Threat Vector by Unit 42

In this episode of Threat Vector, I had an engaging conversation with Madeline Sedgwick about the skills and methods necessary for understanding threat actor intent and behaviors. Madeline, a senior cyber research engineer and threat analyst, shared insights into how analyzing adversary behavior helps in anticipating threats and avoiding guesswork. We discussed the value of understanding both system dynamics and human behavior in cybersecurity, emphasizing that cyber adversaries are limited by the same laws of internet physics. Stay tuned to gain valuable insights into the evolving threat hunting and deterrence landscape. Join the conversation on our social media channels:Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.

In this episode of Threat Vector, host David Moulton and guest John Huebner, an XSIAM Consultant at Palo Alto Networks, delve into the intricacies of managing threat intelligence feeds in cybersecurity. They discuss the challenges organizations face in sifting valuable intelligence from the noise, emphasizing the importance of risk assessments in guiding the selection and tuning of these feeds. John shares strategies for refining signal-to-noise ratios and the risks of neglecting feed updates, underlining the necessity of continuous management and adaptation in threat intelligence. The conversation highlights the dynamic nature of cyber threats and the critical role of proactive, tailored cybersecurity strategies. Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.

Join host David Moulton and cybersecurity expert Sama Manchanda in this enlightening episode of Threat Vector. Sama, a consultant with Unit 42, shares her unexpected journey into the world of cybersecurity, reflecting on how an elective course transformed her career trajectory. The conversation delves into the dynamic and fast-evolving nature of cybersecurity, underscoring the constant emergence of new threats and trends. Sama provides an in-depth analysis of various social engineering tactics like phishing, vishing, and smishing, illuminating how attackers craft these deceptions to target individuals and organizations. She underscores the importance of detailed reconnaissance and tailored strategies in executing these attacks, offering insights into the meticulous planning that goes into such exploits. Furthermore, the podcast explores the defensive side of cybersecurity. Sama emphasizes the crucial role of awareness, training, and fostering a security-conscious culture within organizations. She discusses the significance of reporting and addressing security breaches promptly to mitigate potential damages. This episode is a must-listen for anyone interested in understanding the intricacies of cybersecurity, from the perspective of both attackers and defenders. Stay secure and vigilant with these expert insights into the ever-evolving landscape of digital threats. Please share your thoughts with us for future Threat Vector segments by taking our ⁠⁠⁠brief survey⁠⁠⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠⁠⁠Threat Intel Bulletin⁠⁠⁠.  Join the conversation on our social media channels: Website: ⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠ Threat Research: ⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠ Facebook: ⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠ LinkedIn: ⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠ YouTube: ⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠ Twitter: ⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.

In the ever-evolving world of cybersecurity, it's crucial to stay ahead of emerging threats. Join David Moulton, Director of Thought Leadership for Unit 42, in a riveting conversation with Matt Kraning, CTO of the Cortex Xpanse Team, as they dive into the latest Attack Surface Threat Report. This podcast episode unveils the startling fact that 20% of the cloud changes every month, leaving organizations vulnerable to unforeseen risks. Matt's team has the remarkable ability to scan the entire internet, uncovering weaknesses and vulnerabilities that plague organizations. They shed light on the most worrisome problems facing large organizations in today's digital landscape. Please share your thoughts with us for future Threat Vector segments by taking our ⁠⁠brief survey⁠⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠⁠Threat Intel Bulletin⁠⁠.  Join the conversation on our social media channels: Website: ⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠ Threat Research: ⁠⁠https://unit42.paloaltonetworks.com/⁠⁠ Facebook: ⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/company/unit42/⁠⁠ YouTube: ⁠⁠@PaloAltoNetworksUnit42⁠⁠ Twitter: ⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.

Threat Vector | Ep 3: In this episode, join host David Moulton as he speaks with Stephanie Regan, a senior consultant at Unit 42. Stephanie, with a background in law enforcement, specializes in compromise assessment and incident response. Discover her insights into combating the Muddled Libra threat group and similar adversaries. Stephanie highlights the crucial role of reconnaissance in investigations and the importance of strong multi-factor authentication (MFA) to counter phishing and social engineering attacks. She delves into techniques like domain typo squatting and shares how domain monitoring can thwart attackers. Learn how Unit 42 assists clients in recovering from attacks, especially those by Muddled Libra. Stephanie emphasizes rapid response and coordination, including using out-of-band communications to outmaneuver threat actors. You can learn more about Muddled Libra at https://unit42.paloaltonetworks.com/muddled-libra/ where Kristopher was the lead author for the Threat Group Assessment: Muddled Libra. Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠Threat Intel Bulletin⁠.  Join the conversation on our social media channels: Website: ⁠https://www.paloaltonetworks.com/unit42⁠ Threat Research: ⁠https://unit42.paloaltonetworks.com/⁠ Facebook: ⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠ LinkedIn: ⁠https://www.linkedin.com/company/unit42/⁠ YouTube: ⁠@PaloAltoNetworksUnit42⁠ Twitter: ⁠https://twitter.com/PaloAltoNtwks⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.

