The Cyber Threat Perspective cover image

The Cyber Threat Perspective

Latest episodes

undefined
Aug 5, 2022 • 25min

8-5-22 Week in Review: Evasive Phishing, Tricky Malware and Initial Access Brokers

In this week's reviewLarge-Scale AiTM Attack targeting enterprise users of Microsoft email servicesDeception at a scaleInitial Access Brokers Are Key to Rise in Ransomware AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Aug 3, 2022 • 34min

Episode 1: Takeaways from the 2022 Verizon Data Breach Investigations Report

This podcast is a discussion about the 2022 Verizon Data Breach Investigations Report and some of our key takeaways. From the Executive Summary of the DBIR: As introduced in the 2018 report, the DBIR provides “a place for security practitioners to look for data-driven, real-world views on what commonly befalls companies with regard to cybercrime.” For this, our 15th anniversary installment, we continue in that same tradition by providing insight into what threats your organization is likely to face today, along with the occasional look back at previous reports and how the threat landscape has changed over the intervening years.  Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jul 29, 2022 • 32min

July 29th Week in Review: Intergalactic Planetary Phishing, ISOs & LNKs, Ransomware & Extortion

In this week's reviewIPFS The New Hotbed of PhishingHow Threat Actors Are Adapting to a Post-Macro WorldPalo Alto 2022 Incident Response Threat ReportFewer Ransomware Victims Pay As Medium Ransom Falls in Q2 2022Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jul 22, 2022 • 25min

July 22nd 2022 CTP Week in Review: RIP Macros, Bad Luck BlackCat, Mr. Eagle

In this week's review: Microsoft resumes default blocking of Office macros after updating docshttps://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blockedA potentially dangerous macro has been blockedBlackCat ransomware attacks not merely a byproduct of bad luck'AIG' Threat Group Launches With Unique Business ModelBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jul 15, 2022 • 29min

July 15th 2022 CTP Week in Review: Macros, Coin Miners, Rustomware, Cookie Phishing

In this week's review:Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporaryThe DFIR Report - SELECT XMRig FROM SQLServerHive ransomware gets upgrades in RustFrom cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraudBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jul 8, 2022 • 27min

July 8th 2022 CTP Week in Review: Office Macros - BRC4 - QNAPWorm - Leaky S3 Buckets - Prevention Over Response

In this week's reviewMicrosoft Rolls Back Decision to Block Office Macros By Default 😢Possible APT29/Ransomware Groups Use of Brute Ratel C4When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious ActorsReversing Malware Also How is APT 29 Successful with This Phishing TechniqueRaspberry Robin/QNAPWormRaspberry Robin gets the worm earlyMicrosoft finds Raspberry Robin worm in hundreds of Windows networksNew Raspberry Robin worm uses Windows Installer to drop malwareCloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 BucketPrevention Takes Priority Over ResponseBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jul 1, 2022 • 13min

July 1st 2022 CTP Week in Review: LNK Malware - LockBit 3.0 Bug Bounty - PwnKit Exploitation In The Wild

In this week's reviewRise of LNK (Shortcut files) MalwareLockBit 3.0 Released Now With Bug Bounty ProgramCISA Says PwnKit Exploited in the WildBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jun 28, 2022 • 16min

June 24th 2022 CTP Week In Review: DFSCoerce, Ransomware in OneDrive & PowerShell Forever

In this week's review:New NTLM Relaying Attack via DFSCoerceRansomware Potential for OneDrive & SharePoint FilesKeeping PowerShell: Security Measures to Use and EmbraceBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jun 17, 2022 • 29min

June 17th 2022 CTP Week In Review: BlackCat - LockBit 2.0 - Saitama DNS Tunneling - Exposed Travis CI Logs

In this week's review:The rise of BlackCat (ALPHV) ransomwareMicrosoft Analysis of BlackCatAdvIntel Analysis of BlackCatRansomware Group Debuts Searchable Victim DataLockBit 2.0: How This RaaS Operates and How to Protect Against ItTranslating Saitama's DNS tunneling messages - SANS Internet Storm CenterPublic Travis CI Logs (Still) Expose Users to Cyber AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com
undefined
Jun 10, 2022 • 23min

June 10th 2022 CTP Week in Review: Dogwalk - Qakbot - Follina - ESXi Ransomware

In this week's review:A DFIR Report with no Ransomware and no Cobalt StrikePath Traversal & MOTW Bypass - DIAGCAB Windows Zero-day aka "Dogwalk"Linux version of Black Basta ransomware targets VMware ESXi serversTA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Spencer's Twitter: https://x.com/techspenceSpencer's LinkedIn: https://linkedin.com/in/SpencerAlessi Work with Us: https://securit360.com

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode