Digital Shadows Shadow Talk-logo

Digital Shadows Shadow Talk

Technology Podcasts >

More Information


United States




Episode 37: ATM Fraud and Cashout Operations

Digital Shadows’ Strategic Intelligence manager Rose Bernard joins Rafael Amado to discuss four separate ATM stories making headlines this week. In Part I, they’ll cover an alert on an impending "ATM cash-out" campaign issued by the FBI, and how India's Cosmos Bank lost $13.5m in cyberattacks after actors bypassed the internal ATM switch system. In Part II, Rafael and Rose will look into flaws discovered in NCR ATM currency dispensers, and a new Bitcoin ATM malware advertised for sale on...


Episode 36: FIN7 Arrests and Phishing Threats

Digital Shadows’ Rose Bernard and Simon Hall join Rafael Amado to cover the arrest of three alleged members of the FIN7 organized criminal group. The team go over the United States Department of Justice’s indictment and provide some key observations on FIN7’s operations, including how sophisticated phishing and social engineering are the cornerstones of the group’s success. In Part II, the team look at phishing more generally, including the threats from business email compromise and...


Episode 35: Cyber threats to ERP Applications

In this week’s episode, JP Perez-Etchegoyen, CTO of Onapsis, joins Michael Marriott to talk about the exposure of SAP and Oracle applications, the increase in publicly-available exploits, and the threat actors we have observed targeting the sensitive data held within these applications. Download the full report to learn more:


Episode 24: Satori Botnet, OilRig, PowerShell Security, and the Dragonfly Campaign

Richard Gold and Rose Bernard join Michael Marriott to talked about updates to the Satori botnet, which has expanded to incorporate new IoT devices using TCP port 5555. Amid news of a new wave of OIlRig attacks, a Middle Eastern espionage campaign, we dive into PowerShell security risks and provide advice on best practices for those using PowerShell. For more information on PowerShell Security Best Practices, check out our blog...


Episode 33: Digital Risk Protection

Rick Holland, CISO at Digital Shadows, discusses the latest 2018 Forrester New Wave for Digital Risk Protection. He discusses how security leaders must avoid blind spots with a more complete risk picture.


Episode 32: MITRE ATT&CK™ Framework and the Mueller GRU Indictment

In today’s ShadowTalk, we take on the Robert Mueller indictment against 12 Russian individuals for alleged US election interference. However, rather than dwell on issues of attribution and geopolitics, we focus on the detailed tactics, techniques and procedures laid out in the indictment. Katie Nickels, a member of the MITRE team, joins Rafael Amado and Richard Gold us to discuss the ATT&CK™ framework in greater detail, as well as the key lessons that organizations can takeaway. For...


Episode 31: Carbanak Files and Source Code Leaked?

In this week's ShadowTalk, Digital Shadows’ Russian-speaking security specialist discovered files and source code allegedly related to the Carbanak organized criminal group. The Carbanak malware is a backdoor used by the Anunak (Carbanak) Group to infiltrate financial institutions and steal funds. Richard Gold and Simon Hall join Rafael Amado to discuss the implications for financial services from these revelations. We ask whether this leak represents a threat to organizations, and how...


Episode 30: SSL Inspection and Interception: Uses, Abuses and Trade-offs

The Payment Card Industry recently passed a deadline requiring that all e-commerce sites and merchants cease supporting TLS 1.0. With this and older protocols such as SSL vulnerable to man-in-the-middle attacks, the fear is that attackers can intercept and tamper with data being sent across these channels. However, SSL interception is also performed by organizations for reasons that include blocking malware or improving data leakage prevention. Richard Gold and Simon Hall join Rafael Amado...


Episode 30: Reducing Your Attack Surface: From a Firehouse to a Straw

Following news that a database containing 340 million records has been publicly exposed to the internet, Richard Gold and Simon Hall join Michael Marriott to discuss how (and why) you can reduce your attack surface. For more information on some of the tips provided in this pursuit, visit


Episode 28: Diversity in Security and Women’s Network Launch

Libby Fiumara is joined by Rose Bernard and Sophie Burke to discuss the launch of Digital Shadows’ Women’s Network, challenges facing women in security, and how companies can foster diversity in the workplace.


