Shows
ShadowTalk: Powered by ReliaQuestDo You Really Need IOCs? Plus Zero-Day Exploits, AI Data Leaks, and Phishing for VIPsResources: https://linktr.ee/ReliaQuestShadowTalkEver wondered if IOCs are still relevant in a world of polymorphic malware and zero-day exploits? Join host Kim along with intelligence analyst Joey and threat hunter Tristan as they discuss:North American APT Targets China (1:25)Chatbot Exposes Thousands of Job Applications (4:57)New Phishing Campaign Targets VIPs (7:17)How IOCs are Used in Modern Threat Hunting (10:07)Kim Bromley: Kim Bromley is a Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host...2025-07-1623 minShadowTalk: Powered by ReliaQuestSafePay Ransomware Rises, North Korea Adopts ClickFixResources: https://linktr.ee/ReliaQuestShadowTalkHave you heard of SafePay ransomware? Join host Kim along with intelligence analysts Hayden and John as they discuss:SafePay Targets Ingram Micro (1:16)Updates on Iran-Israel (5:43)North Korea Adopts ClickFix & Attacks Web3 (8:24)Insights from ReliaQuest Customer Incidents (13:14)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.H...2025-07-0924 minShadowTalk: Powered by ReliaQuestCitrix Bleed 2, Scattered Spider Hits AviationResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts Ivan and John as they discuss:Citrix Bleed 2Scattered Spider Hits Aviation From ClickFix to FileFixRansomware Threats from Q2Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Ivan Righi: Threat Intelligence Analyst at ReliaQuest, specializing in technical cy...2025-07-0226 minShadowTalk: Powered by ReliaQuestAnalyzing Iran-Israel Cyber Threats, New Scattered Spider Attack ChainResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with Intelligence Analyst Hayden and Threat Hunter Leo as they discuss:New Scattered Spider Attack ChainIsrael and Iran Cyber Threat Deep DiveTop Iran-linked Threat Groups & How to MitigateKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Hayden Evans: Cyber Threat I...2025-06-2534 minShadowTalk: Powered by ReliaQuestIsrael-Iran Cyber Warfare, Anubis Ransomware, and More Attacker TrendsResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analyst Joey and detection engineer Marken as they discuss:Anubis Ransomware Wiper CapabilityTeamfiltration Pentesting ToolCyber Implications of Israel-Iran ConflictThe Most Up to Date Attacker TrendsKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder: Threat Detection Engineer a...2025-06-1836 minShadowTalk: Powered by ReliaQuestBlack Basta's Enduring Legacy, Qilin Exploits Fortinet FlawsResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts Alex and John as they discuss:The Enduring Legacy of Black BastaQilin's Exploitation of Fortinet FlawsVishing for Salesforce DataAtomic Stealer x ClickFix CampaignKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Alexander Capraro: Cyber Threat Intelligence Analyst a...2025-06-1129 minShadowTalk: Powered by ReliaQuestScattered Spider's Evolving Playbook, SentinelOne OutageResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts Joey and Alex as they discuss:Scattered Spider's Focus on Tech VendorsHow APT41 Abuses Google Calendar for C2The SentinelOne OutageA New Void Blizzard Espionage CampaignKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Joseph Keyes: Cyber T...2025-06-0427 minShadowTalk: Powered by ReliaQuestSPECIAL: How Russian Market Fuels Credential-Based AttacksResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts Joey and Alex as they discuss:Factors Driving Russian Market's PopularityAttackers' Favorite InfostealersInfostealer Attack PathsMain Types and Exclusivity of Stolen LogsKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, s...2025-05-2844 minShadowTalk: Powered by ReliaQuestThe Threat Evolution: SAP Exploits, SEO Poisoning, and SkitNet MalwareResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Joey along with intelligence analysts John and Hayden as they discuss:ReliaQuest's investigation into hijacked routers and SEO poisoning fueling payroll heistsNation-state actors leveraging the SAP NetWeaver vulnerability en masseA new "Defendnot" tool that tricks Windows Defender into disabling itselfRansomware groups using a stealthy post-exploitation malwareJoseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools...2025-05-2129 minShadowTalk: Powered by ReliaQuestWill US Politics Reshape Russian Cyber Threats?Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts Joey and Hayden as they discuss:ReliaQuest's Forecast for How US Policy will Impact Russia-linked Cyber ThreatsInfostealers Spread by Fake AI Video GeneratorsKickidler Abuse by Ransomware GroupsFBI Takedown of Huge BotnetKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.2025-05-1427 minShadowTalk: Powered by ReliaQuestScattered Spider Strikes Again, Hunt for North Korean Insiders Heats UpResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analyst John and threat hunter Tristan as they discuss:Scattered Spider Attacks UK Retail OrgsBring Your Own Installer SentinelOne BypassHunting for North Korean InsidersKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: John Dilgen is a C...2025-05-0728 minShadowTalk: Powered by ReliaQuestDemystifying CVE-2025-31324, The New Critical SAP NetWeaver FlawResources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with detection engineer Marken and intelligence analyst Alex as they discuss:ReliaQuest's Discovery of Critical SAP NetWeaver VulnerabilityAI Upgrade for Darcula Phishing Kit DragonForce's New Cartel Business ModelMaximum Severity Commvault flawKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder...2025-04-3024 minShadowTalk: Powered by ReliaQuestBreachForums Down: Hacktivist Attack or FBI Crackdown?Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts Joey and John as they discuss:BreachForums Down: Dark Storm Team Takes CreditA Potential New Vulnerability in SAP NetWeaverExploit User Targets Salesforce DataReliaQuest Research: Understanding Chinese Espionage StrategiesKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Joseph Keyes: 2025-04-2324 minShadowTalk: Powered by ReliaQuestHijacked and Hidden: ReliaQuest Identifies New Backdoor and Persistence TechniqueResources: https://linktr.ee/RQShadowTalkJoin host Kim along with intelligence analysts Ivan and Hayden as they discuss:How ReliaQuest Identified a New Backdoor and Persistence TechniqueOur Latest Ransomware Quarterly ReportHow Attackers Maintained Access to Patched FortiGate VPNsWhat Oracle Said Next About That BreachKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing u...2025-04-1626 minShadowTalk: Powered by ReliaQuestFast Flux DNS Challenges, Evolving Adversary Tactics, and Proactive Defense StrategiesResources: https://linktr.ee/RQShadowTalkJoin host Kim along with intelligence analyst Joey and threat hunter Leo as they discuss:Ivanti Patches Exploited VulnerabilityFast Flux DNS Evasion WarningRansomware Scene ShiftsReliaQuest's Approach to