Threat Talks - Your Gateway to Cybersecurity Insights

🎙 Threat Talks: Unpacking the MGM Resorts ALPHV/BlackCat Ransomware Attack 🕵️‍♂️ In this Threat Talk, we dive deep into a cybersecurity incident in 2023: the MGM Resorts ransomware attack by ALPHV/BlackCat and Scattered Spider. From sophisticated social engineering tactics to deploying a shadow identity provider for persistence, this attack demonstrates the capabilities of collaborating ransomware groups. Join cybersecurity experts Lieuwe Jan Koning, Luca Cipriano (Threat Intel Specialist), and Rob Maas (Field CTO) as they break down: * 🔒 How attackers exploited MGM’s Okta environment. * 🎯 The role of phishing and advanced persistence techniques. * 🚨 Lessons learned and actionable steps to prevent such attacks.   Key Insights * ➡ Why Zero Trust and network segmentation are critical. * ➡ The dilemma of paying ransoms vs. operational downtime. * ➡ Practical steps to improve your organization’s ransomware defense strategy. If you’re a cybersecurity professional or just curious about the latest in cyber threats, this episode is a must-watch. Stay informed, stay secure! 💻    👉 Support the channel: don’t forget to LIKE, COMMENT, and SUBSCRIBE :). 🎧 Available on all major podcast platforms. ► YOUTUBE [https://youtube.com/@ThreatTalks]: https://youtube.com/@ThreatTalks [https://youtube.com/@ThreatTalks] ► SPOTIFY [https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E]: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E [https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E] ► APPLE [https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520]: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 [https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520] 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/prevent-pay-or-insure/ [https://threat-talks.com/prevent-pay-or-insure/] 🗺️ Explore the Hack's Route in Detail 🗺️ https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf [https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf] 🕵️ Threat Talks is a collaboration between ON2IT [https://on2it.net/] and AMS-IX [https://www.ams-ix.net/ams]

💰Prevent, Pay or Insure? 💰 Days before MGM’s computer systems were taken down in a cyberattack, fellow casino operator Caesars paid a $15 million ransom to attackers who infiltrated its systems. MGM chose not to pay and dealt with different costs because of it - did the two casino giants wind up paying similar amounts down the line? And what role does cybersecurity insurance play in these scenarios? In this episode of Threat Talks, host Lieuwe Jan Koning and special guest David Hake (co-founder of Resilience, professor of Cyber Risk Management at UC Berkeley and advisor at Venable LLP) discuss these cyberattacks on MGM and Caesars, exploring how organizations can better prepare for and respond to ransomware incidents. Dialing in to the conversation, Threat Intel Specialist Luca Cipriano offers a preview of our Deep Dives into three critical threats relevant to these attacks, providing valuable technical insights. The by now age-old dilemma remains: should companies pay ransom or refuse? But beyond that, how can they focus on prevention? And where does cybersecurity insurance fit into the equation? If businesses insure their personnel, facilities, and revenue, isn’t it time to also insure their cybersecurity? 🔔 Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks [https://youtube.com/@ThreatTalks] ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E [https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E] ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 [https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520] 👕 Receive your Threat Talks T-shirt 👕 https://threat-talks.com/prevent-pay-or-insure/ [https://threat-talks.com/prevent-pay-or-insure/] 🗺️ Explore the Hack's Route in Detail 🗺️https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf [https://on2it.s3.us-east-1.amazonaws.com/Threat-Talks-Prevent-Pay-or-Insure.pdf] 🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX

"Hello! I'm a Printer! Please Let Me In!" “Hello! I’m a printer! Please let me enter, thank you!” – It may sound absurd, but this is how attackers can trick your Linux systems through the cups-browsed service..   In this latest Threat Talk, Lieuwe-Jan Koning reveals, with ON2IT’s Rob Maas and Luca Cipriano how a seemingly harmless printer can turn into a hacker’s gateway to your network.   With open ports and weak default configurations, your Linux environment could be more exposed than you think.   🔒 Tune in to learn how these vulnerabilities can be exploited and, more importantly, what steps you can take to secure your systems. Don’t wait until it’s too late!   📊 Bonus Resource: We’ve created an in-depth infographic breaking down these hacks in detailed illustrations—an invaluable tool for all security information professionals! https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf [https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf] 🔔 Hit that subscribe button and show your support! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks [https://youtube.com/@ThreatTalks] ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E [https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E] ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 [https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520] 👕 Receive your Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/ [https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/] 🕵️ Threat Talks is a collaboration between ON2IT [https://on2it.net] and AMS-IX [https://www.ams-ix.net/ams] #CUPS #cybersecurityexperts #printers #threattalks eatTalks #techsafety #securitymatters #threatintelligence #cybersecurityexperts #unix

⏰ How much time would you spend on executing the perfect hack? ⏰   The user going by the name of ‘JIAT75’ spent almost three years infiltrating and contributing to a GitHub repo for one singular reason – access to release manager rights for the next XZ Utils update. In this episode of Threat Talks, host Lieuwe Jan Koning is joined by Thomas Manolis, Information Security Officer at AMS-IX, and Jeroen Scheerder, Security Specialist at ON2IT, to discuss this meticulously executed breach in the open-source community.   Using clever social engineering tactics, Jia Tan (JIAT75) built a credible reputation within said community, gaining trust and access to introduce malicious code undetected. The breach was only discovered by chance when Andres Freund, an engineer at Microsoft, traced unusual system latency back to XZ Utils and uncovered the backdoor.   What exactly happened? How lucky did we get with Freund discovering the backdoor? And how do we know that something like this hasn’t happened before? 🔔 Follow to Support our channel! 🔔 ► YOUTUBE: https://youtube.com/@ThreatTalks [https://youtube.com/@ThreatTalks] ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E [https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E] ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 [https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520] 🗾 Explore the XZ Utils Critical Backdoor Details 🗾 https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf [https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf] Our exclusive infographic maps out the step-by-step tactics hackers use to exploit these vulnerabilities. Perfect for IT teams and Information Security Officers, it’s designed to help you stay one step ahead.   👕 Get your own Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/ [https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/]   🕵️ Threat Talks is a collaboration between ON2IT and AMS-IX === #ThreatTalks #ON2IT #Cybersecurity #Fallacies #CrowdStrike #SecurityMatters

☠️ CrowdStrike: 8.5 million blue screens of death ☠️ Did you know that last July’s CrowdStrike outage led to closed airports, inaccessible bank accounts and hospitals that were only delivering emergency care that did not require any computers?   In this Threat Talk, Lieuwe Jan Koning is joined by Rob Maas and Jeroen Scheerder as they discuss the CrowdStrike outage and, more importantly, what could have been done to prevent such an impactful event from happening in the first place.   What exactly are the inherent risks of automatic updates? And can they be set up in such a way that what happened with CrowdStrike won’t happen again? 🔔 Follow and Support our channel! 🔔 === ► YOUTUBE: https://youtube.com/@ThreatTalks [https://youtube.com/@ThreatTalks] ► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E [https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E] ► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 [https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520] 👕 Get your own Threat Talks T-shirt https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/ [https://threat-talks.com/breaking-the-illusion-exposing-security-fallacies/] 🗾 Explore the CrowdStrike Outage's Details 🗾 Our exclusive infographic maps out the step-by-step tactics hackers use to exploit these vulnerabilities. Perfect for IT teams and Information Security Officers, it’s designed to help you stay one step ahead. https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf [https://on2it.s3.us-east-1.amazonaws.com/Infographic-security-fallacies.pdf] 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX