In this week’s episode Shadow Talk we look at the Winnti Umbrella group, asking what this means for organizations. We discuss vulnerabilities in Microsoft Office (CVE-2018-8174) and basestriker. And, finally, we outline the fall out surrounding the Olympus dark web marketplace.
Home » ShadowTalk - Threat Intelligence Podcast by Digital Shadows » Episode 20: Winnti Umbrella, DarkHotel, Office 365 Vulnerability, and Olympus Dark Web Marketplaces
Episode 21: eFail vulns affecting Open PGP and S-MIME, and interbank payment systems risks
In this week’s episode of Shadow Talk, Digital Shadows’ Head of Security Engineering, Dr Richard Gold, join...
Like what you hear?
Rate us on iTunes!
Most Recent Articles
Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown On RAT Spyware
New cybercrime research we put out on the Modern Cybercriminal Forum and how the rise of alternative technologies hasn’t spelled the end of forums, which seem to be prospering against all odds.
Black Friday Deals On The Dark Web, Phineas Fisher Manifesto, And DarkMarket
Adam Cook and Viktoria Austin talk through the security and threat intelligence stories of this week including an update around Phineas Fisher, where the hacker offered up to $100k in what they...
BSidesDFW Recap, Dynamic CVV Analysis, And The Facebook Camera Bug
Dallas is sound effects and all this week with Kacey, Charles, Alex, and Harrison. The team discusses their recent OSINT workshop at BSidesDFW and how you can access the training materials, plus...
BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach
This week the London team looks at the following stories: - BlueKeep Exploit Could Rapidly Spread - Megacortex Ransomware Changes Windows Passwords - Japanese Media Company Nikkei - $29 million...
7.5M Adobe Creative Cloud User Records Exposed, City Of Joburg Ransomware Attack, and APT28 Updates
Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of aboutt 7.5 million Adobe Creative Cloud...
Avast Breach Attempt, NordVPN Breach, And Wifi Security Risks
The team first looks at Avast, which encountered a cyber espionage attempt. Then NordVPN announced that a hacker had breached servers used by NordVPN. And finally Dr. Richard Gold put out a new blog t
Singapore Cyber Threat Landscape Updates 1H 2019
Adam Cook, Philip Doherty, and Xueyin Peh join Viktoria Austin for a special ShadowTalk episode around the Singapore Cyber Threat Landscape. The team looks at the heightened threat level for...
Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability
Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version of Chopped). Then we dig into the hot topics of the week.
Iran-Linked APT35, Skimming By Magecart 4, Rancour, And Emotet Resurgence
We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top stories. - APT35 Targets Email of US political figures & prominent Iranians -...
The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework
Director of Security Engineering, Richard Gold, joins Viktoria Austin in this special episode of ShadowTalk to look at the attacker goals, their TTPs, and map this to the Mitre PRE-ATT&CK and...
Magecart Five Widens Attack Vectors, Targeting of Airbus Suppliers, & Tortoiseshell Developments
Coming to you from London this week, Jamie Collier, Philip Doherty, and Josh Poole join Viktoria Austin for our weekly threat intelligence updates. The team kicks off with a discussion around the...
Tortoiseshell Targets IT Providers, The Tyurin Indictment, And Emotet’s Return
The team digs into the first story of the week: Tortoiseshell Group (a newly identified threat group) has reportedly conducted some supply chain attack campaigns against 11 IT providers in Saudi Arabi
NCSC Threat Trends And Ransomware Updates
It’s Harrison and Alex this week for your threat intelligence updates. The guys first dig into the NCSC’s recent threat trends report, the first of these that the NCSC has put out. It’s...
Purple Teaming: An Interview With Eliza May Austin
In this episode, Viktoria interviews Eliza May Austin (CEO & Co-Founder of th4ts3cur1ty.company), and our own Richard Gold and James Chappell on Purple Teaming.
Metasploit Project Publishes Exploit For Bluekeep, plus APT3 and Silence Cybercrime Group Updates
Viktoria Austin is joined by Adam Cook and Phil Dohetry this week in the London office to talk about the top story this week: Metasploit Project publishes exploit for Bluekeep bug.
Ryuk Ransomware, Twitter Rids SMS Tweets, And Facebook Records Exposed
Alex, Alec, and Harrison are in the room today discussing 3 top stories from the week. First up - a hacker deploys Ryuk ransomware against the city of New Bedford, Massachusetts, demanding $5.3...
More Sodinokibi Activity, Imperva Breach, And Weirdest Food At The Texas State Fair
Rick Holland and Alex Guirakhoo join Harrison Van Riper this week to talk through more Sodinokibi activity. Just yesterday, a cloud hosting provider for Digital Dental Records was hit with...
Approaching Cybersecurity As A Third Party Defense Contractor
Brian Neely, CIO and CISO at American Systems and Rick Holland, CISO at Digital Shadows join Harrison for a discussion around how Brian approaches cybersecurity as a defense contractor. American...
Texas Ransomware Outbreaks And Phishing Attacks Using Custom 404 Pages
Charles Ragland (a brand new ShadowTalk-er!) and Christian Rencken join Harrison this week to discuss an outbreak of ransomware attacks impacting local government entities across Texas. The team...
Breach! Exploring The Modern Digital Breach With Cyber Defense Lab’s CEO Bob Anderson - Part 2