Threat HuntingKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Joseph Keyes: Cyber Threat Intelligence Analyst at R...2025-04-0934 minShadowTalk: Powered by ReliaQuestFrom Oracle to AI: Everything You Need to Know About Emerging Cyber ThreatsResources: https://linktr.ee/RQShadowTalkJoin host Kim along with intelligence analyst Hayden and threat detection engineer Marken as they discuss:Oracle Data Breach Latest UpdatesBlackLock Ransomware ExposedActive Exploitation of ChatGPT FlawUp to the Minute Attacker TechniquesKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder: Threat Detection E...2025-04-0333 minShadowTalk: Powered by ReliaQuestGuest Episode: Navigating Cyber Storms with Expert Insights on Incident ResponseResources: https://linktr.ee/RQShadowTalkJoin host Kim along with intelligence analyst Joey and special guest Rachel Ratcliff as they discuss: The latest Insights on the Alleged Oracle Data BreachA Critical Vulnerability in Next.js MiddlewareThe Importance of Incident Response when Tackling Today's Cyber ThreatsRachel Ratcliff: Engagement Management Leader for Aon Cyber Solutions and Stroz Friedberg Digital Forensics and Incident Response where she sits on the Executive Committee and oversees global commercial strategy for the firm’s reactive services practice. She and her team of professionals are responsible for managing comp...2025-03-2638 minShadowTalk: Powered by ReliaQuestWhen Old Meets New: The Rise of VPN Exploits and Brute-Force ToolsResources: https://linktr.ee/RQShadowTalkJoin host Kim along with intelligence analysts Ivan and John as they discuss:ReliaQuest's Research: Devastating Paths to VPN ExploitationSuperBlack Ransomware Exploits Fortinet FlawsBRUTED Framework Automates Black Basta AttacksClickFix Campaign Hooks Hospitality SectorKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Ivan Righi: 2025-03-1927 minShadowTalk: Powered by ReliaQuestWebcam Warfare, Supply Chains Under Siege, Insider Threats, and More!Resources: https://linktr.ee/RQShadowTalkJoin host Kim, and intelligence analysts Joey and Anna as they discuss:ReliaQuest's Research: Cyber Threats to Hospitality and RecreationSilk Typhoon Expands to Supply-Chain AttacksInsider's Kill Switch Cripples Ex-EmployerAkira Ransomware Uses Webcam to Compromise NetworkKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.J...2025-03-1224 minShadowTalk: Powered by ReliaQuestHooked and Hacked: Phishing Frenzy, Ransomware Recap, Zero-Day FalloutResources: https://linktr.ee/RQShadowTalkJoin host Kim and Detection Researcher Marken Teder as they discuss:ReliaQuest's Research: Blink and They're InThe Latest Ransomware Developments244 Million Passwords Added to 'Have I Been Pwned'VMware Zero-Days Actively ExploitedKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder: Detection Researcher at R...2025-03-0532 minShadowTalk: Powered by ReliaQuestSPECIAL: 'From Data to Defense' - Insights from ReliaQuest's Annual Cyber-Threat ReportResources: https://linktr.ee/RQShadowTalk Join host Kim and cyber threat intelligence analysts Joey Keyes and Hayden Evans as they discuss insights from ReliaQuest's 2025 Annual Cyber-Threat Report:The Top Successful Initial Access Techniques How Attackers Achieve Breakout in 48 MinutesKey Recommendations to Outpace AttackersKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.J...2025-02-2642 minShadowTalk: Powered by ReliaQuestBlackLock Ransomware, 8Base Seized, Storm-2372 PhishingResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim as they discuss:Storm-2372 Device Code Phishing CampaignChina Linked Espionage Tools Used Alongside Ransomware8Base Leak Site Seized in Law Enforcement OperationReliaQuest Research on the Worlds Fastest Rising Ransomware Group: BlackLockChris Morgan: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse...2025-02-1927 minShadowTalk: Powered by ReliaQuestBrute Force Campaign, Ransomware Insider Recruiting, Manufacturing ThreatsResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, and Detection researcher Corey Carter as they discuss:Large Scale Brute Force Campaign Targeting Edge DevicesCritical Microsoft RCE Vulnerability Exploited Ransomware Criminals Attempt to Recruit InsidersReliaQuest Research: Manufacturing Sector ReportChris Morgan: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his d...2025-02-1230 minShadowTalk: Powered by ReliaQuestAI Spies, Unused AWS Buckets, New Lazarus Group InfrastructureResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, and Senior Threat Intelligence Analyst Ivan Righi as they discuss:APT Groups Use AI for ReconnaissanceUnused AWS Buckets Pose Supply-Chain RiskNew Lazarus Group Infrastructure UncoveredReliaQuest Research: Attackers Abuse Legitimate ToolsKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.C...2025-02-0524 minShadowTalk: Powered by ReliaQuestAttackers Accelerating Attacks, Lumma Infostealer, DeepSeek LLMResources: https://linktr.ee/RQShadowTalk Join hosts Chris and Marken, and Threat Intelligence Analyst Anna as they discuss: ReliaQuest's Research into Attacker Breakout Times Lumma Infostealer Spreading via Fake Reddit Webpages Ransomware Persisting with SSH Tunnelling DeepSeek and the Potential Risks to User Data Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the...2025-01-2941 minShadowTalk: Powered by ReliaQuestRansomware Hits New Heights, FortiGate Data Leaked, Sneaky 2FA Phishing KitResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, and Detection Researcher Corey Carter as they discuss:ReliaQuest's Q4 Ransomware ReportFortiGate Data LeakNew Sneaky 2FA Phishing KitUK Contemplates Ransomware Payment BanKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Chris Morgan: Senior Cyber Threat Intelligence Analyst o...2025-01-2235 minShadowTalk: Powered by ReliaQuestGuest Episode: Ways Threat Intel Can Prioritize Threats, Vulnerability Chaos, Biden Executive OrderResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, along with guest speaker Barri Graham, Beazley Threat Intelligence.Fortinet and Ivanti zero-days under active exploitationInfostealer spread via fake LDAPNightmare exploitBiden administration hasten's executive orderThe importance of taking a proactive approach within threat intelligenceBarri Graham: Experienced Security professional with over 25 years in the field. His 20+ years of military service saw stints as security practitioner and leader in both UK and Global settings. Following military retirement he took up the mantle of auditor and joined NQA in 2019 as an information security...2025-01-1548 minShadowTalk: Powered by ReliaQuestEspionage Hits US Treasury, OtterCookie Tricks Jobseekers, ReliaQuest Tackles Pure MalwareResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, and threat hunter Brian as they discuss: Chinese Espionage Hits US Treasury DepartmentNew OtterCookie Variant Used in North Korea Recruitment ScamFireScam Infostealer Imitates Telegram to Steal Your DataReliaQuest's Response to a