Breaking Badness Zero-Knowledge Threats, Shadow AI, and the Future of Cyber Attribution
Jun 18, 2025
Join experts Yonatan Khen from Hunters, Tal Darsan, and Etay Maor from Cato Networks as they unpack the latest in cyber threats. They delve into AI-powered evasion tactics used by attackers, drawing lessons from notorious ransomware groups. Khen reveals key insights on a privilege escalation vulnerability in Google Workspace, shedding light on modern cloud attack vectors. The conversation also touches on the complexities of cyber attribution and the growing challenges posed by shadow AI, emphasizing the need for proactive security measures.
AI Snips
Chapters
Transcript
Episode notes
Living Off The Land Tactics
- Threat actors increasingly use legitimate tools and cloud features to evade detection.
- This strategy blurs attribution as attacks don't trigger typical security alerts.
Enable TLS Inspection
- Enable TLS decryption or inspection in your network security tools to detect hidden threats.
- Misconfigurations and disabled inspection allow threats to evade detection, causing breaches.
Ransomware Groups Vary Speeds
- Different ransomware groups use similar tools but vary attack speeds from days to weeks.
- Some groups moved very slowly while others enacted attacks in just three to four days.