Digital Shadows Shadow Talk-logo

Digital Shadows Shadow Talk

Technology Podcasts >

More Information


United States




Episode 45: FASTCash Hidden Cobra, MSP Risks, Five Eyes Tooling Report

Digital Shadows CISO Rick Holland, Dr Richard Gold and Simon Hall join Rafael Amado to cover the Hidden Cobra FASTCash campaign alert issued by US authorities, detailing ATM cash out campaigns performed by North Korean actors. The team look over the Five Eyes joint report into publicly available hacking tools. And, finally, are companies who use MSPs at greater risk of attack? For more on the Powershell blog referenced by the Five Eyes report, visit:...


Episode 44: Business Email Compromise

In this week’s Shadow Talk, Rafael Amado joins Michael Marriott to discuss Digital Shadows’ latest research on Business Email Compromise. We discuss how criminals are outsourcing this work, and how the exposure of 33,000 finance department credentials is increasing the ease for attackers. However, even without taking over accounts, criminals can get their hands on sensitive financial information. We dig into the 12.5 million exposed email archives that are available through misconfigured...


Episode 43: Security Flaws Affect 50 Million Facebook Accounts and Equifax Fined £500,000

Rick Holland, CISO of Digital Shadows, joins Richard Gold and Michael Marriott to discuss the latest cybersecurity news. In part one, we discuss the possible implications of Facebook security flaws affecting 50 million accounts. In part two, one year after reports of the Equifax breach surface, the UK arm has been fined £500,000 by the ICO. We look at the lessons learned.


Episode 42: Security Layering and Usability Trade-offs

Simon Hall and Richard Gold join Rafael Amado to focus on the trade-offs between security and usability, as well as the practice of security layering that can often make us more insecure. The team look over security measures such as regular complex password expiry policies that create headaches for organizations and end users, why it’s not easy to make security usable, whether certain security measures such as anti-virus software actually make us more insecure, and what alternative system...


Episode 41: Magecart Payment Card Thefts

In this week’s ShadowTalk, Richard Gold and Simon Hall join Michael Marriott to discuss the latest spate of attacks by the threat actor known as Magecart. We dig into the history of Magecart, different approaches to web skimming, and provide advice on how organizations can best protect against this threat.


Episode 40: DoJ Complaint Charges North Korean Actor For Sony Attacks, WannaCry, and More

In this week’s ShadowTalk, Richard Gold and Rafael Amado join Michael Marriott to discuss the latest Department of Justice complaint against an individual working for Chosun Expo, an alleged front for the North Korean state. The individual is accused of involvement in a host of campaigns, including attacks against Sony Pictures Entertainment, banks, defense contractors, and the many victims of the WannaCry ransomware variant. We discuss the most interesting revelations, outlining the...


Episode 22: VPN Filter targeting Ukraine, TRITON malware, Roaming Mantis, VBScript & Spectre vulns

In this week’s Shadow Talk, the pod unpacks the reporting on VPN Filter, a malware affecting half a million network devices. Reports have suggested that the malware is being prepped to perform imminent large scale disruptive attacks against Ukrainian infrastructure. We also cover new research on the TRITON malware targeting industrial control and SCADA systems, as well as new techniques for the Roaming Mantis malware family. Finally, we bring you updates on vulnerabilities related to...


Episode 21: eFail vulns affecting Open PGP and S-MIME, and interbank payment systems risks

In this week’s episode of Shadow Talk, Digital Shadows’ Head of Security Engineering, Dr Richard Gold, joins the pod to explain the EFAIL vulnerability affecting Open PGP and S-MIME, as well as other flaws identified in encrypted messaging platforms. Dr Gold also outlines the the factors you should be considering to prioritize your patching. In part two, we look at the $15 million theft in Mexico and outline the risks facing interbank payment systems.


Episode 20: Winnti Umbrella, DarkHotel, Office 365 Vulnerability, and Olympus Dark Web Marketplaces

In this week’s episode Shadow Talk we look at the Winnti Umbrella group, asking what this means for organizations. We discuss vulnerabilities in Microsoft Office (CVE-2018-8174) and basestriker. And, finally, we outline the fall out surrounding the Olympus dark web marketplace.