Speedy Pure Malware CompromiseKim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing un...2025-01-0827 minShadowTalk: Powered by ReliaQuestGuest Episode: Are Cyber Predictions Worth It? Clop Strikes, BADBOX Crumbles, US Fights Back Against Chinese EspionageResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, and guest Noah Davis, CISO Ingersoll Rand, as they discuss: 2024 look-back, 2025 forecast. We discuss our expectations for the coming yearClop resurface in new campaignPresident-elect Trump administration pivot on tackling Chinese espionageThe future for AI and automation in shaping the security landscapeNoah Davis: Seasoned technologist with over 20 years of experience, excelling in translating complex tech challenges into simple business solutions for Fortune 500 companies. As VP & Chief Information Security Officer at Ingersoll Rand, he leads global cybersecurity efforts. Previously, he held senior r...2024-12-1846 minShadowTalk: Powered by ReliaQuestTermite Ransomware, QR-Code Browser Bypass, CAPTCHA HijackingResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, ReliaQuest field CISO Rick Holland, and detection researcher Marken as they discuss:Termite Ransomware claiming responsibility for Blue Yonder incidentRansomware impacting Romanian electricity supplyResearchers divulge QR code based browser bypassReliaQuest research into malware distribution through CAPTCHA hijackingChris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors...2024-12-1139 minShadowTalk: Powered by ReliaQuestBootKitty Unleashed, Word Corruption Campaigns, M&A Cyber ThreatsResources: https://linktr.ee/RQShadowTalkJoin hosts Chris and Kim, and Threat Hunter Brian Kelly as they discuss: BootKitty Linux BootkitLockBit Arrest in RussiaNovel Phishing Campaign Corrupts WordCyber Threats During M&AKim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk. Chris Morgan...2024-12-0430 minShadowTalk: Powered by ReliaQuestGuest Episode: Can Someone Non-Technical Be a CISO? New APT28 & Palo Alto ExploitsJoin hosts Chris and Kim, and guest CISO Chris Gunner, as they discuss:APT28 conduct 'Nearest Neighbor' WiFi AttackWindows Reissue Controversial Recall Feature Update on Palo Alto Critical Vulnerability ExploitationNavigating potential obstacles as a new CISOResources: https://linktr.ee/RQShadowTalkChris Gunner: Group CISO at a global financial service firm, comprised of federated business units across 20 countries. Chris is responsible for Group-wide cyber strategy as well as advising the business in the Group. Previously held roles as a security leader in law firms, as well as varied roles in consulting. Pa...2024-11-2740 minShadowTalk: Powered by ReliaQuestBlack Friday Retail Risks, T-Mobile Troubles, AI DeceptionsJoin hosts Chris and Kim, Field CISO Rick Holland, and Detection Researcher Corey Carter as they discuss:Black Friday: Cyber Threats Facing the Retail SectorT-Mobile Breached AgainAttacks Exploiting PAN-OS Zero-DayFake AI Image Generators Deploy InfostealersResources:https://linktr.ee/RQShadowTalkKim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024. Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique i...2024-11-2033 minShadowTalk: Powered by ReliaQuest2025 Cyber Threat Predictions, MOVEit Data Breach, Volt Typhoon RebuildsJoin hosts Chris, Kim and Anna as they discuss:ReliaQuest's Cyber Threat Predictions for 2025Huge Data Leak Linked to 2023 MOVEit FlawNew Ransomware Partners with RustyStealerVolt Typhoon Rebuilds Dismantled BotnetResources:https://www.reliaquest.com/blog/report-shows-ransomware-has-grown-41-for-construction-industry/https://www.reliaquest.com/blog/service-account-abuse/Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a...2024-11-1335 minShadowTalk: Powered by ReliaQuestGuest Episode: Black Basta's TTP Shift, Diversity, Equity, and Inclusion (DEI) In Cyber SecurityIn this episode of ShadowTalk, hosts Kim and Chris are joined by guest speaker Eric Knopp, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest research identifies Black Basta TTP changesAmazon seize APT29 domainsTango down: Redline & Meta Infostealers taken down by Dutch policeThe importance of supporting DEI programs in hiring practicesResources:https://www.reliaquest.com/blog/black-basta-social-engineering-technique-microsoft-teams/https://www.reliaquest.com/blog/5-critical-threat-actors-you-need-to-know-about/Eric Knopp: VP Security Operations for one of ReliaQuest’s customers, a large global financial services company. Eric has been in th...2024-10-3043 minShadowTalk: Powered by ReliaQuestScattered Spider x RansomHub, Anonymous Sudan Unmasked, APT41 GambleIn this episode of ShadowTalk, host Kim is joined by Director of Threat Research Brandon Tirado and Threat Hunter Brian Kelly, to discuss the latest news in cybersecurity and threat research. Topics this week include:Scattered Spider x RansomHub: A New PartnershipUS Authorities Indict Anonymous Sudan LeadersCrypt Ghouls Deploys LockBit on Russian OrganizationsAPT41 Targets Gambling and Gaming Industry in New Financially-Motivated Campaign Resources:https://www.reliaquest.com/resources/research-reports/five-ways-cyber-attackers-exploit-cloud-environments/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat R...2024-10-2330 minShadowTalk: Powered by ReliaQuestRansomware in Q3 2024, Cisco Breached, ChatGPT MisuseIn this episode of ShadowTalk, host Chris and Kim are joined by Detection researcher Corey Carter, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest reporting on ransomware activity in Q3 2024OpenAI confirm malicious use of ChatGPTRussian APT29 mass exploiting known vulnerabilitiesCISCO data reportedly breached by IntelBrokerResources:https://media.defense.gov/2024/Oct/09/2003562611/-1/-1/0/CSA-UPDATE-ON-SVR-CYBER-OPS.PDFhttps://www.reliaquest.com/blog/q3-2024-ransomware/Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the...2024-10-1629 minShadowTalk: Powered by ReliaQuestGRU Orchestrate Sabotage and Assassination, Sextortion Scams, Inc. Ransom's Novel AttackIn this episode of ShadowTalk, host Chris Morgan, along with Marken Teder, discuss the latest news in cyber security and threat research. Topics this week include:Russia's Military Intelligence target CNI, identified using "Non-Lethal Acoustic Weapons" New Sextortion scam targets spousesPrivacy concerns with smart automobilesReliaQuest research into "Inc Ransom" Data Extortion Attack Resources:https://www.reliaquest.com/blog/inc-ransom-attack-analysis/ 2024-09-1136 minShadowTalk: Powered by ReliaQuestGuest Episode: Building Security Teams, Ransomware and Lawsuits, Top Attacker TechniquesIn this episode of ShadowTalk, hosts Chris and Kim, along with guest CISO Rob F, discuss the latest news in cyber security and threat research. Topics this week include:City of Columbus Ohio sue security researcher following ransomware breachDutch Data Protection Authority fine AI/Facial recognition companyBuilding security teams and improving