Threat Vector | Ep 2: In this episode, we plunge into the realm of Muddled Libra, an enigmatic and calculated threat actor group that sets its sights on vital industries like telecommunications, technology, and software automation. Joined by Kristopher Russo, Senior Threat Researcher at Unit 42, we unveil the group's tactics, techniques, and strategies, offering a glimpse into their world of cyber espionage. Kristopher's passion for combatting cybercriminals is evident as he shares insights into his journey, driven by a fascination with technology's dual nature – to empower and to destroy. Dive deep into the tactics that define Muddled Libra, as they exploit the 0ktapus phishing kit to craft believable authentication pages and manipulate victims through social engineering. As the episode concludes, Kristopher offers actionable recommendations for safeguarding your environment, from user training to intelligent security automation. Be prepared to face the ever-evolving landscape of cyber threats with knowledge and readiness. Stay tuned for the second part of our exploration, where we'll delve further into defending against Muddled Libra with Stephanie Reagan, Senior Consultant, Unit 42. Until then, heed the wisdom shared in this episode – stay secure, stay vigilant, and venture forth armed with insight. You can learn more about Muddled Libra at https://unit42.paloaltonetworks.com/muddled-libra/ where Kristopher was the lead author for the Threat Group Assessment: Muddled Libra. Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠Threat Intel Bulletin⁠.  Join the conversation on our social media channels: Website: ⁠https://www.paloaltonetworks.com/unit42⁠ Threat Research: ⁠https://unit42.paloaltonetworks.com/⁠ Facebook: ⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠ LinkedIn: ⁠https://www.linkedin.com/company/unit42/⁠ YouTube: ⁠@PaloAltoNetworksUnit42⁠ Twitter: ⁠https://twitter.com/PaloAltoNtwks⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.

Michael "Siko" Sikorski, CTO & VP of Engineering for Unit 42, joins Threat Vector host David Moulton to discuss LLMs & AI and the impacts to expect on social engineering, phishing, and more. Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠Threat Intel Bulletin⁠.  Join the conversation on our social media channels: Website: ⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠ Threat Research: ⁠⁠https://unit42.paloaltonetworks.com/⁠⁠ Facebook: ⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/company/unit42/⁠⁠ YouTube: ⁠⁠@PaloAltoNetworksUnit42⁠⁠ Twitter: ⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

In this episode of "Threat Vector," hosted by David Moulton, Director of Thought Leadership for Unit 42, Kate Naunheim, Cyber Risk Management Director at Unit 42, discusses the new cybersecurity regulations introduced by the US Securities and Exchange Commission (SEC). To delve further into this topic, join the Unit 42 team for a webinar on November 9, 2023, "The Ransomware Landscape: Threats Driving the SEC Rule and Other Regulations." Please share your thoughts with us for future Threat Vector segments by taking our brief survey. To learn what is top of mind each month from the experts at Unit 42 sign up for their Threat Intel Bulletin.  Join the conversation on our social media channels: Website: ⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠ Threat Research: ⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠ Facebook: ⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠ LinkedIn: ⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠ YouTube: ⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠ Twitter: ⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠⁠http://paloaltonetworks.com⁠

Dive deep into the elusive world of insider threats with our latest episode of Threat Vector. Join host David Moulton as he engages in a riveting conversation with Chris Tillett, a senior research engineer at Palo Alto Networks. Uncover the hidden motivations behind insider threats, learn about behavioral patterns to identify potential risks, and gain insights into safeguarding your organization's digital assets. Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠Threat Intel Bulletin⁠.  Join the conversation on our social media channels: Website: ⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠ Threat Research: ⁠⁠https://unit42.paloaltonetworks.com/⁠⁠ Facebook: ⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/company/unit42/⁠⁠ YouTube: ⁠⁠@PaloAltoNetworksUnit42⁠⁠ Twitter: ⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

In this conversation, David Moulton from Unit 42 discusses the evolving threat landscape with Wendi Whitmore, SVP of Unit 42. Wendi highlights the increasing scale, sophistication, and speed of cyberattacks, with examples like the recent Clop ransomware incident, and emphasizes that attackers, including nation-state actors and cybercriminals, are leveraging AI, particularly generative AI, to operate faster and more effectively, especially in social engineering tactics. To protect against these threats, businesses must focus on speed of response, automated integration of security tools, and operationalized capabilities and processes. The conversation underscores the importance of staying vigilant and leveraging technology to defend against the rapidly changing threat landscape. Theat Group Assessments https://unit42.paloaltonetworks.com/category/threat-briefs-assessments/ Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. To learn what is top of mind each month from the experts at Unit 42 sign up for their ⁠Threat Intel Bulletin⁠.  Join the conversation on our social media channels: Website: ⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠ Threat Research: ⁠⁠https://unit42.paloaltonetworks.com/⁠⁠ Facebook: ⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/company/unit42/⁠⁠ YouTube: ⁠⁠@PaloAltoNetworksUnit42⁠⁠ Twitter: ⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