Artwork

Contenuto fornito da Out of the Woods: The Threat Hunting Podcast. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Out of the Woods: The Threat Hunting Podcast o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !

S2 Ep26: WHOIS, or Not WHOIS…

38:30
 
Condividi
 

Manage episode 441659325 series 3392079
Contenuto fornito da Out of the Woods: The Threat Hunting Podcast. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Out of the Woods: The Threat Hunting Podcast o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
**Threat Hunting Workshop: Hunting for Collection
October 2, 2024 | 12:00 - 1:00 PM ET
Sign Up > https://intel471.com/resources/webinars/threat-hunting-workshop-hunting-for-collection

**[LIVE] Out of the Woods: The Threat Hunting Podcast
October 24, 2024 | 7:00 – 8:30 PM ET
Sign Up > https://intel471.com/resources/podcasts/blood-sweat-and-threats-carving-the-perfect-threat-hunter

----------
In this episode of Out of the Woods: The Threat Hunting Podcast, Scott Poley and Tom Kastura explore the latest threat-hunting insights, starting with UNC 2970, a North Korean-linked group using trojanized PDF readers to target industries like energy and finance. They discuss how the group's phishing tactics exploit job openings and the use of telemetry to detect malicious activity. The episode also covers a campaign leveraging CAPTCHA pages to deliver the Luma Stealer malware and dives into the risk of poisoned Python packages compromising supply chains. Tune in for strategies to stay proactive against advanced threats and enhance your hunting techniques.
Top Headlines:
  1. Unit 42 | Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors: https://unit42.paloaltonetworks.com/gleaming-pisces-applejeus-poolrat-and-pondrat/?web_view=true
  2. CloudSEK | Unmasking the Danger: Lumma Stealer Malware Exploits Fake CAPTCHA Pages: https://www.cloudsek.com/blog/unmasking-the-danger-lumma-stealer-malware-exploits-fake-captcha-pages?&web_view=true
  3. Google Cloud | An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader: https://cloud.google.com/blog/topics/threat-intelligence/unc2970-backdoor-trojanized-pdf-reader
  4. DarkReading | For $20, Researchers Seize Part of Net Infrastructure: https://www.darkreading.com/cyber-risk/researchers-seize-internet-infrastructure-for-20?&web_view=true

----------
Stay in Touch!

Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/

  continue reading

106 episodi

Artwork
iconCondividi
 
Manage episode 441659325 series 3392079
Contenuto fornito da Out of the Woods: The Threat Hunting Podcast. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Out of the Woods: The Threat Hunting Podcast o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
**Threat Hunting Workshop: Hunting for Collection
October 2, 2024 | 12:00 - 1:00 PM ET
Sign Up > https://intel471.com/resources/webinars/threat-hunting-workshop-hunting-for-collection

**[LIVE] Out of the Woods: The Threat Hunting Podcast
October 24, 2024 | 7:00 – 8:30 PM ET
Sign Up > https://intel471.com/resources/podcasts/blood-sweat-and-threats-carving-the-perfect-threat-hunter

----------
In this episode of Out of the Woods: The Threat Hunting Podcast, Scott Poley and Tom Kastura explore the latest threat-hunting insights, starting with UNC 2970, a North Korean-linked group using trojanized PDF readers to target industries like energy and finance. They discuss how the group's phishing tactics exploit job openings and the use of telemetry to detect malicious activity. The episode also covers a campaign leveraging CAPTCHA pages to deliver the Luma Stealer malware and dives into the risk of poisoned Python packages compromising supply chains. Tune in for strategies to stay proactive against advanced threats and enhance your hunting techniques.
Top Headlines:
  1. Unit 42 | Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors: https://unit42.paloaltonetworks.com/gleaming-pisces-applejeus-poolrat-and-pondrat/?web_view=true
  2. CloudSEK | Unmasking the Danger: Lumma Stealer Malware Exploits Fake CAPTCHA Pages: https://www.cloudsek.com/blog/unmasking-the-danger-lumma-stealer-malware-exploits-fake-captcha-pages?&web_view=true
  3. Google Cloud | An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader: https://cloud.google.com/blog/topics/threat-intelligence/unc2970-backdoor-trojanized-pdf-reader
  4. DarkReading | For $20, Researchers Seize Part of Net Infrastructure: https://www.darkreading.com/cyber-risk/researchers-seize-internet-infrastructure-for-20?&web_view=true

----------
Stay in Touch!

Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/

  continue reading

106 episodi

ทุกตอน

×
 
Loading …

Benvenuto su Player FM!

Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.

 

Guida rapida