Episode 27: Attribution: The How, The What and The Why

Simon Hall and Rich Gold join Michael Marriott to discuss the merits and perils of attribution, including the number of characteristics and variables required for a strong attribution, instances where attribution has succeeded, and whether organizations should care.


Episode 26: Mythbusting Vulnerabilities and Exploits

Simon Hall and Richard Gold join Rafael Amado to discuss misconceptions around vulnerabilities and exploits, other techniques for gaining code execution, and how organizations can prioritize the patching of vulnerabilities.


Episode 25: Combating Security Debt, Ticketfly Defacement And Data Breach

In this edition of Shadow Talk, Richard Gold joins us to discuss the issue of security debt, a term used to refer to the accumulation of security risks over time, such as missed patches, misapplied configurations, mismanaged user accounts. Richard looks into how many of the attacks we see on a regular basis are actually a result of security risks that build up over time, and how security debt is a ticking time bomb for most organizations. In Part II, Harrison Van Riper covers the recent...


Episode 24: Seize and Desist: Changes in the cybercriminal underground

Rafael Amado and Michael Marriott discuss how the criminal underground has evolved since the demise of AlphaBay and Hansa. No single marketplace has managed to fill the AlphaBay-shaped gap left behind, at least among the English-speaking community. Existing sites such as Dream and Trade Route have failed to consolidate this empty space, hampered by a combination of poor communication by administrators and suspicion that these sites could be police honeypots like Hansa had been. Grab a copy...


Episode 23: L0pht 20 years on and combating cyber threats with military-style tactics

In today’s edition of Shadow talk, Dr Richard Gold joins us to discuss the return of the L0pht hackers. In 1998 the L0pht members delivered a cybersecurity hearing to the United States Senate, warning that any one person in their group could take down the Internet within 30 minutes. 20 years on, we look back on what has and hasn’t changed in the world of information security. In Part II, the team covers recent reporting on the use of military-style tactics such as war gaming and...


Episode 22: VPN Filter targeting Ukraine, TRITON malware, Roaming Mantis, VBScript & Spectre vulns

In this week’s Shadow Talk, the pod unpacks the reporting on VPN Filter, a malware affecting half a million network devices. Reports have suggested that the malware is being prepped to perform imminent large scale disruptive attacks against Ukrainian infrastructure. We also cover new research on the TRITON malware targeting industrial control and SCADA systems, as well as new techniques for the Roaming Mantis malware family. Finally, we bring you updates on vulnerabilities related to...


Episode 21: eFail vulns affecting Open PGP and S-MIME, and interbank payment systems risks

In this week’s episode of Shadow Talk, Digital Shadows’ Head of Security Engineering, Dr Richard Gold, joins the pod to explain the EFAIL vulnerability affecting Open PGP and S-MIME, as well as other flaws identified in encrypted messaging platforms. Dr Gold also outlines the the factors you should be considering to prioritize your patching. In part two, we look at the $15 million theft in Mexico and outline the risks facing interbank payment systems.


Episode 20: Winnti Umbrella, DarkHotel, Office 365 Vulnerability, and Olympus Dark Web Marketplaces

In this week’s episode Shadow Talk we look at the Winnti Umbrella group, asking what this means for organizations. We discuss vulnerabilities in Microsoft Office (CVE-2018-8174) and basestriker. And, finally, we outline the fall out surrounding the Olympus dark web marketplace.


Episode 19: Loki Bot, LoJack, GPON Vulnerabilities, and Blackrouter Ransomware

In this week’s episode Shadow Talk, it’s a vulnerability extravaganza. We cover malicious use of legitimate software, as APT28 attributed to hijacking LoJack and Blackrouter delivered via AnyDesk software. Vulnerabilities found (and exploited) in GPON home routers, and Loki Bot exploits two remote code execution vulnerabilities in Microsoft Office (CVE-2017-8570 and CVE-2018-0802).


Episode 18: Healthcare hacking, BGP hijacking, crypto jacking, and more

In this week’s episode of Shadow Talk, we cover the targeting of healthcare organizations by Orangeworm, BGP hijacking, vulnerabilities in MikroTik routers, DDoS market shutdowns, and the profitability of cryptocurrency mining.