Salesforce Attack Fallout, Axios Abuse, and Cloud Ransomware

Resources: https://linktr.ee/ReliaQuestShadowTalkThinking about whether you need more AI in SecOps? Join host Kim along with intelligence analyst Joey & systems security engineer Corey as they discuss:SAP S/4HANA Flaw Exploitation (2:09)AI-Powered Malware Exposes GitHub (4:24)APT28 Outlook Backdoor hits NATO (8:21)ReliaQuest Experts Answer Your Questions (11:55)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs. Corey Carter: Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with his military background, equips him with a unique perspective on cybersecurity challenges.

Resources: https://linktr.ee/ReliaQuestShadowTalkNeed the latest information on Salesloft Drift? Join host Kim along with intelligence analyst John & detection engineer Marken as they discuss:Salesloft Drift Tokens Result in Salesforce Data Theft (1:31)Storm-0501 Shifts Ransomware Attacks to Cloud (6:36)APT29 Microsoft 365 Campaign Disrupted (11:26)Axios, Direct Send Abuse Redefine Phishing (14:19)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder: Threat Detection Engineer at ReliaQuest, with a total of 7 years at the company. A native Estonian, he has previously worked as an Incident Response Analyst, Content Developer, and Security Architect. Marken's extensive experience in detection and response brings a robust technical perspective to discussions.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. 

Resources: https://linktr.ee/ReliaQuestShadowTalkCurious about the skills needed for modern cyber attacks? Join host Kim along with intelligence analysts John & Hayden as they discuss:Apple Patches Exploited Zero-Day (1:40)Hackers Abuse Linux Files to Drop Malware (3:50)Silk Typhoon Attacks Cloud Supply Chains (7:21)ReliaQuest Uncovers Cybercriminals' Most Sought After Skills (11:02)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security. 

Resources: https://linktr.ee/ReliaQuestShadowTalkIntrigued by Warlock ransomware's Chinese connection? Join host Kim along with intelligence analysts Joey & John as they discuss:\Warlock Ransomware Attacks Against Telecoms (3:12)New FortiSIEM Flaw Exploited in the Wild (5:19)Man-in-the-Prompt Attack Steals Data from LLMs (8:04)How ReliaQuest Tracks Ransomware Groups and Evolving Cyber Threats (12:36)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs. John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. 

Resources: https://linktr.ee/ReliaQuestShadowTalkWant to know if ShinyHunters and Scattered Spider are really working together? Join host Kim along with detection engineer Marken as they discuss:WinRAR Zero-Day Exploited in RomCom Attacks (1:44)New EDR Killer Popular with Ransomware Groups (4:30)Data Breach Reveal Kimsuky Inner Workings (11:31)ReliaQuest Uncovers Potential ShinyHunters x Scattered Spider Collaboration (15:00)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder: Threat Detection Engineer at ReliaQuest, with a total of 7 years at the company. A native Estonian, he has previously worked as an Incident Response Analyst, Content Developer, and Security Architect. Marken's extensive experience in detection and response brings a robust technical perspective to discussions.

Akira ransomware group is exploiting potential zero-day vulnerabilities, and digital risk protection (DRP) threats are rapidly evolving. Join host Joey, along with intelligence analysts John and Hayden, as they dive into:Akira Ransomware Exploiting a Potential Zero DayPlague Backdoor Emerges as Silent IntruderEvolving Tactics of North Korean AttackerDRP Threats Surge Amid Organizational GrowthResources: https://linktr.ee/ReliaQuestShadowTalkJoseph Keyes: Joseph Keyes is a Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs. John Dilgen: John Dilgen is a Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest. Hayden Evans: Hayden Evans is a Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security. 

Resources: https://linktr.ee/ReliaQuestShadowTalkCurious how the latest CrushFTP exploit works? Join host Kim along with intelligence analyst Hayden and threat hunter Leo as they discuss:BreachForums Back, XSS Out (1:28)Warlock Ransomware Hits SharePoint (5:28)Fire Ant Stings ESXi (9:39)ReliaQuest Uncovers CrushFTP Attack Chain (13:35Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security.Leo Dawson: Threat Hunter on the ReliaQuest Threat Research Team. With a deep background in Experimental Physics and Artificial Intelligence, Leo brings a unique interdisciplinary perspective to cybersecurity. He is driven by a passion for leveraging these skills to proactively track, analyze, and understand threat actor campaigns while gaining deeper insights into their evolving tactics and behaviors. 

Resources: https://linktr.ee/ReliaQuestShadowTalkCurious about how cybercriminals use AI? Join host Kim along with detection engineer Marken and intelligence analyst Alex as they discuss:New SharePoint Vulnerability (1:34)LameHug AI-Powered Malware (5:55)UK Bans Ransomware Payments (9:44)AI Tactics Behind the Latest Cyber Threats (14:11)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Marken Teder: Threat Detection Engineer at ReliaQuest, with a total of 7 years at the company. A native Estonian, he has previously worked as an Incident Response Analyst, Content Developer, and Security Architect. Marken's extensive experience in detection and response brings a robust technical perspective to discussions.Alexander Capraro: Cyber Threat Intelligence Analyst at ReliaQuest with over five years of experience in cybersecurity. With his prior experience as a Security Analyst, he specializes in incident response, malware analysis and campaign tracking, and OSINT investigations.

Resources: https://linktr.ee/ReliaQuestShadowTalkEver wondered if IOCs are still relevant in a world of polymorphic malware and zero-day exploits? Join host Kim along with intelligence analyst Joey and threat hunter Tristan as they discuss:North American APT Targets China (1:25)Chatbot Exposes Thousands of Job Applications (4:57)New Phishing Campaign Targets VIPs (7:17)How IOCs are Used in Modern Threat Hunting (10:07)Kim Bromley: Kim Bromley is a Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.  Joseph Keyes: Joseph Keyes is a Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs. Tristan Luikey: Tristan Luikey is a Threat Hunter at ReliaQuest, specializing in responding to and mitigating active breaches to safeguard customers' networks. In addition to breach response, Tristan conducts comprehensive research into emerging threats and attack techniques, enabling proactive threat hunting to strengthen organizational security. 

Resources: https://linktr.ee/ReliaQuestShadowTalkHave you heard of SafePay ransomware? Join host Kim along with intelligence analysts Hayden and John as they discuss:SafePay Targets Ingram Micro (1:16)Updates on Iran-Israel (5:43)North Korea Adopts ClickFix & Attacks Web3 (8:24)Insights from ReliaQuest Customer Incidents (13:14)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.