Why Cloud Threats Are Escalating: Identity Risks, Automation Flaws, and Legacy Vulnerabilities, Plus the Latest on Chinese APT Campaigns and NPM Package Abuse

Resources: https://linktr.ee/ReliaQuestShadowTalkDo you really need predictions to tackle cyber threats? Join host Kim along with intelligence analyst John & special guest CISO Rafal Baran as they discuss:New NPM Supply Chain Threat (1:13)China Manipulates AI for Initial Access (4:46)Cloud Gaps Bring IoT Takeover (7:29)2026 Cyber-Threat Predictions (10:57)Rafal Baran: IT security leader and CISO in the global reinsurance space. He focuses on building practical security and privacy programs across multiple jurisdictions, with an emphasis on cloud security and incident readiness. He advises senior leadership on emerging risks and resilience and holds boardroom certification as a Qualified Technology Expert, along with multiple credentials spanning cybersecurity, privacy, and the re/insurance domains. Outside his role, he mentors upcoming security professionals and contributes to the broader cyber community. Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim, intelligence analyst John, and threat hunter Tristan as they discuss:Fortinet Flaw Enables Admin TakeoverAkira Ransomware Targets Nutanix VMsSmart Redirects Evade Phishing DetectionThreat Hunter Hacks: SEO Hits HardListen on @Listennotes: https://lnns.co/mgbyVjXv7p6Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Tristan Luikey: Threat Hunter at ReliaQuest, specializing in responding to and mitigating active breaches to safeguard customers' networks. In addition to breach response, Tristan conducts comprehensive research into emerging threats and attack techniques, enabling proactive threat hunting to strengthen organizational security.

Resources: https://linktr.ee/ReliaQuestShadowTalkWondering why Gootloader is suddenly back in action? Join host Kim along with intelligence analyst Hayden & Systems Security Engineer Corey as they discuss:Gootloader Returns Using SEO Poisoning (1:27)New Android Spyware LANDFALL (6:33)Curly COMrades Hide in Windows Using Linux VMs (10:57)Sector-by-Sector Cyber Trends Q3 2025 (15:20)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Corey Carter: Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with his military background, equips him with a unique perspective on cybersecurity challenges.Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security.

Resources: https://linktr.ee/ReliaQuestShadowTalkDid you know 99% of cloud identities are over-privileged, creating the perfect storm for attackers to seamlessly infiltrate your environment? Join host Kim along with intelligence analysts John & Alex as they discuss: Chinese Nation-State Campaigns and Geopolitics (1:12)Malicious NPM Packages (7:20)TruffleNet Attacks on AWS (10:53)The Danger of Over-Privileged Cloud Identities (15:36)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Alexander Capraro: Alexander Capraro is a Cyber Threat Intelligence Analyst at ReliaQuest with over five years of experience in cybersecurity. With his prior experience as a Security Analyst, he specializes in incident response, malware campaign tracking, and OSINT investigations.  

Resources: https://linktr.ee/ReliaQuestShadowTalkPicture this: You close a $50M acquisition on Friday and by Monday, attackers are in your network. Sound far-fetched? It's not. Join host Kim along with intelligence analyst John & Threat Hunter Leo as they discuss:Attackers Exploit WSUS Flaw (1:15)Qilin Deploys Cross-Platform Attacks (4:21)Lazarus Group Reignites Operation DreamJob (9:05)Threat Hunter Hacks: Active Cyber Threats in M&A (15:19)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Leo Dawson: Leo Dawson is a Threat Hunter on the ReliaQuest Threat Research Team. With a deep background in Experimental Physics and Artificial Intelligence, Leo brings a unique interdisciplinary perspective to cybersecurity. He is driven by a passion for leveraging these skills to proactively track, analyze, and understand threat actor campaigns while gaining deeper insights into their evolving tactics and behaviors. 

Resources: https://linktr.ee/ReliaQuestShadowTalkWondering what makes ransomware operations successful? Join host Kim along with intelligence analyst John & former FBI Special Agent Keith Mularski as they discuss:Year-Long F5 Breach (2:42)North Korean Attacker Adopts EtherHiding (7:53)Phishing Attacks Target LastPass (12:11)Fighting Ransomware Automation: A CISO's Guide (17:19)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Keith Mularski is the Chief Global Ambassador at Qintel, where he leads global engagement and represents the company’s intelligence mission across governments, industry, and cybersecurity communities worldwide. Before joining Qintel, Keith led the Cyber Threat Management group at Ernst & Young, advising Fortune 100 companies on proactive defense and intelligence strategies. He also served more than 20 years as an FBI Special Agent, leading groundbreaking cybercrime investigations and pioneering collaboration between law enforcement and the private sector. His undercover work has been featured in the books Kingpin and DarkMarket. Keith is also co-host of the podcast Only Malware in the Building, where he explores the stories behind cybercrime and threat intelligence.

Resources: https://linktr.ee/ReliaQuestShadowTalkHow long could Flax Typhoon nestle silently in your networks? Join host Kim along with intelligence analysts John & Joey as they discuss:Velociraptor Abused in Ransomware Attacks (1:13)New Oracle E-business Suite Flaw (5:19)GitHub CamoLeak AI Attack (7:46)Year-Long Flax Typhoon ArcGIS Campaign  (11:23)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with Intelligence Analyst John and Threat Detection Engineer Marken as they discuss:Clop's Exploitation of Oracle E-Business Suite (1:09)Scattered Lapsus$ Hunters Return With Salesforce Leaks (5:27)Shutdown Threatens US Intel Sharing and Cyber Defense (10:02)Ransomware and Cyber Extortion in Q3 2025 (15:02)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Marken Teder: Threat Detection Engineer at ReliaQuest, with a total of 7 years at the company. A native Estonian, he has previously worked as an Incident Response Analyst, Content Developer, and Security Architect. Marken's extensive experience in detection and response brings a robust technical perspective to discussions.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Joey along with intelligence analysts Alex and Hayden as they discuss:Brickstorm Backdoor in U.S. Legal and Tech Sectors (1:17)Storm-1849 Targeting Cisco ASA Devices (4:38)Medusa Attempts to Pay Reporter for Initial Access (7:00)Debate Over Government Zero-Day Stockpiling (14:41)Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs.Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also experienced with intrusion response, OSINT investigations, and offensive security. Alexander Capraro: Cyber Threat Intelligence Analyst at ReliaQuest with over five years of experience in cybersecurity. With his prior experience as a Security Analyst, he specializes in incident response, malware analysis and campaign tracking, and OSINT investigations.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim along with intelligence analysts John and Joey as they discuss:Summer 2025 Attacker Trends (13:41)Self-Replicating 'Shai-hulud' Worm Targeting NPM Packages (1:05)Fortra Critical Patch for GoAnywhere MFT Vulnerability (3:49)Phishing Round Up: File Fix Campaign and Microsoft's RaccoonO365 Takedown (7:12)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Joseph Keyes: Cyber Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. With his prior role as a Cyber Security Analyst, he has gained years of experience in triaging and responding to active threats using GreyMatter's various tools. Joseph is skilled in intrusion response, threat actor profiling, OSINT across the clear and dark web, and analyzing adversarial TTPs.