your cyber maturityReliaQuest research into top attacker techniquesResources:https://www.reliaquest.com/blog/top-cyber-attacker-techniques/ 2024-09-0444 minShadowTalk: Powered by ReliaQuestNPD Breach Latest, Election Disinformation, Service Account AbuseIn this episode of ShadowTalk, host Kim, along with Corey and Gjergji, discusses the latest news in cyber security and threat research. Topics this week include:Data breach at NPD affecting millions resulted from exposed credentialsIran-linked APT groups abuse OpenAI to create US-election propagandaReliaQuest Research: Service Account AbuseResources:https://www.reliaquest.com/blog/exploring-impacket-abuse/https://www.reliaquest.com/blog/service-account-abuse/2024-08-2135 minShadowTalk: Powered by ReliaQuestUnusual Espionage, Vicious Vulnerabilities, Popular Exfiltration Tools and Malware LoadersIn this episode of ShadowTalk, host Kim, along with Marken and Brian, discusses the latest news in cyber security and threat research. Topics this week include:Unusual Espionage: China-linked threat groups target Russian government, IT organizationsVicious Vulnerabilities: New vulnerability in all Windows systems with IPv6, Sonos Speaker flaws allow eavesdroppingReliaQuest Research: Data Exfiltration Tools and Malware LoadersResources:https://www.reliaquest.com/blog/exfiltration-toolshttps://www.reliaquest.com/blog/common-malware-loaders2024-08-1432 minShadowTalk: Powered by ReliaQuestSpecial: LIVE from BlackHat 2024, Unauthorized RMM Useage, DEF CON 32 PreviewIn this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest Lead Threat Hunter Colin Ferris LIVE on the BlackHat show floor in Las Vegas to discuss:Takeaways from BlackHat CISO SummitReliaQuest presentation on Remote Monitoring & Management (RMM) toolsThings to look forward to at DEF CON 322024-08-0826 minShadowTalk: Powered by ReliaQuestDeepfakes-The New Frontier in Deception, Ransomware Roundup, Threats Bypassing Your EDRIn this episode of ShadowTalk, hosts Chris and Kim, along with Ivan Righi, discuss the latest news in cyber security and threat research. Topics this week include:Rise of the Deepfakes: Threat actors target Ferrari, Fake North Korean IT worker fake's job interviewDevelopments in ransomware: Stormous v3, VSXI, Black Basta develop custom malwareReliaQuest Research: Beyond the Endpoint: Threats Bypassing your Endpoint Detection and Response (EDR) solutionsResources:https://www.reliaquest.com/blog/beyond-the-endpoint-cyber-threats-eluding-endpoint-detection/https://arstechnica.com/tech-policy/2024/07/us-security-firm-unwittingly-hired-apparent-nation-state-hacker-from-north-korea/https://www.drive.com.au/news/ferrari-ceo-impersonated-ai-deepfake-scam/2024-07-3131 minShadowTalk: Powered by ReliaQuestCrowdStrike Global IT Outage, Finance & Insurance ThreatsIn this episode of ShadowTalk, hosts Chris and Kim, along with ReliaQuest CISO Rick Holland, and Detection Researcher Corey Carter, discuss the latest news in cyber security and threat research. Topics this week include:CrowdStrike Global IT Outage breaks records in impacting 8.5 million devices (1:22)The importance of accountability and trust when working with third party vendorsReliaQuest research into threats facing Financial & Insurance (18:46)Resources:https://www.reliaquest.com/blog/crowdstrike-outage-script-phishing-and-social-engineering-attacks/2024-07-2427 minShadowTalk: Powered by ReliaQuestGuest Episode: Ransomware in Q2 2024, Disney/AT&T BreachIn this episode of ShadowTalk, hosts Chris and Kim, along with guest CISO Craig McEwen, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest Research: Ransomware in Q2 2024Weekly roundup: Threat actors weaponizing exploits within 22 minutes, Disney/AT&T breachesLinking security strategy to expenditureSupporting cyber apprenticeships and investing in peopleResources:https://www.reliaquest.com/blog/q2-2024-ransomware/https://app.galabid.com/shawburyproms/items2024-07-1749 minShadowTalk: Powered by ReliaQuestWeekly: TeamViewer Supply Chain Attack, MOVEit Horrors, Medusa Ransomware Case StudyIn this episode of ShadowTalk, hosts Chris and Kim, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:TeamViewer compromised by APT29 in supply chain attackMOVEit in the headlines again, critical severity vulnerability disclosedPopular Content Delivery Network (CDN) providers compromised in supply chain attacksReliaQuest research in a case study attributed to the Medusa ransomware groupResources: https://www.reliaquest.com/blog/medusa-attack-analysis/2024-07-0336 minShadowTalk: Powered by ReliaQuestWeekly: Lockbit Claim US Federal Reserve Breach, Protocol Tunneling, Kaspersky Banned in USIn this episode of ShadowTalk, hosts Chris and Kim, along with Ivan and Gjergji, discuss the latest news in cyber security and threat research. Topics this week include:Lockbit claim breach of the US Federal Reserve, but are they telling the truth? ReliaQuest research into misuse of Protocol TunnelingFallout from the US Ban of KasperskyResources:https://www.reliaquest.com/blog/protocol-tunneling-tools-and-techniques/#:~:text=Protocol%20tunneling%20is%20a%20technique%20used%20to%20encapsulate,be%20transmitted%20through%20a%20secure%20or%20otherwise-allowed%20protocol.2024-06-2731 minShadowTalk: Powered by ReliaQuestWeekly: Future of Scattered Spider, Supply Chain Compromise, Insider ThreatsIn this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. Topics this week include:Scattered Spider leader reportedly arrested, as group pivot to target SaaS solutionsReliaQuest research into supply chain compromise. Detections to improve your resilienceClassifying insider threats and the difficulties of proving intentResources:https://www.reliaquest.com/blog/what-is-scattered-spider/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/https://www.reliaquest.com/blog/software-supply-chain-risk-management/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/2024-06-2042 minShadowTalk: Powered by ReliaQuestSpecial: Live from InfoSec Europe 2024, Snowflake Breach, Cybercriminal AI reflectionsIn this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest Chief Strategy Officer Jason Pfeiffer LIVE on the InfoSec Europe show floor in London, UK to discuss:How InfoSec stacks up against the US cyber conferencesSnowflake data breach affecting TicketMaster and othersCybercriminal reflections on generative AIResources:https://www.reliaquest.com/blog/common-infostealers/2024-06-0527 minShadowTalk: Powered by ReliaQuestWeekly: Microsoft Deprecates VBScript, Common Infostealers, GhostEngine Cryptominer, BlackSuit Attack AnalysisIn this episode of ShadowTalk host Corey, along with Gjergji and Brian, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft set to begin the deprecation of VBScript in the second half of 2024 ReliaQuest research into the top three Infostealers Dive into a new crypto miner dubbed 'GhostEngine' ReliaQuest analysis of a BlackSuit ransomware attack