Risky Bulletin

Risky Bulletin: Sandworm deploys Tor nodes on hacked networks

Feb 16, 2025

The podcast dives into the sinister tactics of the Sandworm group, including their use of Tor nodes on hacked networks. Learn about the UK’s unexpected decision to end military training for cyber personnel and how Russian adversaries are employing device code phishing. The discussion also covers ongoing threats from Salt Typhoon and scrutinizes the impact of cyber incidents on global security, particularly concerning Ukraine's precarious situation.

07:43

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Sandworm's use of Tor-enabled backdoors demonstrates a sophisticated evolution in cyber-espionage tactics employed by state-sponsored groups.

Recent phishing campaigns exploiting device code authentication reveal an innovative and evolving nature of attack strategies by Russian APTs.

Deep dives

Sandworm's Stealthy Espionage Techniques

Russia's Sandworm Espionage Group employs advanced tactics, such as deploying web shells and Tor-enabled backdoors, to infiltrate compromised networks. This method allows them to install Tor hidden services on affected hosts, enabling a stealthier approach for continued access. Microsoft has noted that the shadow link technique enhances Sandworm's ability to maintain a low profile during its operations. By utilizing such sophisticated methods, Sandworm exemplifies the increasing complexity of cyber-espionage tactics employed by state-sponsored groups.

Emerging Cyber Threats and Disinformation Tactics

5min

Cybersecurity Incidents and Trends in Global Affairs

3min

Sandworm deploys Tor nodes on hacked networks, the UK drops military training for cyber staff, Salt Typhoon’s hacking spree continues, and Russian APTs adopt device code phishing.

Show notes

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Risky Bulletin

Risky Bulletin: Sandworm deploys Tor nodes on hacked networks

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Sandworm's Stealthy Espionage Techniques

Exploitation of Device Code Authentication

Show notes

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights