Risky Business

Soap Box: How to dismantle Volt Typhoon-style relay networks

Feb 11, 2024

Andrew Morris, Greynoise founder, discusses the persistent network of compromised routers despite US actions. Vendors using Greynoise for early warnings, and reversing exploitation attempts. Topics include challenges in dismantling relay networks, fingerprinting techniques, hidden threats in cybersecurity, APT crews' network usage, product security incidents, vulnerability verification, and defensive retaliation.

37:35

Creator website

Episode guests

Andrew Morris

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Ongoing Volt Typhoon infections indicate resilient network despite government takedown.

Grey Noise serves as early warning system for vendors, detecting and addressing product exploitation attempts.

Deep dives

Gray Noise: Operating Global Honeypots

Gray Noise is known for operating a network of honeypots that offer insights into internet attacks. From compromised devices by Volt Typhoon actors to tracking new exploits, Gray Noise's data aids in identifying targeted versus mass scanning, revealing insights into networks of compromised devices used by attackers.

Introduction

2min

Challenges of Dismantling Volt Typhoon Relay Networks

9min

Exploring Fingerprinting Techniques and Countermeasures

2min

Uncovering Hidden Threats and Deceptive Tactics in Cybersecurity

9min

Evaluating APT Crews' Relay Network Usage and Exploitation of Avanti Equipment

2min

Challenges and Solutions in Product Security Incidents

11min

Exploring Vulnerability Verification and Defensive Retaliation in Security

2min

In this Soap Box interview Greynoise founder and absolute legend Andrew Morris joins the show to talk about:

Why Greynoise hasn’t seen a substantial drop off in Volt Typhoon’s network of compromised routers after the US Government’s takedown action
How vendors are using Greynoise as an early warning system to identify exploitation of their products
How he’s using large language models to reverse exploitation attempts into actual exploits

It truly is a great conversation, we hope you enjoy it!

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Risky Business

Soap Box: How to dismantle Volt Typhoon-style relay networks

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Gray Noise: Operating Global Honeypots

Impact of US Government Takedown on Chinese Routers

Early Warning System for Vendor Exploits

Automated Exploit Generation and Use Case Expansion

Remember Everything You Learn from Podcasts