Fortinet Breach, Malware Locks Users in "Kiosk" Mode, Insider Threat Case Studies

Join hosts Chris, Kim and Anna as they discuss:ReliaQuest's Cyber Threat Predictions for 2025Huge Data Leak Linked to 2023 MOVEit FlawNew Ransomware Partners with RustyStealerVolt Typhoon Rebuilds Dismantled BotnetResources:https://www.reliaquest.com/blog/report-shows-ransomware-has-grown-41-for-construction-industry/https://www.reliaquest.com/blog/service-account-abuse/Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes.Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Anna Jones: Anna is a Cyber Threat Intelligence Analyst at ReliaQuest, based in our London office. She joined in June 2023 and specializes in OSINT investigations, with 5 years of experience in threat intelligence. Anna's expertise in sourcing and analyzing covert threat data provides unique insights into cybercriminal activities for ShadowTalk. 

In this episode of ShadowTalk, hosts Chris and Kim are joined by Senior Threat Intelligence Analyst Ivan Righi, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest research exploring credential theft and misuseSocial engineering campaign targets LastPass usersPatch now: Sharepoint vulnerability exploited in the wildNew Interlock ransomware group targeting FreeBSD OSResources:https://www.reliaquest.com/blog/the-credential-abuse-cycle-theft-trade-and-exploitation/

In this episode of ShadowTalk, hosts Kim and Chris are joined by guest speaker Eric Knopp, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest research identifies Black Basta TTP changesAmazon seize APT29 domainsTango down: Redline & Meta Infostealers taken down by Dutch policeThe importance of supporting DEI programs in hiring practicesResources:https://www.reliaquest.com/blog/black-basta-social-engineering-technique-microsoft-teams/https://www.reliaquest.com/blog/5-critical-threat-actors-you-need-to-know-about/Eric Knopp: VP Security Operations for one of ReliaQuest’s customers, a large global financial services company. Eric has been in the IT industry for almost 30 years, with the past 11 in IT Security. He also has a passion for diversity, equity and inclusion, co-leading the DEI Committee in London. He also supports the cyber apprenticeship program in the UK.Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes. 

In this episode of ShadowTalk, host Kim is joined by Director of Threat Research Brandon Tirado and Threat Hunter Brian Kelly, to discuss the latest news in cybersecurity and threat research. Topics this week include:Scattered Spider x RansomHub: A New PartnershipUS Authorities Indict Anonymous Sudan LeadersCrypt Ghouls Deploys LockBit on Russian OrganizationsAPT41 Targets Gambling and Gaming Industry in New Financially-Motivated Campaign  Resources:https://www.reliaquest.com/resources/research-reports/five-ways-cyber-attackers-exploit-cloud-environments/https://www.reliaquest.com/blog/virtual-machines-defense-evasion/Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Brandon Tirado: Brandon Tirado is the Director of Threat Research for ReliaQuest. Brandon is a skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical and strategic viewpoints. Brian Kelly: Brian Kelly is an experienced Threat Hunter and Intrusion Response Operator with a deep understanding of adversary tactics, techniques, procedures (TTPs), and motivations. Beginning his career in IT, Brian swiftly transitioned into cybersecurity, where he actively hunts for threats within organizations and responds to ongoing incidents. His expertise in adversary emulation and TTP exploration empowers him to anticipate and counteract malicious activities. Positioned on the front lines, Brian offers invaluable and actionable insights on the current threat landscape for ShadowTalk.

In this episode of ShadowTalk, host Chris and Kim are joined by Detection researcher Corey Carter, to discuss the latest news in cybersecurity and threat research. Topics this week include:ReliaQuest reporting on ransomware activity in Q3 2024OpenAI confirm malicious use of ChatGPTRussian APT29 mass exploiting known vulnerabilitiesCISCO data reportedly breached by IntelBrokerResources:https://media.defense.gov/2024/Oct/09/2003562611/-1/-1/0/CSA-UPDATE-ON-SVR-CYBER-OPS.PDFhttps://www.reliaquest.com/blog/q3-2024-ransomware/Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes. Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.Corey Carter: Corey Carter is a Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with his military background, equips him with a unique perspective on cybersecurity challenges. 

In this episode of ShadowTalk, host Chris and Kim are joined by detection researcher, Marken, to discuss the latest news in cybersecurity and threat research. Topics this week include:Cyber Threats Facing the Health Care and Social Assistance SectorSalt Typhoon Compromises US-based Telecoms Companies Microsoft and US DoJ Takedown Star Blizzard InfrastructureGorilla Botnet Conducts Large-Scale DDoS CampaignResources:https://www.reliaquest.com/blog/threats-health-care-social-assistance-landscape/

In this episode of ShadowTalk, host Chris and Kim are joined by guest Samantha Billy, AON U.S Broking Growth Leader, to discuss the latest news in cybersecurity and threat research. Topics this week include:The Critical Role of Cyber Insurance in Mitigating Cyber RiskEmbargo Ransomware Targeting CloudIranian Threat Actors Conducting Influence Ops Against US ElectionsNational Crime Agency Tease Lockbit UpdateResources:https://www.reliaquest.com/blog/2024-us-election-top-cyber-threats-organizational-impacts/

In this episode of ShadowTalk, host Chris and Kim, along with Threat Hunter Brian, discuss the latest news in cybersecurity and threat research. Topics this week include:Telegram Pivot 180: Agree to Share IP and Phone Data on Legal RequestsKaspersky Auto-Replace Software with UltraAV AntivirusDell Investigate Two Data BreachesReliaQuest Data Exfiltration Case Study

In this episode of ShadowTalk, host Chris, along with Corey and Anna, discuss the latest news in cyber security and threat research. Topics this week include:Threat actors express difficulty in retrieving stolen Fortinet dataAmadey malware's novel approach: Users locked in Kiosk Mode Aftermath of incident affecting Transport for London (TFL)ReliaQuest Response to Insider Threat CasesResources:https://www.reliaquest.com/blog/common-infostealers/

In this episode of ShadowTalk, host Chris Morgan, along with Marken Teder, discuss the latest news in cyber security and threat research. Topics this week include:Russia's Military Intelligence target CNI, identified using "Non-Lethal Acoustic Weapons" New Sextortion scam targets spousesPrivacy concerns with smart automobilesReliaQuest research into "Inc Ransom" Data Extortion Attack Resources:https://www.reliaquest.com/blog/inc-ransom-attack-analysis/