エピソード

  • S3 Ep12: Declawing, Disguising, and Destroying: Modern Cyber Threats Unmasked

    S3 Ep12: Declawing, Disguising, and Destroying: Modern Cyber Threats Unmasked
    2024/12/17
    Top Headlines:

    1. Elastic Security Labs | Declawing PUMAKIT: https://www.elastic.co/security-labs/declawing-pumakit
    2. XLab | Glutton: a New Zero-Day Detection PHP Backdoor from Winnti Targets Cybercriminals: https://blog.xlab.qianxin.com/glutton_stealthily_targets_mainstream_php_frameworks-en/
    3. Claroty | Inside a New OT/IoT Cyberweapon: IOCONTROL - https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
    4. SecureList | Careto is Back: What's New After 10 Years of Silence?: https://securelist.com/careto-is-back/114942/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    46 分
  • S3 Ep11: Attack Away, Same Tricks Will Stay

    S3 Ep11: Attack Away, Same Tricks Will Stay
    2024/12/10
    Top Headlines:

    1. Embrace The Red | DeepSeek AI: From Prompt Injection to Account Takeover: https://embracethered.com/blog/posts/2024/deepseek-ai-prompt-injection-to-xss-and-account-takeover/
    2. Huntress | Cleo Software Actively Being Exploited in the Wild: https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild
    3. Zscaler | Unveiling RevC2 and Venom Loader: https://www.zscaler.com/blogs/security-research/unveiling-revc2-and-venom-loader
    4. Cyble | Threat Actor Targets Manufacturing Industry with Malware: https://cyble.com/blog/threat-actor-targets-manufacturing-industry-with-malware/?&web_view=true

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    37 分
  • S3 Ep10: [LIVE] The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt

    S3 Ep10: [LIVE] The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt
    2024/12/09
    Welcome to Out of the Woods: The Threat Hunting Podcast! In this episode, "The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt," our expert team dives into what it means to reach the “ideal outcome” as a threat hunter, offering actionable insights to help you build an effective and enduring approach.

    This episode discussed:

    • Long-Term Impact: Discover how a structured threat hunt can benefit both hunters and their organizations, reinforcing stronger security measures and insights that last.
    • Security Stack Essentials: Learn about the ideal tools and technologies that make up a robust security stack, empowering you to align hunting efforts with broader security goals.
    • Integration and Team Synergy: Find out how to integrate threat hunting with security operations teams, fostering collaboration to create a well-rounded defense approach.
    • Skills for the Future: We’ll also discuss the critical skills and techniques that help threat hunters stay effective in an evolving threat landscape.

    Interesting Artifacts:
    • https://gptzero.me/
    • https://atomicgen.io/
    • https://securitydatasets.com/introduction.html

    🔗 Join us on Discord: https://discord.gg/Ka6tsEc3


    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 28 分
  • S3 Ep9: [Bonus Episode] Dr. Joshua Scarpino on Guardrails for Responsible AI

    S3 Ep9: [Bonus Episode] Dr. Joshua Scarpino on Guardrails for Responsible AI
    2024/12/02
    **Out of the Woods: The Threat Hunting Podcast [LIVE EPISODE]
    December 5, 2024 | 12:00 - 1:30 PM EST
    Sign Up Here:     https://intel471.com/resources/podcasts/the-ideal-outcome-the-gift-of-a-well-crafted-threat-hunt

    ----------

    In this episode of Out of the Woods: The Threat Hunting Podcast, host Scott Poley speaks with Dr Joshua Scarpino, VP of Information Security at TrustEngine and CEO of Assessed.Intelligence, during the Information Security Summit in Cleveland. Josh shares insights from his extensive career in IT and security, diving into responsible technology deployment and the challenges of managing AI systems.

    Learn how organizations can implement guardrails to mitigate risks, tackle scope creep, and build foundational frameworks like the NIST AI Risk Management Framework (RMF). Josh also emphasizes the importance of addressing unknown risks and the need for diverse perspectives in AI system development to ensure fairness and accountability.

    Tune in to gain practical strategies for assessing risks, establishing governance, and driving secure innovation in today’s evolving tech landscape.

