The Defender's Advantage Podcast

• UNC5221 and The Targeting of Ivanti Connect Secure VPNs

  Matt Lin (Senior Incident Response Consultant, Mandiant) and Daniel Spicer (Chief Security Officer, Ivanti) dive into the research and response of UNC5221's campaigns against Ivanti. They cover how this threat actor has evolved from earlier campaigns, the continued focus of edge infrastructure by APT actors, and the shared responsibility of security in mitigating threats like this. https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerabilityhttps://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-dayhttps://www.ivanti.com/blog/an-update-on-ivantis-ongoing-commitment-to-enhanced-product-securityhttps://www.ivanti.com/resources/secure-by-design/2024https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends?e=48754805

  --------  

  27:55
• Windows Remote Desktop Protocol: Remote to Rogue

  Host Luke McNamara is joined by GTIG Senior Security Researcher Rohit Nambiar to discuss Rohit's recent blog on some interesting usage of RDP by UNC5837. Rohit covers the discovery of the campaign, and the novel functionalities they were using to likely support cyber espionage goals. He delves into these findings and the usage of RemoteApps and victim file mapping via RDP, and closes with some of the mysteries that remain about this activity. https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol

  --------  

  34:27
• Cybersecurity Conversations with the C-Suite and Board

  Imran Ahmad (Senior Partner, Canadian Head of Technology and Canadian Co-Head of Cybersecurity and Data Privacy at Norton Rose Fulbright) joins host Luke McNamara to discuss how executives are thinking about cyber risk in a changing and evolving landscape. He touches on the importance of training before a breach, how ransomware has changed security conversations with boards, and the promise and risk of emerging technologies like AI play for enterprises.  

  --------  

  36:14
• What to Watch For in 2025

  Kelli Vanderlee, Kate Morgan, and Jamie Collier join host Luke McNamara to discuss trends that are top of mind for them in tracking emergent threats this year, from nation state intrusions to financially motivated ransomware campaigns. https://cloud.google.com/security/resources/cybersecurity-forecasthttps://cloud.google.com/blog/topics/threat-intelligence/cybercrime-multifaceted-national-security-threat

  --------  

  44:31
• Signals of Trouble

  Dan Black (Principal Analyst, Google Threat Intelligence Group) joins host Luke McNamara to discuss the research into Russia-aligned threat actors seeking to compromise Signal Messenger. Dan lays out how this latest evolution of Russia's usage of cyber in Ukraine compares to previous phases of the conflict, how this activity is likely supporting battlefield operations, and how users of secure messaging applications can mitigate some of the risks associated with activity like this. https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger

  --------  

  26:03

Weitere Technologie Podcasts

Trending Technologie Podcasts

Über The Defender's Advantage Podcast