ShadowTalk: Powered by ReliaQuest

Join hosts Chris and Kim, and guest CISO Chris Gunner, as they discuss:

• APT28 conduct 'Nearest Neighbor' WiFi Attack
• Windows Reissue Controversial Recall Feature 
• Update on Palo Alto Critical Vulnerability Exploitation
• Navigating potential obstacles as a new CISO

Resources: https://linktr.ee/RQShadowTalk

Chris Gunner: Group CISO at a global financial service firm, comprised of federated business units across 20 countries. Chris is responsible for Group-wide cyber strategy as well as advising the business in the Group. Previously held roles as a security leader in law firms, as well as varied roles in consulting. Passionate that cyber security is a business enabler, where it can drive better business decisions, as well as protecting organizations and their customers.

Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes.

Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk. 

Join hosts Chris and Kim, Field CISO Rick Holland, and Detection Researcher Corey Carter as they discuss:

• Black Friday: Cyber Threats Facing the Retail Sector
• T-Mobile Breached Again
• Attacks Exploiting PAN-OS Zero-Day
• Fake AI Image Generators Deploy Infostealers

Resources:

• https://linktr.ee/RQShadowTalk

Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.  

Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes. 

Rick Holland: Rick Holland is one of ReliaQuest’s Chief Information Security Officers. A seasoned cybersecurity executive, practitioner, and former Forrester Research industry analyst, Rick is also a U.S. Army intelligence veteran. He regularly speaks at leading security conferences, including SANS, RSAC, and BSides. Rick's extensive expertise and industry insights make him an invaluable contributor on ShadowTalk. 

Corey Carter: Corey Carter is a Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with his military background, equips him with a unique perspective on cybersecurity challenges. 

Join hosts Chris, Kim and Anna as they discuss:

• ReliaQuest's Cyber Threat Predictions for 2025
• Huge Data Leak Linked to 2023 MOVEit Flaw
• New Ransomware Partners with RustyStealer
• Volt Typhoon Rebuilds Dismantled Botnet

Resources:

• https://www.reliaquest.com/blog/report-shows-ransomware-has-grown-41-for-construction-industry/
• https://www.reliaquest.com/blog/service-account-abuse/

Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes.

Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.

Anna Jones: Anna is a Cyber Threat Intelligence Analyst at ReliaQuest, based in our London office. She joined in June 2023 and specializes in OSINT investigations, with 5 years of experience in threat intelligence. Anna's expertise in sourcing and analyzing covert threat data provides unique insights into cybercriminal activities for ShadowTalk. 

In this episode of ShadowTalk, hosts Chris and Kim are joined by Senior Threat Intelligence Analyst Ivan Righi, to discuss the latest news in cybersecurity and threat research. Topics this week include:

• ReliaQuest research exploring credential theft and misuse
• Social engineering campaign targets LastPass users
• Patch now: Sharepoint vulnerability exploited in the wild
• New Interlock ransomware group targeting FreeBSD OS

Resources:

• https://www.reliaquest.com/blog/the-credential-abuse-cycle-theft-trade-and-exploitation/

In this episode of ShadowTalk, hosts Kim and Chris are joined by guest speaker Eric Knopp, to discuss the latest news in cybersecurity and threat research. Topics this week include:

• ReliaQuest research identifies Black Basta TTP changes
• Amazon seize APT29 domains
• Tango down: Redline & Meta Infostealers taken down by Dutch police
• The importance of supporting DEI programs in hiring practices

Resources:

• https://www.reliaquest.com/blog/black-basta-social-engineering-technique-microsoft-teams/
• https://www.reliaquest.com/blog/5-critical-threat-actors-you-need-to-know-about/

Eric Knopp: VP Security Operations for one of ReliaQuest’s customers, a large global financial services company. Eric has been in the IT industry for almost 30 years, with the past 11 in IT Security. He also has a passion for diversity, equity and inclusion, co-leading the DEI Committee in London. He also supports the cyber apprenticeship program in the UK.

Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.

Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes. 

In this episode of ShadowTalk, host Kim is joined by Director of Threat Research Brandon Tirado and Threat Hunter Brian Kelly, to discuss the latest news in cybersecurity and threat research. Topics this week include:

• Scattered Spider x RansomHub: A New Partnership
• US Authorities Indict Anonymous Sudan Leaders
• Crypt Ghouls Deploys LockBit on Russian Organizations
• APT41 Targets Gambling and Gaming Industry in New Financially-Motivated Campaign  

Resources:

• https://www.reliaquest.com/resources/research-reports/five-ways-cyber-attackers-exploit-cloud-environments/
• https://www.reliaquest.com/blog/virtual-machines-defense-evasion/

Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.

Brandon Tirado: Brandon Tirado is the Director of Threat Research for ReliaQuest. Brandon is a skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical and strategic viewpoints. 

Brian Kelly: Brian Kelly is an experienced Threat Hunter and Intrusion Response Operator with a deep understanding of adversary tactics, techniques, procedures (TTPs), and motivations. Beginning his career in IT, Brian swiftly transitioned into cybersecurity, where he actively hunts for threats within organizations and responds to ongoing incidents. His expertise in adversary emulation and TTP exploration empowers him to anticipate and counteract malicious activities. Positioned on the front lines, Brian offers invaluable and actionable insights on the current threat landscape for ShadowTalk.

In this episode of ShadowTalk, host Chris and Kim are joined by Detection researcher Corey Carter, to discuss the latest news in cybersecurity and threat research. Topics this week include:

• ReliaQuest reporting on ransomware activity in Q3 2024
• OpenAI confirm malicious use of ChatGPT
• Russian APT29 mass exploiting known vulnerabilities
• CISCO data reportedly breached by IntelBroker

Resources:

• https://media.defense.gov/2024/Oct/09/2003562611/-1/-1/0/CSA-UPDATE-ON-SVR-CYBER-OPS.PDF
• https://www.reliaquest.com/blog/q3-2024-ransomware/

Chris Morgan: Chris Morgan is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team and has been the host of ShadowTalk since 2021. Chris joined ReliaQuest in August 2020, previously working as a Cyber Threat Intelligence analyst in the telecommunications and financial sectors. Chris also has a background in the British military. With his diverse background, he  enhances ShadowTalk with deep insights into various threat landscapes.

Kim Bromley: Kim Bromley is a Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights for ShadowTalk.

Corey Carter: Corey Carter is a Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with his military background, equips him with a unique perspective on cybersecurity challenges. 

In this episode of ShadowTalk, host Chris and Kim are joined by detection researcher, Marken, to discuss the latest news in cybersecurity and threat research. Topics this week include:

• Cyber Threats Facing the Health Care and Social Assistance Sector
• Salt Typhoon Compromises US-based Telecoms Companies 
• Microsoft and US DoJ Takedown Star Blizzard Infrastructure
• Gorilla Botnet Conducts Large-Scale DDoS Campaign

Resources:

• https://www.reliaquest.com/blog/threats-health-care-social-assistance-landscape/

In this episode of ShadowTalk, host Chris and Kim are joined by guest Samantha Billy, AON U.S Broking Growth Leader, to discuss the latest news in cybersecurity and threat research. Topics this week include:

• The Critical Role of Cyber Insurance in Mitigating Cyber Risk
• Embargo Ransomware Targeting Cloud
• Iranian Threat Actors Conducting Influence Ops Against US Elections
• National Crime Agency Tease Lockbit Update

Resources:

• https://www.reliaquest.com/blog/2024-us-election-top-cyber-threats-organizational-impacts/

In this episode of ShadowTalk, host Chris and Kim, along with Threat Hunter Brian, discuss the latest news in cybersecurity and threat research. Topics this week include:

• Telegram Pivot 180: Agree to Share IP and Phone Data on Legal Requests
• Kaspersky Auto-Replace Software with UltraAV Antivirus
• Dell Investigate Two Data Breaches
• ReliaQuest Data Exfiltration Case Study