Sign up to save your podcasts
Or
Share Ransomware Economy Players, Pentest War Stories, & Ransomware Groups Working Together - ESW #329
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ransomware Economy Players, Pentest War Stories, & Ransomware Groups Working Together - ESW #329
During this segment, Jon will explore today’s ransomware economy players from IABS to RaaS affiliates, to money launders and now C2Ps. For the discussion, Jon will leverage Halcyon’s latest research, which demonstrates a new technique to uncover how C2Ps, like Cloudzy, are used to identify upcoming ransomware campaigns and other advanced attacks. The research revealed that Cloudzy, knowingly or not, provided services to attackers while assuming a legitimate business profile. Threat actors that leveraged Cloudzy include APT groups tied to the Chinese, Iranian, North Korean, Russian, Indian, Pakistani, and Vietnamese governments; a sanctioned Israeli spyware vendor whose tools are known to target civilians; several criminal syndicates and ransomware affiliates whose campaigns have spurred international headlines.
This segment is sponsored by Halcyon. Visit https://securityweekly.com/halcyonbh to learn more about them!
In this session, Snehal will discuss several real-world examples of what autonomous pentesting discovered in networks just like yours. You’ll hear more about how fast and easy it was to safely compromise some of the biggest (and smallest) networks in the world - with full domain takeover in a little more than a few hours. Learn how you can safely do the same in your own network today!
This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3aibh to learn more about them!
In this Black Hat 2023 interview, CRA’s Bill Brenner and Sophos’ John Shier discuss the company’s latest research on the Royal ransomware gang. Though Royal is a notoriously closed off group that doesn’t openly solicit affiliates from underground forums, granular similarities in the forensics of the attacks suggest all three groups are sharing either affiliates or highly specific technical details of their activities.
This segment is sponsored by Sophos. Visit https://securityweekly.com/sophosbh to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-329
View all episodes
By Security Weekly Productions
4.7
33 ratings
During this segment, Jon will explore today’s ransomware economy players from IABS to RaaS affiliates, to money launders and now C2Ps. For the discussion, Jon will leverage Halcyon’s latest research, which demonstrates a new technique to uncover how C2Ps, like Cloudzy, are used to identify upcoming ransomware campaigns and other advanced attacks. The research revealed that Cloudzy, knowingly or not, provided services to attackers while assuming a legitimate business profile. Threat actors that leveraged Cloudzy include APT groups tied to the Chinese, Iranian, North Korean, Russian, Indian, Pakistani, and Vietnamese governments; a sanctioned Israeli spyware vendor whose tools are known to target civilians; several criminal syndicates and ransomware affiliates whose campaigns have spurred international headlines.
This segment is sponsored by Halcyon. Visit https://securityweekly.com/halcyonbh to learn more about them!
In this session, Snehal will discuss several real-world examples of what autonomous pentesting discovered in networks just like yours. You’ll hear more about how fast and easy it was to safely compromise some of the biggest (and smallest) networks in the world - with full domain takeover in a little more than a few hours. Learn how you can safely do the same in your own network today!
This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3aibh to learn more about them!
In this Black Hat 2023 interview, CRA’s Bill Brenner and Sophos’ John Shier discuss the company’s latest research on the Royal ransomware gang. Though Royal is a notoriously closed off group that doesn’t openly solicit affiliates from underground forums, granular similarities in the forensics of the attacks suggest all three groups are sharing either affiliates or highly specific technical details of their activities.
This segment is sponsored by Sophos. Visit https://securityweekly.com/sophosbh to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-329
More shows like Enterprise Security Weekly (Video)
View all
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
Grumpy Old Geeks
6,020 Listeners
CyberWire Daily
1,009 Listeners
Security Weekly News (Video)
5 Listeners
Smashing Security
312 Listeners
Up First from NPR
56,221 Listeners
Cybersecurity Today
166 Listeners
![Talkin' About [Infosec] News, Powered by Black Hills Information Security by Black Hills Information Security](https://podcast-api-images.s3.amazonaws.com/corona/show/516141/logo_300x300.jpeg){kind=logo}
Talkin' About [Infosec] News, Powered by Black Hills Information Security
91 Listeners
Defense in Depth
74 Listeners
Cloud Security Podcast
58 Listeners
Cyber Security Headlines
127 Listeners