your organization.
2023-06-2901 minAdversary Universe PodcastAdversary Universe Podcast TrailerWelcome to the Adversary Universe podcast, the best place to learn about the threat actors behind today’s cyberattacks.
We’ll dig deep into the adversaries we’re tracking here at CrowdStrike, the tactics and techniques they employ, threats we’ve seen in the wild, and most importantly, how all of this information can help you better defend your organization.
2023-06-2901 min
On Protect BrasilEpisódio 8 - Cibersegurança vs Lei de Proteção de dadosThiago Silva, responsável pelo atendimento ao Governo Brasileiro na Crowdstrike, entrevista Mauro César Sobrinho, expert em segurança da informação. Neste episódio, vamos bater um papo sobre a Cibersegurança vs Lei de Proteção de dados e a transformação digital sobre a ótica da privacidade. Site: https://www.crowdstrike.com.br/
2021-09-3034 min
On Protect BrasilEpisódio 7 - Transformação digital: o papel da cibersegurança para as operações empresariaisNeste episódio, Vinícius Uyeda recebe Luiz Eduardo Ritzmann, CIO da Arteris, empresa que gerencia grandes rodovias brasileiras e vem passando por uma impactante transformação digital. Ritzmann nos conta como a cibersegurança se tornou crucial para a operação dos negócios e sobre os caminhos para estruturar uma companhia, em meio à digitalização de serviços e a evolução tecnológica, que só tendem a crescer.Saiba mais em https://www.crowdstrike.com.br/ e https://www.arteris.com.br/
2021-08-2428 min
On Protect BrasilEpisódio 6 - Cibersegurança na aquisição de bens e serviços no setor de PetróleoFrancis Barros, Account Executive da CrowdStrike Brasil, conversa com Ricardo Salvatore. Gerente de Tecnologia e Segurança na Petronect e Mestre em Ciência da Computação pela Naval Postgraduate School (NPS), Ricardo tem mais de 15 anos de experiência em Governança de TI e Gestão de Segurança da Informação no setor público e privado. Neste episódio, vamos bater um papo sobre as tendências, ameaças e os desafios para impedir ataques no trabalho remoto.Site: https://www.crowdstrike.com.br/
2021-08-0521 min
On Protect BrasilEpisódio 5 - Saindo do tradicional para Next GenO Relatório Global de Ameaças 2021 da CrowdStrike revela que os números de ataques ransomware aumentaram no último ano. A fim de ajudar empresas na identificação, prevenção e resposta às ameaças cibernéticas, a EY Brasil acaba de firmar parceria com a CrowdStrike.A Ey Brasil exerce um trabalho a fim de ajudar a proteger os negócios de seus clientes, construindo uma base de cibersegurança. Por meio de seus serviços de consultoria transformacional, a EY contribui para a construção da confiança nos mercados de capitais e nas economias de todo...
2021-07-2122 min
On Protect BrasilEpisódio 3 - Como a cibersegurança impacta o mercado de HealthTechNeste terceiro episódio do On Protect, André Ceron, que já participou da implementação do Crowdstrike Falcon em duas empresas, nos conta como foi a experiência em uma startup de saúde, além dos desafios do setor. O On Protect é o podcast que te atualiza sobre o universo da cibersegurança, diretamente de onde os ataques terminam.
2021-05-2819 min
On Protect BrasilEpisódio 2 - Os desafios da cibersegurança para o setor financeiro!Neste segundo episódio do On Protect, trazemos Mário Izaias, Account Manager da CrowdStrike, e Deocleciano Francisco da Costa - Security Office do banco ABC, para uma conversa sobre o cenário de cibersegurança no setor financeiro.O estudo Percepção do Risco Cibernético na América Latina em tempos de COVID-19 revela que apenas 16% das empresas brasileiras aumentaram seu orçamento em cibersegurança durante a pandemia. Apesar do baixo número, 30% das organizações afirmaram ter sofrido mais ataques. A maioria dos ataques cibernéticos de hoje tem como alvo uma vítima comum: as in...
2021-04-2826 min
On Protect BrasilIA + Cyber Security = cibersegurança ao quadradoFrancis Barros (Account Executive Brazil na CrowdStrike) e Fernando Polla (CISO na Grupo Yamaha Brasil), juntam-se a nós em uma conversa sobre inteligência artificial e cibersegurança. Será essa a equação perfeita para a gestão da SI? Confira neste episódio!
2021-03-2322 min