A Couple of Rats Pick Up New Tricks, Un Proposes Cybercrime Treaty
2024-12-04
0:00
43:56
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft’s Dinesh Natarajan, Senior Threat Hunter, and Thomas Ball, Senior Security Researcher. They unpack recent findings around AsyncRAT, a remote access Trojan (RAT) used for keylogging, data exfiltration, and deploying further malware.
Dinesh explains how attackers are now using screen-sharing tools, like Screen Connect, as part of a new infection chain that makes the malware delivery process more deceptive. Thomas then shares insights on SectopRAT, another threat targeting browser data and crypto wallets. Uniquely, this RAT creates a second desktop, allowing attackers to operate undetected.
Next, Sherrod talks with Microsoft’s Senior Director of Diplomacy, Kaja Ciglic, about the UN’s proposed cybercrime treaty. Originally spearheaded by Russia, the treaty aims to create a global framework for prosecuting cybercrime, but critics worry about its potential impact on freedom of expression and human rights.
In this episode you’ll learn:
How tech support scam emails lead to AsyncRAT installations on different devices
The importance of leveraging tools like Microsoft Defender's SmartScreen for protection
The treaty encourages cooperation but may let governments exploit unclear cybercrime definitions
Some questions we ask:
How does social engineering through email play a role in these attacks?
What capabilities does AsyncRat have, and why is it so concerning?
How do we ensure the treaty doesn't impact freedom of expression or human rights?
Resources:
View Dinesh Natarajan on LinkedIn
View Thomas Ball on LinkedIn
View Kaja Ciglic on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Fler avsnitt från "Microsoft Threat Intelligence Podcast"
Missa inte ett avsnitt av “Microsoft Threat Intelligence Podcast” och prenumerera på det i GetPodcast-appen.