Weekly: ConnectWise Critical Vulnerabilities , Credential Theft, NIST Frameworks

In this episode of ShadowTalk, host Rick Holland is joined by ReliaQuest CTO Joe Partlow and Lead Scientist Brian P. Murphy LIVE on the RSAC show floor in San Francisco, CA to discuss all things AI and automation.

In this episode of ShadowTalk, host Chris, along with Brian and Corey, discuss their career paths, as well as offering tips for individuals aiming to gain employment within cybersecurity.The importance of tact and developing both soft and hard skillsWorking around personnel constraints  Picking the right vendors to compliment your security modelRecommendations for advancing your own career

In this episode of ShadowTalk, host Chris, along Kim and one of ReliaQuest's CISO's Rick, discuss the latest news in cyber security and threat research. Topics this week include:APT28 Exploit 6 year old CISCO vulnerabilityReliaQuest research on Iran/Israel TensionsRansomware RebrandsApple notify users impacted by SpywareResources:https://www.reliaquest.com/blog/cyber-threats-linked-to-iran-israel-conflict/

In this episode of ShadowTalk, host Chris, along with Marken, discuss the latest news in cyber security and threat research. This weeks topics include:Palo Alto Critical Vulnerability under active exploitation ReliaQuest research on VPN attack surface managementOptum Healthcare data breached by RansomHub group

In this episode of ShadowTalk, host Chris, along with Gjergji and James, discuss the latest news in cyber security and threat research. Topics this week include:Health sector Cybersecurity Coordination Center (HC3) issues alert warning regarding attackers using social engineering to target IT helpdesk's across the health sectorReliaQuest releases it's findings from it's Q1 Phishing reportHow improper permissions can lead to problems with new Microsoft Copilot AIResources:https://www.reliaquest.com/blog/health-care-social-engineering-campaign/https://www.reliaquest.com/blog/phishing-tactics-and-trends-2024/

In this episode of ShadowTalk, host Kim, along with Brian, discuss the latest news in cyber security and threat research. Topics this week include:Sophisticated backdoor identified in XZ UtilsOur Spotlight report on SEO poisoningImpersonation scams cost $1.1 billion in 2023

In this episode of ShadowTalk, host Chris, along with ReliaQuest Threat Hunter's Caroline and Corey discuss the latest news in cyber security and threat research. This week's topics include:Issues with Google AI-powered search generative experience recommending scam sitesSpain high court judge issues temporary ban on messaging platform 'Telegram'Speculative Execution vulnerabilities found on Apple M Series and Intel Raptor Lake CPU's

In this episode of ShadowTalk, host Chris, along with Marken and ReliaQuest CISO Rick, discuss the latest news in cyber security and threat research. This week's topics include:2021 AT&T breach released for free Magnet Goblin threat group exploiting 1-day vulnerabilitiesAn introduction to ReliaQuest's Annual Threat Report (ATR)

In this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:TeamCity Server critical vulnerability leaves potential for supply chain riskReliaQuest research into advanced business email compromise (BEC) detectionsMicrosoft compromised by Midnight Blizzard password spraying attackResources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://blog.jetbrains.com/teamcity/2024/03/our-approach-addressing-recently-discovered-vulnerabilities-in-teamcity-on-premises/ https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://www.reliaquest.com/blog/business-email-compromise-detection/

In this episode of ShadowTalk, host Chris, along with Fearghal and Kim, discuss the latest news in cyber security and threat research. Topics include:An overview of the critical severity vulnerabilities affecting ConnectWise, patch now!ReliaQuest research into Browser Credential Dumping attacksThe latest in the world of ransomwareUpdate to National Institute of Standards and Technology (NIST) frameworkResources:https://www.reliaquest.com/blog/browser-credential-dumping/