Resources:https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-next-steps/ba-p/4148301https://www.reliaquest.com/blog/common-infostealers/https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine https://www.reliaquest.com/blog/blacksuit-attack-analysis/ 2024-05-3032 minShadowTalk: Powered by ReliaQuestWeekly: Microsoft Enforce MFA, Fileless Malware, Rise of DeepfakesIn this episode of ShadowTalk, host Chris, along with Director of Threat Research Brandon Tirado, discuss the latest news in cyber security and threat research. Topics this week include:Microsoft mandating multi-factor authentication across AzureReliaQuest research exploring fileless malware and living against the land (LoTL) techniques Use of deepfakes in social engineering in 2024Resources:https://www.reliaquest.com/blog/socgholish-fakeupdates/https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/living-off-the-land-fileless-malware/ 2024-05-2241 minShadowTalk: Powered by ReliaQuestWeekly: APT28 Activity, Iran/Israel Tensions, Ransomware RebrandsIn this episode of ShadowTalk, host Chris, along Kim and one of ReliaQuest's CISO's Rick, discuss the latest news in cyber security and threat research. Topics this week include:APT28 Exploit 6 year old CISCO vulnerabilityReliaQuest research on Iran/Israel TensionsRansomware RebrandsApple notify users impacted by SpywareResources:https://www.reliaquest.com/blog/cyber-threats-linked-to-iran-israel-conflict/2024-04-2538 minShadowTalk: Powered by ReliaQuestWeekly: HC3 Social Engineering Warning, ReliaQuest Q1 Phishing Report, Microsoft CopilotIn this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:Health sector Cybersecurity Coordination Center (HC3) issues alert warning regarding attackers using social engineering to target IT helpdesk's across the health sectorReliaQuest releases it's findings from it's Q1 Phishing reportHow improper permissions can lead to problems with new Microsoft Copilot AIResources:https://www.reliaquest.com/blog/health-care-social-engineering-campaign/https://www.reliaquest.com/blog/phishing-tactics-and-trends-2024/2024-04-1041 minShadowTalk: Powered by ReliaQuestWeekly: AT&T Breach, Magnet Goblin, ReliaQuest's Annual Threat Report (ATR)In this episode of ShadowTalk, host Chris, along with Marken and ReliaQuest CISO Rick, discuss the latest news in cyber security and threat research. This week's topics include:2021 AT&T breach released for free Magnet Goblin threat group exploiting 1-day vulnerabilitiesAn introduction to ReliaQuest's Annual Threat Report (ATR)2024-03-2036 minShadowTalk: Powered by ReliaQuestWeekly: TeamCity and Supply Chain Risk, BEC Detections, Midnight BlizzardIn this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:TeamCity Server critical vulnerability leaves potential for supply chain riskReliaQuest research into advanced business email compromise (BEC) detectionsMicrosoft compromised by Midnight Blizzard password spraying attackResources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://blog.jetbrains.com/teamcity/2024/03/our-approach-addressing-recently-discovered-vulnerabilities-in-teamcity-on-premises/ https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://www.reliaquest.com/blog/business-email-compromise-detection/2024-03-1338 minShadowTalk: Powered by ReliaQuestWeekly: ConnectWise Critical Vulnerabilities , Credential Theft, NIST FrameworksIn this episode of ShadowTalk, host Chris, along with Fearghal and Kim, discuss the latest news in cyber security and threat research. Topics include:An overview of the critical severity vulnerabilities affecting ConnectWise, patch now!ReliaQuest research into Browser Credential Dumping attacksThe latest in the world of ransomwareUpdate to National Institute of Standards and Technology (NIST) frameworkResources:https://www.reliaquest.com/blog/browser-credential-dumping/ 2024-03-0622 minShadowTalk: Powered by ReliaQuestWeekly: Lockbit Return, SAT Exercises, Optum BreachIn this episode of ShadowTalk, host Chris, along with Ivan, Caroline, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. This week's topics include:Lockbit return following law enforcement operationRecent Structured Analytical Technique (SAT) exercises ran by ReliaQuestThe Optum Breach and what you need to know'SubdoMailing' malvertising campaign leveraging compromised domainsResources:https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/2024-02-2834 minShadowTalk: Powered by ReliaQuestWeekly: Lockbit Taken Down, RMM Tool Abuse, Chinese Gov't Documents ExposedIn this episode of ShadowTalk, host Chris, along with Brian, Kim, and one of ReliaQuest's CISOs Rick, discuss the latest news in cyber security and threat research. Topics this week include:Lockbit taken down by NCA led operation. Does this spell the end for the ransomware group?ReliaQuest research into abuse of Remote monitoring and management (RMM) toolsInsider leaks Chinese government documents on GithubResources:https://www.reliaquest.com/blog/lockbit-taken-down-what-comes-next/2024-02-2138 minShadowTalk: Powered by ReliaQuestWeekly: SocGholish, Volt Typhoon, ToothBrush DDoS' and Flipper ZeroIn this episode of ShadowTalk, host Chris, along with Marken and Corey, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest research into changes observed on SocGholish infection chainUpdate to Volt Typhoon campaign affecting US CNIFurore over reporting on Toothbrush smart devices reportedly used in DDoS attacksCanada bans Flipper Zero consumer hacking device, over car theft concerns Resources:https://www.reliaquest.com/blog/new-python-socgholish-infection-chain/https://www.reliaquest.com/blog/socgholish-fakeupdates/2024-02-1445 minShadowTalk: Powered by ReliaQuestWeekly: AnyDesk Breach, Deepfake Social Engineering, Q1 2024 PrioritiesIn this episode of ShadowTalk, host Chris Morgan is joined by ReliaQuest CISO Rick Holland, Director of Threat Research Brandon Tirado and Intelligence Collection Analyst Fearghal Hughes to discuss the latest news in cyber security and threat research. Topics this week include:Breach of Remote Desktop Application 'AnyDesk' resultsContinued Ivanti vulnerability exploitationsThe rise of BEC deepfake social engineering attacksReliaQuest's top priorities for the remainder of Q1 2024Resources:https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&eventid=4448957&sessionid=1&key=3FBF0E608FF3216DD9F1526D92EE5CCE&groupId=5180806&partnerref=website&sourcepage=registerhttps://event.on24...2024-02-0747 minShadowTalk: Powered by ReliaQuestWeekly: Killnet 2.0, Baselining Detection Rules, Ransomware in Q4 2023In this episode of ShadowTalk, host Chris, along with James and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:The emergence of Killnet 2.0 Best practices for Baselining Detection RulesInsights from ReliaQuest's Q4 2023 Ransomware blogResources:https://www.reliaquest.com/blog/q4-2023-ransomware/2024-01-3129 minShadowTalk: Powered by ReliaQuestWeekly: Ivanti Zero-days, Valid Account