    *Connect with Dr. Joshua Scarpino: https://www.linkedin.com/in/joshuascarpino/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    9 分
  • S3 Ep8: Exposures Unveiled: Keys, Clouds and Evolving Threats

    S3 Ep8: Exposures Unveiled: Keys, Clouds and Evolving Threats
    2024/11/26
    **Out of the Woods: The Threat Hunting Podcast [LIVE EPISODE]
    December 5, 2024 | 12:00 - 1:30 PM EST
    Sign Up Here:     https://intel471.com/resources/podcasts/the-ideal-outcome-the-gift-of-a-well-crafted-threat-hunt

    ----------

    Top Headlines:

    1. We Live Security | Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine: https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/
    2. Phylum Research | Python Crypto Library Updated to Steal Private Keys: https://blog.phylum.io/python-crypto-library-updated-to-steal-private-keys/?&web_view=true
    3. Censys | The 2024 State of the Internet Report: Internet-Connected Industrial Control System: https://go.censys.com/rs/120-HWT-117/images/2024SOTIR.pdf
    4. Hunters Security | Unmasking VEILDrive: Threat Actors Exploit Microsoft Services for C2: https://www.hunters.security/en/blog/veildrive-microsoft-services-malware-c2?&web_view=true

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    46 分
  • S3 Ep7: [Bonus Episode] Protecting Privacy: Brian Hill on Cyber Threats and Individual Security

    S3 Ep7: [Bonus Episode] Protecting Privacy: Brian Hill on Cyber Threats and Individual Security
    2024/11/19
    In this episode of Out of the Woods: The Threat Hunting Podcast, Scott Poley sits down with Brian Hill, a cybersecurity leader with a rich background in law enforcement, military service, and corporate security. Brian shares his journey from major crimes detective and forensics expert to building and managing Security Operations Centers (SOCs) at organizations like Arctic Wolf and Black Cloak. The discussion highlights challenges in scaling SOCs, the importance of balancing specialized expertise with cross-functional training, and unique threats faced by high-profile individuals, such as SIM swapping and personal device vulnerabilities. Brian also explores broader trends like artificial intelligence and deepfake technology, emphasizing the need for education and proactive measures to stay ahead of evolving cyber threats.


    *Connect with Brian Hill: https://www.linkedin.com/in/brian-hill-776b50100/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    32 分
  • S3 Ep5: [Bonus Episode] Privacy Meets Protection: Violet Sullivan on the Real Scope of Cyber Insurance

    S3 Ep5: [Bonus Episode] Privacy Meets Protection: Violet Sullivan on the Real Scope of Cyber Insurance
    2024/11/14
    In this episode of Out of the Woods: The Threat Hunting Podcast, Scott Poley catches up with Violet Sullivan, cyber services lead for insurance carrier Crum and Forester, at the Information Security Summit in Cleveland. Violet dives into the evolving world of cyber insurance, shedding light on the often-overlooked layers of coverage that go beyond cyber events, including system outages and privacy litigation. She explains the shifting focus from ransomware to privacy issues, and how the rising importance of privacy is impacting both insurance policies and legal frameworks.

    They discuss the nuanced world of privacy litigation and emerging technologies like privacy scans, which scrutinize website data collection practices. Violet also addresses the current debate on AI training data, ownership, and privacy, offering insights into the challenges and implications for companies and individuals alike. If you’re interested in the intersection of cyber insurance, privacy, and AI, this episode offers a compelling look at how these fields are rapidly converging.

    *Connect with Violet Sullivan: https://www.linkedin.com/in/txcyberlawyer/

    ----

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    25 分
  • S3 Ep6: Be the Bengal, Dig Into the Process

    S3 Ep6: Be the Bengal, Dig Into the Process
    2024/11/12
    **Threat Hunting Workshop: Hunting for Discovery
    November 20, 2024 | 12:00 – 1:00 PM EST
    Sign Up Here: https://intel471.com/resources/webinars/threat-hunting-workshop-hunting-for-discovery

    **Out of the Woods: The Threat Hunting Podcast [LIVE EPISODE]
    December 5, 2024 | 12:00 - 1:30 PM EST
    Sign Up Here:     https://intel471.com/resources/podcasts/the-ideal-outcome-the-gift-of-a-well-crafted-threat-hunt

    ----------

    Top Headlines:

    1. Sophos News | Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign: https://news.sophos.com/en-us/2024/11/06/bengal-cat-lovers-in-australia-get-psspsspssd-in-google-driven-gootloader-campaign/?amp=1
    2. Wiz Blog | Investigating 0ktapus: Phishing Analysis & Detection: https://www.wiz.io/blog/unmasking-phishing-strategies-for-identifying-0ktapus-domains?&web_view=true
    3. FortiGuard Labs | New Campaign Uses Remcos RAT to Exploit Victims: https://www.fortinet.com/blog/threat-research/new-campaign-uses-remcos-rat-to-exploit-victims
    4. Cado Security Labs | GuLoader: Evolving Tactics in Latest Campaign Targeting European Industry: https://www.cadosecurity.com/blog/guloader-targeting-european-industrial-companies

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    34 分