Microsoft Threat Intelligence Podcast

Black Basta and the Use of LLMs by Threat Actors

Listen Later

In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft security researchers Anna Seitz and Daria Pop to discuss the latest trends in ransomware and the evolving role of AI in cyber threats. Daria Pop provides insights into the shifting tactics of Black Basta ransomware, including their use of phishing, social engineering, and remote management tools. The discussion also covers the persistence of malvertising and its challenges for defenders. Anna Seitz explores how state-sponsored threat actors, including Forest Blizzard, Emerald Sleet, and Crimson Sandstorm, are leveraging large language models (LLMs) for various malicious activities.  


 

In this episode you’ll learn:       
  • Why the takedown of Qakbot impacted Black Basta’s strategies 
  • What malvertising is and why its persistence is due to the complex nature of ad traffic 
  • How the MITRE Atlas framework assists defenders in identifying new threats 

    •  

    Some questions we ask:       
    • What role does social engineering play in the campaigns involving Quick Assist? 
    • How are North Korean threat actors like Emerald Sleep using LLMs for their campaigns? 
    • Can you explain the changes in Black Basta’s initial access methods over the years? 

      •  

      Resources:  

      View Anna Seitz on LinkedIn  

      View Daria Pop on LinkedIn  

      View Sherrod DeGrippo on LinkedIn  

       

      Related Microsoft Podcasts:                   
      • Afternoon Cyber Tea with Ann Johnson 
      • The BlueHat Podcast 
      • Uncovering Hidden Risks     

         

        Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

         

        Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

         

         

        The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

        ...more
        View all episodesView all episodes
        Download on the App Store
        Microsoft Threat Intelligence PodcastBy Microsoft
        • 5
        • 5
        • 5
        • 5
        • 5

        5

        19 ratings

        More shows like Microsoft Threat Intelligence Podcast

        View all
        Security Now (Audio) by TWiT

        Security Now (Audio)

        1,971 Listeners

        Risky Business by Patrick Gray

        Risky Business

        361 Listeners

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

        628 Listeners

        Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

        Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

        366 Listeners

        CyberWire Daily by N2K Networks

        CyberWire Daily

        1,007 Listeners

        Smashing Security by Graham Cluley & Carole Theriault

        Smashing Security

        311 Listeners

        Click Here by Recorded Future News

        Click Here

        406 Listeners

        Malicious Life by Malicious Life

        Malicious Life

        927 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        7,865 Listeners

        Cybersecurity Today by Jim Love

        Cybersecurity Today

        171 Listeners

        CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

        CISO Series Podcast

        187 Listeners

        Hacking Humans by N2K Networks

        Hacking Humans

        314 Listeners

        Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

        Defense in Depth

        74 Listeners

        Cyber Security Headlines by CISO Series

        Cyber Security Headlines

        129 Listeners

        Risky Bulletin by risky.biz

        Risky Bulletin

        33 Listeners