Misuse, Emerging risk from (IoT) devicesIn this episode of ShadowTalk, host Chris, along with Brian, Gjergji and ReliaQuest CISO Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:Ivanti Zero-day vulnerabilities under mass exploitationReliaQuest research into misuse of Valid Accounts Risk posed through emerging Internet of Things (IoT) devicesResources:https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US 2024-01-1740 minShadowTalk: Powered by ReliaQuestWeekly: 2023 in Review, ALPHV Targeted by FBI, Predictions for 2024In this episode of ShadowTalk, host Chris, along with Rick and Kim, discuss the latest news in cyber security and threat research. Topics this week include:ALPHV targeted in law enforcement operationA look back at major events from the previous 12 monthsPredictions for the cyber threat landscape in 2024'Expense in depth' and maximising investmentsResources:https://www.reliaquest.com/blog/double-extortion-attack-analysis/https://www.reliaquest.com/blog/alphv-ransomware-site-outage/ https://www.justice.gov/media/1329536/dl?inline=&utm_medium=email&utm_source=govdelivery2023-12-2048 minShadowTalk: Powered by ReliaQuestWeekly: BYOVD Report, Log4Shell Two Years Later, ALPHV Site Outage, Delaying SEC DisclosuresIn this episode of ShadowTalk, host Corey Carter, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:An overview of a ReliaQuest report on a sophisticated incident involving a technique known as Bring Your Own Vulnerable Driver (BYOVD).ALPHV ransomware site outage rumored to be caused by law enforcement.Apps vulnerable to Log4Shell still being exploited by Advanced Persistence Threats.FBI releases policy notice that informs cyber victims how they can request to delay public disclosures to the Securities and Exchange Commission.2023-12-1335 minShadowTalk: Powered by ReliaQuestWeekly: EDR Pitfalls, Okta Intrusion Update, Secure AI Guidelines, Expired Google CookiesIn this episode of ShadowTalk, host Corey, along with Rick, Marken, and James, discuss the latest news in cyber security and threat research. Topics this week include:An overview of ReliaQuest's latest report covering EDR Pitfalls and Best Practices.Latest updates to Okta's Support Case Management System intrusion that occurred in October.Discussion on guidelines released for secure AI system development by CISA and UK NCSC.Infostealers making headlines after allegedly being able to restore expired Google cookies. Resources:Okta's Support Case Management System Intrusion Update-https://sec.okta.com...2023-11-2943 minShadowTalk: Powered by ReliaQuestWeekly: ALPHV SEC Complaint, Scattered Spider Case Study, Sandworm AttacksIn this episode of ShadowTalk, host Ivan, along with Brandon and Colin discuss the latest news in cyber security and threat research. Topics this week include:AlphaV filing a complaint with the SECReliaQuest case study on the Scattered Spider attackSandworm hacker group conducts "largest ever" attack on Danish infrastructureResources:https://www.reliaquest.com/blog/scattered-spider-attack-analysis-account-compromise/2023-11-2232 minShadowTalk: Powered by ReliaQuestWeekly: Q3 Ransomware Report, ServiceNow Vulnerability, Okta IncidentIn this episode of ShadowTalk, Host Chris Morgan is joined by one of ReliaQuest's CISO's Rick Holland, Threat Hunter Brian Kelly and Threat Intelligence Analyst Ivan Righi to discuss the latest news in cyber security and threat research. Topics this week include:The findings of ReliaQuest's Quarterly Ransomware Report recapping Q3 2023 activity. ServiceNow vulnerability and what it means for youThe latest on a security incident pertaining to authentication provider, Okta.Resources:https://www.reliaquest.com/blog/ransomware-trends-q3-2023/2023-10-2635 minShadowTalk: Powered by ReliaQuestWeekly: Hamas Cyber Threat Implications, Top Adversary Techniques, QakbotIn this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, James Xiang and Caroline Fenstermacher, discuss the latest news in cyber security and threat research. Topics this week include:Cyber threat implications from the Hamas - Israel ConflictTop Adversary Techniques: What We're Seeing Right NowHas Qakbot returned? Resources:https://www.reliaquest.com/blog/iranian-cyber-threats-practical-advice-for-security-professionals/2023-10-1336 minShadowTalk: Powered by ReliaQuestWeekly: National Cyber Security Awareness Month (NCSAM), Progress FTP Server, RDP Sessions, IronNetIn this episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland and Corey Carter discuss the latest news in cyber security and threat research. Topics this week include:2023 National Cyber Security Awareness Month (NCSAM) Progress FTP ServerThe risk posed by open Remote Desktop Protocol (RDP) SessionsIronNet ceasure operationsResources: https://www.reliaquest.com/blog/cybersecurity-awareness-automation/ https://www.reliaquest.com/blog/israel-hamas-implications-for-cyber-threats/ 2023-10-0636 min
ReliaQuest Podcast NetworkChasing Possible 2022: "Big Decisions"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph discusses bringing back P3 in-person to Amalie Arena, performing with Flo-Rida, and acquiring Digital Shadows.2023-09-1517 minShadowTalk: Powered by ReliaQuestWeekly: Anonymous Sudan, Domain Redirection Attacks, UK Ransomware Report and Managed Engine Zero-Day ExploitIn this episode of ShadowTalk, host and ReliaQuest CISO Rick Holand and ReliaQuest Threat Research team members Corey Carter and Gjergji Paco discuss the latest news in cyber security and threat research. Topics this week include: A deep dive on domain redirection attacksNew ransomware report from the UK governmentNew Managed Engine zero-day exploited by multiple threat actorsAnonymous Sudan Telegram bans and DDoS attacks.Resources:https://www.ncsc.gov.uk/whitepaper/ransomware-extortion-and-the-cyber-crime-ecosystemhttps://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250ahttps://www.reliaquest.com/blog/5-macos-infostealers/https://www.reliaquest.com/blog/cisos-guide-six-steps-to-start-adopting-ai/2023-09-1434 minShadowTalk: Powered by ReliaQuestWeekly: SocGhoulish deep dive, AI security concerns, LockBit vs. UK MODIn this episode of ShadowTalk, host Roman, along with Corey and Ivan, discuss the latest news in cyber security and threat research. Topics this week include:A deep dive of malware loader SocGhoulishArtificial intelligence: implications, security concerns, and use by cybercriminalsLockBit leaking top secret information from the UK’s Ministry of DefenceResources: https://www.reliaquest.com/blog/the-3-malware-loaders-behind-80-of-incidentshttps://www.reliaquest.com/blog/socgholish-fakeupdateshttps://www.reliaquest.com/blog/lockbit-ransomware-20232023-09-0834 minReliaQuest Podcast NetworkChasing Possible 2021: "Off to the Races"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph discusses the early challenges of coming back to the office, reaching Unicorn status, and launching the 100 in 100 campaign.2023-09-0118 