Player FM - Internet Radio Done Right
30 subscribers
Checked 5d ago
Ajouté il y a quatre ans
Contenu fourni par N2K Networks Inc. and N2K Networks. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par N2K Networks Inc. and N2K Networks ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
Podcasts qui valent la peine d'être écoutés
SPONSORISÉ
<
<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/different-not-broken">Different, not broken</a></span>


You’ve spent your whole life feeling like something’s wrong with you. Here’s a radical thought: what if you’re not broken - just different? Welcome to Different, Not Broken, the no-filter, emotionally intelligent, occasionally sweary podcast that challenges the idea that we all have to fit inside neat little boxes to be acceptable. Hosted by L2 (aka Lauren Howard), founder of LBee Health, this show dives into the real, raw and ridiculous sides of being neurodivergent, introverted, chronically underestimated - and still completely worthy. Expect deeply honest conversations about identity, autism, ADHD, gender, work, grief, anxiety and everything in between. There’ll be tears, dead dad jokes, side quests, and a whole lot of swearing. Whether you're neurodivergent, neurotypical, or just human and tired of pretending to be someone you’re not, this space is for you. Come for the chaos. Stay for the catharsis. Linger for the dead Dad jokes.
Research Saturday
Tout marquer comme (non) lu
Manage series 2881647
Contenu fourni par N2K Networks Inc. and N2K Networks. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par N2K Networks Inc. and N2K Networks ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
…
continue reading
394 episodes
Tout marquer comme (non) lu
Manage series 2881647
Contenu fourni par N2K Networks Inc. and N2K Networks. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par N2K Networks Inc. and N2K Networks ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
…
continue reading
394 episodes
Tous les épisodes
×R
Research Saturday

This week, we are joined by Shaked Reiner , Security Principal Security Researcher at CyberArk , who is discussing their research on"Agents Under Attack: Threat Modeling Agentic AI." Agentic AI empowers LLMs to take autonomous actions, like browsing the web or executing code, making them more useful—but also more dangerous. Threats like prompt injections and stolen API keys can turn agents into attack vectors. Shaked Reiner explains how treating agent outputs like untrusted code and applying traditional security principles can help keep them in check. The research can be found here: Agents Under Attack: Threat Modeling Agentic AI Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 China’s new cyber arsenal revealed. 25:33
25:33
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé25:33
Today we are joined by Crystal Morin , Cybersecurity Strategist from Sysdig , as she is sharing their work on "UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell." UNC5174, a Chinese state-sponsored threat actor, has resurfaced with a stealthy cyber campaign using a new arsenal of customized and open-source tools, including a variant of their SNOWLIGHT malware and the VShell RAT. Sysdig researchers discovered that the group targets Linux systems through malicious bash scripts, domain squatting, and in-memory payloads, indicating a high level of sophistication and espionage intent. Their evolving tactics, such as using spoofed domains and fileless malware, continue to blur attribution and pose a significant threat to research institutions, critical infrastructure, and NGOs across the West and Asia-Pacific regions. The research can be found here: UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 Crafting malware with modern metals. 20:03
20:03
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé20:03
This week, we are joined by Nick Cerne , Security Consultant from Bishop Fox , to discuss "Rust for Malware Development." In pursuit of simulating real adversarial tactics, this blog explores the use of Rust for malware development, contrasting it with C in terms of binary complexity, detection evasion, and reverse engineering challenges. The author demonstrates how Rust's inherent anti-analysis traits and memory safety features can create more evasive malware tooling, including a simple dropper that injects shellcode using lesser-known Windows APIs. Through hands-on comparisons and decompiled output analysis, the post highlights Rust’s growing appeal in offensive security while noting key OPSEC considerations and tooling limitations. The research can be found here: Rust for Malware Development Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 The new malware on the block. 35:03
35:03
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé35:03
This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson , Proofpoint intelligence analyst and host of their podcast DISCARDED . Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we’re keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape , including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

Zach Edwards from Silent Push is discussing their work on "New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks." Silent Push analysts uncovered significant infrastructure used by the Lazarus APT Group, linking them to the $1.4 billion Bybit crypto heist through the domain bybit-assessment[.]com registered just hours before the attack. The investigation revealed a pattern of test entries, VPN usage, and fake job interview scams targeting crypto users, with malware deployment tied to North Korean threat actor groups like TraderTraitor and Contagious Interview. The team also identified numerous companies being impersonated in these scams, including major crypto platforms like Coinbase, Binance, and Kraken, to alert potential victims. The research can be found here: Silent Push Pivots into New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 Breaking barriers, one byte at a time. 22:21
22:21
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé22:21
This week, we are joined by Jon Williams , Vulnerability Researcher from Bishop Fox , discussing "Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware." Bishop Fox researchers reverse-engineered the encryption protecting SonicWall SonicOSX firmware, enabling them to access its underlying file system for security research. They presented their process and findings at DistrictCon Year 0 and released a tool called Sonicrack to extract keys from VMware virtual machine bundles, facilitating the decryption of VMware NSv firmware images. This research builds upon previous work, including techniques to decrypt static NSv images and reverse-engineer other encryption formats used by SonicWall. The research can be found here: Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

