Risky Business Wide World of Cyber: How state adversaries attack security vendors
25 snips
May 9, 2025 Steve Stone, SVP of Threat Discovery and Response at SentinelOne, and Alex Stamos, CISO at SentinelOne, dive into the alarming tactics used by state adversaries against security vendors. They reveal how North Korea employs deceptive job applications to infiltrate, and explore the evolution of ransomware attacks that adapt to new security measures. The discussion covers the vulnerabilities in endpoint protection and cloud authentication, emphasizing the critical need for collaboration in combating these sophisticated cyber threats.
AI Snips
Chapters
Transcript
Episode notes
North Korean Job Application Scheme
- SentinelOne discovered nearly 370 North Korean personas applying for jobs over five months. - They engaged applicants extensively, even attempted video interviews, but applicants refused on-camera.
North Korea’s Persistent Cyber Approach
- North Korea excels by persisting with proven cyber tactics to generate revenue. - Their cybercrime mirrors historical state-sanctioned illegal activities, like currency counterfeiting.
Ransomware Targets EDR Consoles
- Ransomware operators first target EDR consoles to disable or alter defenses subtly. - They avoid outright shutdown, instead tweaking settings to fly under the radar.