Recorded Future - Inside Security Intelligence podcast

233 FIN7 Group Lures Cyber Pros With Fake Jobs

0:00
28:24
15 Sekunden vorwärts
15 Sekunden vorwärts
The cybercriminal group FIN7 made a name for themselves in the criminal underworld for being responsible for large-scale payment card theft campaigns, resulting in the exposure of over 20 million card records. More recently they’ve set their sights on ransomware, as well, and to support their efforts they began recruiting employees using a bogus cybersecurity company using the name Bastion Secure. Our guest today is Ilya Volovik, team lead for the threat intelligence team at Gemini Advisory, a Recorded Future company. He and his colleagues recently published research titled FIN7 Recruits Talent For Push Into Ransomware. He describes how a source reached out to describe being recruited by the FIN7 decoy company, which led to insights into some of the tools they use.

Weitere Episoden von „Recorded Future - Inside Security Intelligence“

  • Recorded Future - Inside Security Intelligence podcast

    242 The 2022 Threat Intelligence Outlook

    18:55

    Joining us this week is Jason Steer, principal security strategist at Recorded Future. Our conversation centers on the state of threat intelligence in a rapidly changing security environment, how organizations are adapting and evolving their threat intelligence strategies, as well as Jason Steer’s outlook on some of the security challenges professionals are likely to face in the year ahead.
  • Recorded Future - Inside Security Intelligence podcast

    241 Cybersecurity First Principles

    27:23

    Rick Howard has enjoyed a distinguished career in cybersecurity, including time in the U.S. Army and as chief security officer at Palo Alto Networks. These days, I’m proud to call Rick my colleague at the CyberWire, where he serves as our chief security officer and chief analyst.  Rick Howard is also creator of the podcast series CSO Perspectives, where he explores the wide spectrum of issues facing chief security officers. In an early season of that show, Rick focuses on the notion of first principles, the foundational notions on which our fundamental security ideas and beliefs rest. Rick Howard joins us this week for an overview of first principles — what it means, how to implement it, and how to convince the powers that be in your organization that it’s the right thing to do.
  • Recorded Future - Inside Security Intelligence podcast

    Verpasse keine Episode von Recorded Future - Inside Security Intelligence und abonniere ihn in der kostenlosen GetPodcast App.

    iOS buttonAndroid button
  • Recorded Future - Inside Security Intelligence podcast

    240 Mitigating Synthetic Identity Security Risks

    18:47

    Bad actors continue to accelerate their use of inauthentic or captured online identities to facilitate their activities. Whether it’s phishing for credentials, making use of leaked identity databases or scraping publicly accessible information, they take advantage of weaknesses in identity management systems and inadequate awareness to make their way into and, once inside, around systems. Our guest this week is Recorded Future’s Vice President of Product Management, Jamie Zajac. She explains the ongoing challenges organizations face with identity fraud, and what can be done to prevent it.
  • Recorded Future - Inside Security Intelligence podcast

    239 DDoS Defenses Divide and Conquer

    20:28

    Distributed Denial of Services attacks continue to grow in size, frequency and sophistication, and it’s in every organization’s best interest to properly prepare themselves against this sort of online attack.  The team at Cloudflare recently published their 2021 Q3 report on DDoS, outlining their observations and recommendations for mitigating DDoS attacks. Joining us is John Graham-Cumming, CTO at Cloudflare, to share his insights on the state of the DDoS threat, and where things may be headed.
  • Recorded Future - Inside Security Intelligence podcast

    238 Shielding the Nuclear Arsenal From Cyber Attacks

    28:42

    Joining us this week is Herbert Lin, Senior Research Scholar at the Center for International Security and Cooperation and Hank J. Holland Fellow at Stanford University. He’s author of the book, Cyber Threats and Nuclear Weapons, in which he outlines the challenges the U.S. faces in modernizing the control systems for our nuclear weapons arsenal, the dangers of connecting these systems to the internet, and the peril of feature-creep and increased complexity in the nuclear age.
  • Recorded Future - Inside Security Intelligence podcast

    237 Protecting Veterans from Targeted Online Scams

    24:21

    Recorded Future’s Insikt Group recently published a report titled, “Cyber Threats to Veterans in 2021: Spam and Scams Exploit Support for Veterans.” The report outlines the ways online scammers are targeting both veterans themselves and people who may be sympathetic to causes that claim to support veterans.  Andrew McIntyre and David Carver are members of the Recorded Future Insikt Group’s subscriptions and periodicals team, and they join us with insights from the report.
  • Recorded Future - Inside Security Intelligence podcast

    236 Preparing for the Next Ransomware Generation

    21:44

    On this week’s show we welcome back Recorded Future’s Allan Liska to discuss his newly published book, Ransomware: Understand, Prevent, Recover. In the years since Allan co- authored his previous book on ransomware much has changed, with an increased sophistication from the threat actors, higher ransom demands and extortion thrown into the mix. Allan Liska explains these changes, and provides his expert insights on what organizations need to do to protect themselves from this continuing threat.
  • Recorded Future - Inside Security Intelligence podcast

    235 CISA's Collaborative Mission of Public Private Partnerships

    18:55

    The Cybersecurity and Infrastructure Security Agency, better known as CISA, was spun up in 2018, operating under the Department of Homeland Security. In July of 2021, Jen Easterly was confirmed by the US Senate as director of CISA, and under her leadership the organization has continued its efforts toward public private partnerships in cybersecurity. CISA recently established the Joint Cyber Defense Collaborative (JCDC), an effort by the agency to lead the development of proactive cyber defense operations plans. Kiersten Todt is chief of staff at CISA, and she joins us with insights on the agency’s efforts.
  • Recorded Future - Inside Security Intelligence podcast

    234 Deepfakes and Synthetic Media Ethics Explained

    22:17

    Deepfakes and other synthetic media have been grabbing headlines recently for a spectrum of reasons, from unauthorized celebrity pornography to comedy memes and even alleged fraud cheating companies out of hundreds of thousands of dollars. It’s a rapidly evolving technology that, like most technological innovations, can be used for good or evil. Henry Ajder is head of policy and partnerships at Metaphysic, an organization at the cutting edge of synthetic media. He joins us to help make sense of synthetic media, and why as security professionals we need to stay vigilant about the pros and cons of the technology.
  • Recorded Future - Inside Security Intelligence podcast

    233 FIN7 Group Lures Cyber Pros With Fake Jobs

    28:24

    The cybercriminal group FIN7 made a name for themselves in the criminal underworld for being responsible for large-scale payment card theft campaigns, resulting in the exposure of over 20 million card records. More recently they’ve set their sights on ransomware, as well, and to support their efforts they began recruiting employees using a bogus cybersecurity company using the name Bastion Secure. Our guest today is Ilya Volovik, team lead for the threat intelligence team at Gemini Advisory, a Recorded Future company. He and his colleagues recently published research titled FIN7 Recruits Talent For Push Into Ransomware. He describes how a source reached out to describe being recruited by the FIN7 decoy company, which led to insights into some of the tools they use.

Hol dir die ganze Welt der Podcasts mit der kostenlosen GetPodcast App.

Abonniere alle deine Lieblingspodcasts, höre Episoden auch offline und erhalte passende Empfehlungen für Podcasts, die dich wirklich interessieren.

iOS buttonAndroid button
© radio.de GmbH 2022radio.net logo