Digital Shadows Podcast - ShadowTalk

Our weekly podcast highlights key findings of primary-source research our Intelligence Team is conducting, along with the latest threat actors, campaigns, security events and industry news.

  • Google Calendar Phishing, Exim Email Server Vulnerability, and Diversity in Cybersecurity

    Google Calendar Phishing, Exim Email Server Vulnerability, and Diversity in Cybersecurity

    This week Alex and Jamie (@TheCollierJam) chat with Harrison (@pseudohvr) on a cyber-threat campaign involving the abuse of legitimate features in Google Calendar. Then they dive into other...

    Read Post
  • Weekly Intelligence Summary

    Access Here
  • XMRig Cryptocurrency Mining, FIN8 Backdoor, and Attacks Against Office 365

    XMRig Cryptocurrency Mining, FIN8 Backdoor, and Attacks Against Office 365

    This week Harrison (@pseudohvr) is joined by Travis (@puppyozone) and Alec to discuss the security stories of the week including a fileless malware attack delivers cryptocurrency miner to China,...

    Read Post
  • “HiddenWasp” and “BlackSquid” malware, TA505 and Turla actvity, and Too Much Information: The Sequel

    “HiddenWasp” and “BlackSquid” malware, TA505 and Turla actvity, and Too Much Information: The Sequel

    Alex and Christian join HVR this week to discuss the Linux malware “HiddenWasp” (along with HVR’s hatred of the insect), the BlackSquid malware, and updated campaign activity from TA505 and Turla...

    Read Post
  • Subscribe to ShadowTalk on iTunes!

    Subscribe Now
  • JasperLoader, APT28 URL shortening, and RDP vulnerability discussion

    JasperLoader, APT28 URL shortening, and RDP vulnerability discussion

    Alex Guirakhoo and newcomer to the pod Travis Randall join HVR this week to discuss updates to the JasperLoader malware loader and more.

    Read Post
  • CVE-2019-0708 RDP vulnerability and GDPR’s anniversary

    CVE-2019-0708 RDP vulnerability and GDPR’s anniversary

    Jamie Collier and Phil Doherty join HVR on this week’s ShadowTalk, discussing the RDP vulnerability that has everyone sweating, CVE-2019-0708. Patch those systems, because there’s a few different...

    Read Post
  • Like what you hear?
    Rate us on iTunes!

    Rate Here
  • ElectricFish malware attributed to "Lazarus Group"

    ElectricFish malware attributed to "Lazarus Group"

    Alex and Christian join Harrison this week to discuss the attribution of the ElectricFish malware to the "Lazarus Group" and the highlights from this week included the exploited vulnerability in...

    Read Post
  • “Buckeye” APT group used Equation Group tools before 2017 leak

    “Buckeye” APT group used Equation Group tools before 2017 leak

    The team dives into the “Buckeye” APT group, which has recently been said to develop its own version of a tool that was likely created by the U.S. National Security Agency (NSA) prior to being leak...

    Read Post
  • Weekly Intelligence Summary: Ep 17

    Weekly Intelligence Summary: Ep 17

    Phil and newcomer Benjamin Newman join Harrison for another edition of the Weekly Intelligence Summary. The guys cover two distinct attack campaigns which used uncommon and underreported social...

    Read Post
  • Weekly Intelligence Summary: Ep 16

    Weekly Intelligence Summary: Ep 16

    Jamie and Alex are back with Harrison this week to talk about the leak of information related to APT34 on Telegram, including victim data, personally identifiable information and the group's...

    Read Post
  • Weekly Intelligence Summary: Ep 15

    Weekly Intelligence Summary: Ep 15

    This week the team discusses an unidentified threat actor that has obtained data from various personal Outlook, MSN, and Hotmail email accounts by compromising a Microsoft customer support...

    Read Post
  • Weekly Intelligence Summary: Ep 14

    Weekly Intelligence Summary: Ep 14

    Christian and Jamie join Harrison for another week of ShadowTalk to discuss the FIN6 threat actor reportedly widening its range of attacks to include ransomware, potentially inciting the threat...

    Read Post
  • Weekly Intelligence Summary: Ep 13

    Weekly Intelligence Summary: Ep 13

    Jamie, Alex and Zuko sit down with Harrison to talk about a story that flew a little under the radar this week; Russia has allegedly been conducting a widespread satellite spoofing campaign since...

    Read Post
  • Weekly Intelligence Summary: Ep 12

    Weekly Intelligence Summary: Ep 12

    Christian and Jamie sit down with Harrison to talk about the compromised Asus server used to distribute backdoor malware to at least 500,000 users’ devices, more LockerGoga ransomware attacks, a...

    Read Post
  • Episode 60: Cyber Risks and High-frequency Trading

    Episode 60: Cyber Risks and High-frequency Trading

    With new research this week warning that state-sponsored cyber attacks against financial systems are on the rise, the ShadowTalk team focus on one area of the financial services sector in...

    Read Post
  • Weekly Intelligence Summary: Ep 11

    Weekly Intelligence Summary: Ep 11

    Harrison chats with Jamie and Alex this week on an attack on Norwegian aluminum and renewable-energy company Norsk Hydro ASA. The team also looks at threat group “APT-C-27” exploiting a flaw in...

    Read Post
  • Weekly Intelligence Summary: Ep 10

    Weekly Intelligence Summary: Ep 10

    Harrison sits down with Rose and Christian for a quick chat about APT40 targeting educational maritime research, as well as other highlights from this week. Rose also gives us the breakdown of an...

    Read Post
  • Episode 59: Practitioner’s Guide to Email Spoofing

    Episode 59: Practitioner’s Guide to Email Spoofing

    Senior security engineer, Simon Hall joins Rafael Amado to explain how IT teams and defenders can combat email spoofing, one of the most popular techniques used by phishers. Simon discusses why...

    Read Post
  • Weekly Intelligence Summary: Ep 9

    Weekly Intelligence Summary: Ep 9

    In this week’s episode, the team looks at Fin6, who has begun regularly targeting card-not-present data on e-commerce websites. Other highlights from this week include Topps disclosing a data...

    Read Post
  • Weekly Intelligence Summary: Ep 8

    Weekly Intelligence Summary: Ep 8

    This week Rose and Phil join Harrison to discuss a three-stage cryptocurrency mining attack using Mimikatz and Radmin in tandem. The team also discusses the Cr1ptTor ransomware, an unknown North...

    Read Post
  • Weekly Intelligence Summary: Ep 7

    Weekly Intelligence Summary: Ep 7

    This week, Phil and Alex join Harrison to discuss a new malware delivery technique using the Outlook preview panel. Also, threat actor Gnosticplayers was offering large data sets for sale on Dream...

    Read Post
  • loading
    Loading More...