Episode 19: Loki Bot, LoJack, GPON Vulnerabilities, and Blackrouter Ransomware

In this week’s episode Shadow Talk, it’s a vulnerability extravaganza. We cover malicious use of legitimate software, as APT28 attributed to hijacking LoJack and Blackrouter delivered via AnyDesk software. Vulnerabilities found (and exploited) in GPON home routers, and Loki Bot exploits two remote code execution vulnerabilities in Microsoft Office (CVE-2017-8570 and CVE-2018-0802).


Episode 18: Healthcare hacking, BGP hijacking, crypto jacking, and more

In this week’s episode of Shadow Talk, we cover the targeting of healthcare organizations by Orangeworm, BGP hijacking, vulnerabilities in MikroTik routers, DDoS market shutdowns, and the profitability of cryptocurrency mining.


Episode 17: Network Infrastructure Compromise, Magnitude EK Development, the Gold Galleon, & more

In this week’s episode of Shadow Talk, we cover Russia’s attempts to ban the social messaging app, and also read between the lines of the joint US and UK advisory on network infrastructure compromises by Kremlin-backed actors. We also outline new ransomware payloads incorporated into the Magnitude exploit kit and we bring you the latest news on vulnerabilities in the Drupal Platform and Cisco’s Webex software.


Episode 16: Cisco Smart Install Client flaw, Microsoft Outlook vuln, OpIcarus, RSAC, and more

This week’s Shadow Talk discusses a Cisco Smart Install Client flaw exploited in disruption attack, an information leak vulnerability discovered in Microsoft Outlook, details on OpIcarus and OpIsrael, Verizon DBIR, and why you still should be excited about the RSA Conference.


Episode 15: 1.5 Billion Files Exposed Through Misconfigured Services

Rafael Amado and Michael Marriott join this week’s Shadow Talk, taking a deep dive into our recent report “Too Much Information”. The research discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, rsync, SMB, FTP, NAS drives, and misconfigured websites. To learn more, download the full report at


Episode 14: Panera Breach Lessons, WannaCry’s Re-emergence, Genesis Marketplace, and more

This week’s Shadow Talk discusses what the re-emergence of WannaCry, exposure of Aggregate IQ data, exposure of 1.5 billion files through misconfigured services, as well as lessons learned from the Panera breach, an emerging new criminal market, and much more.


Episode 13: Cambridge Analytica, Trickbot Updates, SamSam Surge Continues, And Dragonfly Attributed

This week’s Shadow Talk discusses what the Cambridge Analytica revelations mean for disinformation and personal privacy, updates to Trickbot, Zeus Panda and Remnit trojans, City of Atlanta suffers from ransomware attack, and Dragonfly campaign attribution to Russian Government.


Episode 12: Tax Fraud, AMD Vulnerability, Slingshot Targets Mikrotik Routers, And Hermes Ransomware

This week’s Shadow Talk outlines the latest techniques in tax return fraud, claimed vulnerabilities in AMD chips, Slingshot malware targeting Mikrotik routers, and Greenflash Sundown Exploit Kit delivering Hermes ransomware. Watch our webinar with the FBI on the latest ransomware threats here:


Episode 11: Memcached attacks, disinformation in ME, Spectre exploit, German gov network intrusion

Digital Shadows’ Research team discusses record DDoS attacks using Memcached servers, disinformation campaigns, a proof of concept exploit for the Spectre vulnerability, and new details of a historical network intrusion affecting the German government.


Episode 10: Memecached Server DDoS, Flash Vuln in Spam Campaign, Trustico Cert Issues, & Ransomware

The Digital Shadows research team provides an overview of the latest news this week, including CVE-2018-4878 that’s now being used in a spam campaign, 23,000 website certificates set to be revoked, Memecached Server Used for DDoS Reflection, and updates on SamSam and DataKeeper ransomware variants.


Episode 9: SWIFT Attacks, Business Email Compromise, Return Of Thedarkoverlord, And APT - 37

The Digital Shadows research team provides an overview of the latest news this week, including new SWIFT attacks, more Business Email Compromise activity, the return of extortionist “thedarkoverlord”, Sam Sam and Saturn ransomware variants, and new reporting on APT-37.