Microsoft Threat Intelligence Podcast

Black Basta and the Use of LLMs by Threat Actors

Listen Later

In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft security researchers Anna Seitz and Daria Pop to discuss the latest trends in ransomware and the evolving role of AI in cyber threats. Daria Pop provides insights into the shifting tactics of Black Basta ransomware, including their use of phishing, social engineering, and remote management tools. The discussion also covers the persistence of malvertising and its challenges for defenders. Anna Seitz explores how state-sponsored threat actors, including Forest Blizzard, Emerald Sleet, and Crimson Sandstorm, are leveraging large language models (LLMs) for various malicious activities.  


 

In this episode you’ll learn:       
  • Why the takedown of Qakbot impacted Black Basta’s strategies 
  • What malvertising is and why its persistence is due to the complex nature of ad traffic 
  • How the MITRE Atlas framework assists defenders in identifying new threats 

    •  

    Some questions we ask:       
    • What role does social engineering play in the campaigns involving Quick Assist? 
    • How are North Korean threat actors like Emerald Sleep using LLMs for their campaigns? 
    • Can you explain the changes in Black Basta’s initial access methods over the years? 

      •  

      Resources:  

      View Anna Seitz on LinkedIn  

      View Daria Pop on LinkedIn  

      View Sherrod DeGrippo on LinkedIn  

       

      Related Microsoft Podcasts:                   
      • Afternoon Cyber Tea with Ann Johnson 
      • The BlueHat Podcast 
      • Uncovering Hidden Risks     

         

        Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

         

        Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

         

         

        The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

        ...more
        View all episodesView all episodes
        Download on the App Store
        Microsoft Threat Intelligence PodcastBy Microsoft
        • 5
        • 5
        • 5
        • 5
        • 5

        5

        22 ratings

        More shows like Microsoft Threat Intelligence Podcast

        View all
        Hacked by Hacked

        Hacked

        188 Listeners

        Security Now (Audio) by TWiT

        Security Now (Audio)

        2,005 Listeners

        The Talk Show With John Gruber by Daring Fireball / John Gruber

        The Talk Show With John Gruber

        3,143 Listeners

        Risky Business by Patrick Gray

        Risky Business

        372 Listeners

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

        653 Listeners

        CyberWire Daily by N2K Networks

        CyberWire Daily

        1,023 Listeners

        Smashing Security by Graham Cluley

        Smashing Security

        319 Listeners

        Click Here by Recorded Future News

        Click Here

        418 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,070 Listeners

        Cybersecurity Today by Jim Love

        Cybersecurity Today

        178 Listeners

        Hacking Humans by N2K Networks

        Hacking Humans

        315 Listeners

        CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

        CISO Series Podcast

        187 Listeners

        Cybersecurity Headlines by CISO Series

        Cybersecurity Headlines

        140 Listeners

        Cyber Hack by BBC World Service

        Cyber Hack

        1,606 Listeners

        Risky Bulletin by risky.biz

        Risky Bulletin

        44 Listeners