Adversary Universe Podcast

Today’s adversaries are working smarter, not harder — and it’s clear in the way their tactics are evolving. In this episode, Adam and Cristian explore the way adversaries are shifting their focus to data extortion. Instead of deploying noisy ransomware, more threat actors are quietly stealing data and threatening to publicly leak it if they’re not paid. Tune in to learn what’s driving this change, why data extortion is successful and what it means for organizations of all sizes and industries. Get your copy of the CrowdStrike 2023 Overwatch Threat Hunting Report. Read this blog to learn about why threat hunting and intelligence are essential to detect and disrupt today’s adversaries, ultimately raising their cost of doing business: https://www.crowdstrike.com/blog/crowdstrike-debuts-counter-adversary-operations-team/ 

At a time when breaches make headlines daily, the healthcare sector is among the most popular adversary targets. Cyberattacks against healthcare organizations have spiked in recent years, disrupting patient care, jeopardizing safety and privacy, and obstructing compliance with industry regulations. In this episode, Cristian is joined by Dennis Egan, director of healthcare services for CrowdStrike, and Drex DeFord, executive healthcare strategist at CrowdStrike, to discuss the impact of cyber threats against healthcare, challenges we see in the space, the urgent need for healthcare providers to strengthen their security and the steps they should take to defend against modern attacks. Discover the targeting healthcare: AQUATIC PANDA: https://www.crowdstrike.com/adversaries/aquatic-panda/ LABYRINTH CHOLLIMA: https://www.crowdstrike.com/adversaries/labyrinth-chollima/ Learn more about the cybersecurity issues Healthcare experiences: https://www.crowdstrike.com/blog/healthcare-experiences-cybersecurity-emergencies/

“Iran’s digital presence is something we don’t want to underestimate.” Though its cyber activity has been making headlines during a dynamic past few weeks, Iran’s history as a major player in the threat landscape spans decades. In this episode, Adam and Cristian take you back to the days of Stuxnet and trace Iran’s evolution from nascent threat actor to prominent nation-state adversary. Tune in to learn how hacktivism has played a role in its history, why CrowdStrike uses “KITTEN” to categorize adversaries who operate on behalf of Iran, and how key political events and cyber threat activity have shaped its growth.

China is the source of some of the most prolific and aggressive nation-state cyber activity organizations face. Every business vertical, across every geography, is affected by China’s unrelenting focus on growth and power. In this episode, Adam and Cristian take you through the evolution of Chinese threat activity from the early 2010s through today, closely examining the myriad ways they seek to build influence, the industries they target along the way and the threat actors linked to Chinese cyberattacks. Additional resources:  Download your copy of the 2023 Global Threat Report Get your custom threat landscape Read CrowdStrike's Research and Intel blogs

A cyberattack is any security team’s worst nightmare — but the earlier a breach is detected, the faster you can respond and mitigate the damage. In this episode, we’ll share the warning signs that could indicate a breach has occurred, the immediate next steps to take in the incident response process, and why having the right data is essential to a successful recovery. Please note that all references to "Falcon" in this episode refer to the CrowdStrike Falcon® platform.

Access brokers are transforming the cybercrime landscape by selling stolen credentials and exploits. The podcast delves into how these brokers operate within a structured ecosystem, enhancing the reach of cyberattacks. It highlights the importance of understanding the strategies of cyber adversaries, including targeted attacks and the heightened risk of insider threats. Organizations are urged to adopt proactive cybersecurity measures, such as multi-factor authentication and zero trust principles, to mitigate these evolving dangers.

Adversaries are moving and innovating at a rapid pace — but so are we. In this bonus episode, Adam and Cristian chat about the biggest announcements from Fal.Con, CrowdStrike’s annual conference, which took place last week in Las Vegas. Tune in to hear their take on new and developing technologies like Charlotte AI Investigator and Falcon Foundry, why they’re excited about the Bionic acquisition and some of the standout moments in an action-packed week. Some brief disclaimers about products discussed in this episode: Charlotte AI is a text-based interface in the Falcon platform; it does not support voice interaction at this time Charlotte AI is currently available for private beta only. Watch CrowdStrike.com for future information about general availability Charlotte AI Investigator is a feature of Falcon Raptor and designed for incident investigation. The Raptor release further accelerates the evolution of Charlotte AI, CrowdStrike’s generative AI cybersecurity analyst.

Artificial intelligence. It’s the hot topic in cybersecurity today. Everyone is curious about it, excited about its use cases and nervous about the problems it may cause in the wrong hands. Adam and Cristian get right into the questions you want answered: How are adversaries using AI today? How might they use it in the future? What should businesses really be worried about? Tune in to learn the truth behind these questions — and more — in this breakdown of adversaries’ use of AI.  

School is back in session — and adversaries have already done their homework. They know educational institutions often lack the resources and expertise to keep up with the wave of ransomware, data extortion and other attacks pummeling their systems. Cristian and Adam examine why schools are a common target, the threats they face and how they can best defend themselves. In this episode, we also hear from special guest Jason Rooks, CIO at Parkway School District, who shares his perspective on fighting modern threats and creating a culture of cybersecurity.   Learn More: There are five crucial security components security teams must consider for securing educational environments to allow them to have visibility, threat detection and response capabilities to stop adversaries. Download this eBook to learn about CrowdStrike’s expanded partnership with Google covering these components: 5 Easy Steps for School Cybersecurity . Watch this on-demand CrowdCast to hear about the major ways that ransomware has evolved and understand how modern endpoint security solutions outsmart adversaries: Ransomware Isn’t Dead, It’s Growing Up: How to Evolve Your Defenses at Pace

Vulnerabilities are the unlocked doors allowing adversaries a foothold into your organization. Left unpatched, they provide an entryway for intruders to break in, move laterally and wreak havoc. This episode shares everything you want to know about vulnerability intelligence: What types of vulnerabilities are most common? How should organizations prioritize patching? What is an n-day flaw? Learn the answers to these questions, and more, from Adam, Cristian, and special guest Nina Padavil, Solutions Engineer and Threat Advisor at CrowdStrike. Learn more about External Attack Surface Management challenges and recommendations: https://www.crowdstrike.com/cybersecurity-101/external-attack-surface-management/ Read CrowdStrike's latest blog covering how External Attack Surface Management enhances Cloud security: https://www.crowdstrike.com/blog/enhance-cloud-security-with-easm/