minShadowTalk: Powered by ReliaQuestWeekly: Malware Loaders, Ransomware Runbooks, Generative AI and Barracuda ESGIn this episode of ShadowTalk, host Dean Murphy, along with one of ReliaQuest's CISO's Rick Holland and Threat Hunter Brian Kelly, discuss the latest news in cyber security and threat research. Topics this week include:Malware LoadersRansomware Runbooks Generative AI Barracuda ESG - Zero-DayResources:https://www.reliaquest.com/blog/lockbit-ransomware-2023/https://analyst1.com/ransomware-diaries-volume-1/https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-gangs-attack-playbook/https://www.reliaquest.com/news-and-press/reliaquest-adds-ai-capabilities-to-greymatter-intelligent-analysis/https://www.reliaquest.com/blog/understanding-generative-ai-in-cybersecurity/https://www.reliaquest.com/blog/intersection-generative-ai-cybersecurity/https://www.mandiant.com/resources/blog/threat-actors-generative-ai-limitedhttps://www.ic3.gov/Media/News/2023/230823.pdf 2023-08-2528 minReliaQuest Podcast NetworkChasing Possible 2020: "The Pandemic" Part 1Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph discusses where he was and how he responded when COVID hit. He also discusses what went into making decisions around ReliaQuest customers and teammates during these unprecedented times.2023-08-1830 minReliaQuest Podcast NetworkChasing Possible 2020: "The Pandemic" Part 2Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. Now into the second half of 2020, there were some big decisions that needed to be made. In this episode, Murph discusses going remote, raising capital with KKR, and then making the decision to come back to the o...2023-08-1817 minReliaQuest Podcast NetworkChasing Possible 2019 - "Steps and Punches"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. With all the effort that's required to grow at this pace during this time at ReliaQuest, the years really blur together. In this episode, Murph discusses listening to the new offers for potentially raising capital again, productizing t...2023-08-1118 minShadowTalk: Powered by ReliaQuestWeekly: Business Email Compromise (BEC), ReliaQuest Bi-Annual threat reports, influence of AI on the Cyber Threat Landscape In this episode of ShadowTalk, host Chris, along with one of ReliaQuest's CISOs Rick, and James, discuss the latest news in cyber security and threat research. Topics this week include:Themes in recent Business Email Compromise (BEC) activityA breakdown of ReliaQuest research into threats facing the Professional, Scientific, and Technical Services (PSTS) sectorThe influence of AI on the cyber threat landscape ReliaQuest activities at BlackHat 2023 conference2023-08-0440 minShadowTalk: Powered by ReliaQuestWeekly: What We're Seeing Right Now, Cl0p Update, WormGPTIn this episode of ShadowTalk, host Chris, along with Brian and James, discuss the latest news in cyber security and threat research. Topics this week include:ReliaQuest research into common attacker techniquesAn update on Clop's exploitation of the MOVEit vulnerability ChatGPT rival with ‘no ethical boundaries’ sold on dark webResources:https://www.reliaquest.com/blog/top-adversary-techniques-july-2023/https://www.reliaquest.com/blog/clop-leaks-first-victims/https://www.zdnet.com/article/wormgpt-what-to-know-about-chatgpts-malicious-cousin/2023-07-2121 minReliaQuest Podcast NetworkChasing Possible 2017/18 - "Things Are Happening Fast"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. Coming off the capital raise with FTV in 2016, things are happening fast. As we move into 2017 and 18, Murph talks about introducing the first board, our first international office in Dublin, and laying out the framework of what e...2023-07-2125 minReliaQuest Podcast NetworkChasing Possible 2016 - Part 1: "The Game Changing Year"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph talks about starting to win large enterprise logos, framing up the concepts of GreyMatter, and receiving those first phone calls from venture capital and private equity firms.2023-07-0719 minReliaQuest Podcast NetworkChasing Possible 2016 - Part 2: "Raising Capital"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph talks about the story behind the capital raise with FTV, the genesis of “60% consensus and 100% buy-in”, and the very first board meeting.2023-07-0725 minShadowTalk: Powered by ReliaQuestWeekly: Legal Developments, New APT29 Campaign and ReliaQuest's Annual Threat ReportIn this episode of ShadowTalk, host Stefano, along with Kim Bromley, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:The SEC reportedly charging SolarWinds executivesAPT29 hunting for credentialsOur new, shiny Annual Threat ReportResources:https://www.reuters.com/technology/solarwinds-executives-receive-wells-notice-us-sec-2023-06-23/https://www.scmagazine.com/brief/identity-and-access/apt29-intensifies-credential-stealing-attackshttps://www.reliaquest.com/resources/research-reports/annual-threat-report/2023-06-3028 minReliaQuest Podcast NetworkChasing Possible 2014 and 2015: "Visibility and Detection"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph discusses the pressure of how he managed his personal massive debt with no income, how ReliaQuest started to center in on visibility and detection, and the story behind closing our first recurring revenue c...2023-06-2128 minReliaQuest Podcast NetworkChasing Possible 2013 - "What Problem Are We Solving For?"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible.In this episode, Murph talks about how the mindset of ReliaQuest really began to take shape, what it takes to be great at cold-calling, and narrowing the focus by answering the question, “What problem are we solving fo...2023-06-0226 minShadowTalk: Powered by ReliaQuestWeekly: ReliaQuest Threat Management, ALPHV, Veeam Vulnerability ExploitedIn this episode of ShadowTalk, host Chris Morgan is joined by Corey Carter and Ivan Righi to discuss:A day in the life of a Threat Engineer at ReliaQuestALPHV leaking internal comm's related to victims incident responseHigh Severity vulnerability affecting Veeam back servers exploited in the wild (CVE-2023-27532)2023-05-0525 minShadowTalk: Powered by ReliaQuestWeekly: RQ Ransomware Report, 3CX Update, Russia-Ukraine Cyber Operations, and Cybercriminal EcosystemsIn this episode of ShadowTalk, host Stefano, along with Kim, Ivan, and Brandon, discuss the latest news in cyber security and threat research. Topics this week include:Highlights from the ReliaQuest Ransomware Quarterly Report Q1 2023A supply-chain of a supply-chain: 3CX UpdateAnalysis of Russia-Ukraine cyber operationsA look into recent shifts in the cybercriminal ecosystemResources:https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/https://www.ncsc.gov.uk/news/new-analysis-eccri-highlights-ukraine-defence-against-russian-offensivehttps://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise2023-04-2847 minShadowTalk: Powered by ReliaQuestWeekly: Vulnerability Quarterly Roundup, Domino Backdoor, Lockbit Targeting MacOSIn this episode of ShadowTalk, host Chris Morgan, along with Dani and Dean Murphy, discuss the latest news in cyber security and threat research. Topics this week include:A breakdown of ReliaQuest's latest Vulnerability quarterly reportAftermath of the ransomware attack affecting CapitaThe "Domino" Backdoor and "Project Nemesis" information stealing malwareLockbit targeting macOSResources:https://www.reliaquest.com/blog/2023-q1-vulnerabilities-cves/https://www.reliaquest.com/blog/2023-ransomware-attacks-q1/2023-04-2137 minShadowTalk: Powered by ReliaQuestWeekly: 3CX supply chain attack, Rostec deanonymize Telegram, IcedIDIn this early released episode of ShadowTalk, host Chris Morgan, along with ReliaQuest CISO Rick Holland, Kim Bromley, and Colin Ferris discuss the latest news in cyber security and threat research. Topics this week include:Implications from the 3CX supply-chain attack and what you need to do going forwardRussian telco Rostec de-anonymizing Telegram usersUpdates to the IcedID malwareResources:https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/https://www.reliaquest.com/blog/3cx-trojan-attack/https://www.bleepingcomputer.com/news/security/russia-s-rostec-allegedly-can-de-anonymize-telegram-users/https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/2023-03-3033 minShadowTalk: Powered by ReliaQuestWeekly: Outlook Vulnerability, TeamTNT and Breachforums closureIn this episode of ShadowTalk, host Chris Morgan, along with Ivan Righi and Caroline Fenstermacher, discuss the latest news in the cyber security and the information security landscape. Topics this week include:Implications following the arrest of BreachForums administrator PompompurinCryptojacking activity group the TeamTNT threat group Microsoft Outlook bug CVE-2023-23397Resources:https://www.reliaquest.com/blog/breachforums-arrest-fbi/https://www.reliaquest.com/blog/cyber-threats-svb-collapse/https://www.reliaquest.com/platform/phishing-analyzer/2023-03-2427 min
ShadowTalk: Powered by ReliaQuestWeekly: SVB collapse, FBI IC3 report, and Cl0p updateIn this episode of ShadowTalk, host Stefano De Blasi, along with Rick Holland and Brandon Tirado, discuss cyber threats related to the SVB collapse, the FBI IC3 report and Cl0p ransomware: zero-day vulnerability and victims.Resources: https://www.reliaquest.com/blog/cyber-threats-svb-collapse/?https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdfhttps://www.reliaquest.com/blog/qbot-black-basta-ransomware/https://www.reliaquest.com/blog/html-smuggling-dark-web/2023-03-1736 minReliaQuest Podcast NetworkChasing Possible: 2012 - "A Decisive Pivot”Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible.In this episode, Murph talks about how he recruited our CTO Joe Partlow, the tough choice of closing down a stream of revenue generating business, losing a quarter of the workforce and the beginning of surges. 2022-11-0319 minReliaQuest Podcast NetworkChasing Possible: 2011 - "Learning What Works"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible.In this episode, Murph talks about who he leaned on to help guide the early business decisions of ReliaQuest, learning from other CEOs that struggled, and how he and the team got creative at conferences to make...2022-10-2015 minReliaQuest Podcast NetworkChasing Possible: 2010 - "Burning The Lifeboats"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Performance Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible.In this episode, Murph talks about what are the things that began to click for the business, the pressures the company faced, and how ReliaQuest set its sights on information assurance (what we know now as cybersecurity).2022-09-2218 min
ShadowTalk: Powered by ReliaQuestWeekly: 911 Proxy Service Ends, ALPHV claims attack on pipeline and Recent news from Taiwan & ChinaShadowTalk host Stefano alongside Chris bring you the latest in threat intelligence. This week they cover: - 911 proxy service ends protection for cybercriminals- ALPHV (aka BlackCat) ransomware claims attack on European gas pipeline- Cyber threat implications from recent news in Taiwan & China Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-05-aug***Resources from this week’s podcast***The Boy Who Cried Ransomware: The Trustworthiness Of Ransomware Groupshttps://www.digitalshadows.com/blog-and-research/the-boy-who-cried-ransomware-the-trustworthiness-of-ransomware-groups/ReliaQuest And Digital Shadows – The Next Stage Of The Journeyhttps://www.digitalshadows.com/blog-and-research/reliaquest-and-digital-shadows-the-next-stage-of-the-journey/2022-08-0533 minReliaQuest Podcast NetworkChasing Possible: 2009 - "Do The Things"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Conditioning Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible.In this episode, Murph discusses a few things that he’s most proud of, how he made ends meet without paying himself, ReliaQuest’s work with the military, and why humility is so important to continue to impr...2022-05-2421 minReliaQuest Podcast NetworkChasing Possible: 2008/09 – “You’ve Gotta Go Through It”Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Conditioning Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible.In this episode, Murph discusses what kept him going through the market crash of 2008, persisting through the first half of 2009 with 8 employees, purchasing a legendary 1999 Cadillac, and ReliaQuest’s first check for $100,000.2022-05-1024 minReliaQuest Podcast NetworkChasing Possible: 2008 – “The Crash”Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Conditioning Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph discusses the market crash of 2008 and how it impacted ReliaQuest’s business and growth. He also shares the story behind why ReliaQuest made the decision to move into defense contracts. 2022-04-2519 minReliaQuest Podcast NetworkChasing Possible: 2008 - "Firsts"Chasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Conditioning Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Murph discusses a lot of the "firsts" that took place at ReliaQuest. First customer, first interns, first career fair, and first onboarding. He also talks about the importance of timing in hiring during the g...2022-04-1214 minReliaQuest Podcast NetworkChasing Possible: 2007 - The Beginning of ReliaQuestChasing Possible is a conversation about the history of ReliaQuest between founder and CEO Brian Murphy and Director of Mental Conditioning Derin McMains. We talk about the mindset behind the decisions that shaped the journey of ReliaQuest. Each episode is intended to give you a look into the history of how ReliaQuest has made and continues to make security possible. In this episode, Brian talks about being stood up when he pitched the idea of ReliaQuest and what it felt like to quit his day job without having any business plan for the new company. 2022-03-1517 min