Midnight Blizzard
State of Cybercrime
by Matthew Radolec, David Gibson, Varonis
1w ago
Russia's APT29, a.k.a "Midnight Blizzard," is arguably one of the world's most notorious threat actors. You might recall their involvement in the 2019 SolarWinds attack where they operated under the alias "Cozy Bear." The group is back with more relentless attacks—breaching cloud credentials and targeting over 100 organizations worldwide. In this episode of State of Cybercrime, Matt and David dive into some of the hottest cybersecurity news and recent breaches, including Midnight Blizzard. Discover how these sophisticated attacks are happening and what you can do to stay a step ahead.  ..read more
Visit website
ChatGPT Memory Manipulation + Salt Typhoon
State of Cybercrime
by Kelsea Morrison
1M ago
Hosts Matt Radolec and David Gibson explain how cybercriminals are manipulating AI models like ChatGPT to plant false memories and steal data, along with other cybercrime-related stories like Salt Typhoon.  Salt Typhoon is a Chinese hacking group that has reportedly breached multiple key U.S. broadband providers, raising significant concerns about the security of sensitive communications data.  The hackers may have had access to these networks for months, raising significant concerns about the security of sensitive communications data.  More from Varonis ⬇️   Visit our ..read more
Visit website
More Scout Brody: Bringing Design Thinking to IoT
State of Cybercrime
by Cindy Ng, Scout Brody
1M ago
By now, we’ve all seen the wildly popular internet of things devices flourish in pop culture, holding much promise and potential for improving our lives. One aspect that we haven’t seen are IoT devices that not connected to the internet. In our follow-up discussion, this was the vision Simply Secure's executive director Scout Brody advocates, as current IoT devices don’t have a strong foundation in security. She points out that we should consider why putting a full internet stack on a new IoT device will help an actual user as well as the benefits of bringing design thinking when creating ..read more
Visit website
The Return of Lazarus
State of Cybercrime
by Matthew Radolec, David Gibson, Varonis
2M ago
The North Korean Lazarus group is running multiple high-risk campaigns: one exploiting Windows and another installing malware through fraudulent blockchain job offers.  State of Cybercrime hosts Matt Radolec and David Gibson discuss the various APT groups, including a prolific ransomware-as-a-service operation and a Chinese cyber espionage gang known as Volt Typhoon, and other vulnerable vulnerabilities in this episode, including:  + Lazarus FudModule rootkit attacks and the concurrent Eager Crypto Beavers campaign  + RansomHub attacks on Halliburton, Change Healthcare, and hund ..read more
Visit website
Proofpoint Spoofing
State of Cybercrime
by Matt Radolec, David Gibson
3M ago
Matt Radolec and David Gibson discuss how an unknown attacker recently exploited a vulnerability in Proofpoint’s email routing system, allowing them to bypass security measures and send millions of spoofed emails on behalf of major companies.  The co-hosts also cover:  + The North Korean threat actor hired using AI  + The biggest ransomware payment ever made  + How X is training its Grok AI LLM with your posts  + The EU’s groundbreaking AI act  + How anyone can access deleted and private repositories on GitHub  + Updates on AMD's silicon-level "SinkClose" pro ..read more
Visit website
The Lockbit Bluff
State of Cybercrime
by Matt Radolec, David Gibson
4M ago
In this episode of State of Cybercrime, co-hosts Matthew Radolec and David Gibson dive into the details around LockBit, and cover other news including:  + The MOVEit authentication bypass flaw  + Developments in the Polyfill supply chain attack affecting millions of websites  + Updates on the targeted campaign against Snowflake  +A massive insider breach of a Pennsylvania healthcare system  + Two new attack methods threat actors are adopting  + The new OpenSSH unauthenticated RCE vuln that gives root privileges to + Linux systems ..read more
Visit website
Snowflake Security Check
State of Cybercrime
by Matt Radolec, David Gibson
6M ago
Snowflake, a cloud storage platform used by some of the largest companies in the world, is investigating a targeted attack on its users who lack multifactor authentication.  Join Matt Radolec and David Gibson for an episode of State of Cybercrime in which we discuss the increased attacks on Snowflake customers and share our five-point checklist for ensuring your cloud databases are properly configured and monitored.  WE’LL ALSO COVER:  The world’s largest botnet ever discovered Google’s algorithm leak The Black Basta ransomware-as-a-service (RaaS) operation The cyberattack that ..read more
Visit website
Inside China's APT Network
State of Cybercrime
by Matt Radolec, David Gibson
9M ago
A new data leak of more than 500 documents published to GitHub reveals the big business behind China’s state-sponsored hacking groups — from top-secret surveillance tools to details of offensive cyber ops carried out on behalf of the Chinese government.   Join Matt and David for a special State of Cybercrime, which dives into China's espionage campaigns and complex network of resources.   We’ll also discuss: - The massive cyberattack on Change Healthcare - Zyndicate’s successful hack of the Danish government - Apple Vision Pro’s launch day woes - Multiple developments in AI risk/regu ..read more
Visit website
Ivanti Zero-Days
State of Cybercrime
by Matt Radolec, David Gibson, Dvir Sason
10M ago
CISA issued an emergency directive to mitigate Ivanti Connect Secure and Ivanti Policy Secure vulnerabilities after learning of malware targeting the software company, allowing unauthenticated threat actors to access Ivanti VPNs and steal sensitive data.  CISA is requiring all federal agencies to disconnect from affected Ivanti products by EOD February 2, 2024. The directive also warned that attackers had bypassed workarounds for current resolutions and detection methods.  Join Matt, David, and Dvir to learn more about the Ivanti vuln and other cyber threats.  OTHER BREAKING STO ..read more
Visit website
Hackers Swatting Victims
State of Cybercrime
by Matt Radolec, David Gibson
11M ago
Enjoy our first State of Cybercrime episode of 2024 as Matt Radolec and David Gibson cover: Who is to blame for 23andMe’s big breach SEC’s X account getting hacked Threat actors swatting patients Varonis Threat Labs research on a new, widespread vulnerability: https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes Mentioned in this episode: NTLM Blog Post: https://www.varonis.com/blog/investigate-ntlm-brute-force Varonis Threat Labs Blog: https://www.varonis.com/blog/tag/threat-research ..read more
Visit website

Follow State of Cybercrime on FeedSpot

Continue with Google
Continue with Apple
OR