This week, we are joined by Tom Hegel , Principal Threat Researcher from SentinelLabs research team, to discuss their work on "Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition." The latest Ghostwriter campaign, linked to Belarusian government espionage, is actively targeting Ukrainian military and government entities as well as Belarusian opposition activists using weaponized Excel documents. SentinelLabs identified new malware variants and tactics, including obfuscated VBA macros that deploy malware via DLL files, with payload delivery seemingly controlled based on a target’s location and system profile. The campaign, which began preparation in mid-2024 and became active by late 2024, appears to be an evolution of previous Ghostwriter operations, combining disinformation with cyberattacks to further political and military objectives. The research can be found here: Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 The ransomware clones of HellCat & Morpheus. 21:40
21:40
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé21:40
Jim Walter, Senior Threat Researcher on SentinelLabs research team, to discuss their work on "HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code." Over the past six months, new ransomware groups like FunkSec, Nitrogen, and Termite have emerged, while established threats such as Cl0p and LockBit 4.0 have resurfaced. Two prominent Ransomware-as-a-Service (RaaS) operations, HellCat and Morpheus, have gained traction, with research indicating that affiliates of both are using nearly identical ransomware payloads. Despite similarities in their encryption techniques and ransom notes, there is no conclusive evidence linking HellCat and Morpheus to the Underground Team, though shared tools or affiliates may be involved. The research can be found here: HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 Botnet’s back, tell a friend. 22:47
22:47
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé22:47
This week we are joined by Silas Cutler , Principal Security Researcher at Censys , asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure. Despite law enforcement efforts and technical exposure, the botnet's infrastructure has remained largely stable, with only changes in hosting providers, raising questions about whether another party operates the botnet. Censys scanning data from 2024 shows a shift in the botnet's control servers, indicating a response to disruption attempts, while the botnet's operators have shown limited efforts to obscure their infrastructure. The research can be found here: Will the Real Volt Typhoon Please Stand Up? Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 Caught in the contagious interview. 29:10
29:10
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé29:10
This week we are joined by Phil Stokes , threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple recently pushed an update to its XProtect tool, blocking several variants of the DPRK-linked Ferret malware family, which targets victims through the "Contagious Interview" campaign. The malware uses fake job interview processes to trick users into installing malicious software, and new variants, including FlexibleFerret, remain undetected by XProtect. SentinelOne's research reveals a deeper investigation into this malware, which uses social engineering to expand its attack vectors, including targeting developers through platforms like GitHub. The research can be found here: macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 From small-time scams to billion-dollar threats. 27:06
27:06
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé27:06
This week, we are joined by Selena Larson from Proofpoint, and co-host of the "Only Malware in the Building" podcast, as she discusses the research on "Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk." The cybersecurity industry has historically prioritized Advanced Persistent Threats (APTs) from nation-state actors over cybercrime, but this distinction is outdated as cybercriminals now employ equally sophisticated tactics. Financially motivated threat actors, especially ransomware groups, have evolved to the point where they rival state-backed hackers in technical capability and impact, disrupting businesses, infrastructure, and individuals on a massive scale. To enhance security, defenders must shift focus from an APT-centric mindset to a broader approach that equally prioritizes combating cybercrime, which poses an immediate and tangible risk to global stability. The research can be found here: Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 Bot or not? The fake CAPTCHA trick spreading Lumma malware. 35:08
35:08
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé35:08
Nati Tal , Head of Guardio Labs , discussing their work on "“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising." Guardio has uncovered a large-scale malvertising campaign dubbed “DeceptionAds,” which tricks users into running a malicious PowerShell command under the guise of proving they’re human. This fake CAPTCHA scheme delivers Lumma info-stealer malware while bypassing security measures like Google’s Safe Browsing. Even after disclosure and takedown efforts, the campaign resurfaced—raising concerns about the effectiveness of existing defenses against ad-driven cyber threats. The research can be found here: “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

Mark Manglicmot , SVP of Security Services from Arctic Wolf , is sharing their research on "Cleopatra’s Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software." Arctic Wolf Labs discovered an ongoing exploitation campaign targeting Cleo Managed File Transfer (MFT) products, beginning on December 7, 2024. Threat actors used a malicious PowerShell stager to deploy a Java-based backdoor, dubbed Cleopatra , which features in-memory file storage and cross-platform compatibility across Windows and Linux. Despite Cleo's previous patch for CVE-2024-50623, attackers appear to have leveraged an alternative access method, exploiting the software's autorun feature to execute payloads and establish persistent access. The research can be found here: Cleopatra’s Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

1 A Digital Eye on supply-chain-based espionage attacks. 27:07
27:07
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé27:07
This week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne 's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels." Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the activities, we assess that it is highly likely these attacks were conducted by a China-nexus threat actor with cyberespionage motivations. The relationships between European countries and China are complex, characterized by cooperation, competition, and underlying tensions in areas such as trade, investment, and technology. Suspected China-linked cyberespionage groups frequently target public and private organizations across Europe to gather strategic intelligence, gain competitive advantages, and advance geopolitical, economic, and technological interests. The research can be found here: Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday

This week, we are joined by Ismael Valenzuela , VP of Threat Research & Intelligence, and Jacob Faires , Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41. The newly introduced DeepData framework, a modular Windows-based surveillance tool, expands data theft capabilities with 12 specialized plugins for tasks like communication surveillance, credential theft, and system intelligence gathering. The campaign targets a wide range of communication platforms, including WhatsApp, Signal, and WeChat, with advanced techniques for monitoring and stealing sensitive information from victims across the Asia-Pacific region. The research can be found here: LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign Learn more about your ad choices. Visit megaphone.fm/adchoices…
Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.