Unveiling the Ransomware Ecosystem with Tammy Harper

In this compelling episode, Jim is joined by Tammy Harper from Flair.io to re-air one of their most popular and insightful episodes. Dive into the intricate world of ransomware as Tammy, a seasoned threat intelligence researcher, provides an in-depth introduction to the ransomware ecosystem. Explore the basics and nuances of ransomware, from its origins to its modern-day complexities. Tammy discusses not only the operational structures and notable ransomware groups like Conti, LockBit, and Scattered Spider, but also the impact and evolution of ransomware as a service. She also elaborates on ransomware negotiation tactics and how initial access brokers operate. This episode is packed with invaluable information for anyone looking to understand the cybercrime underground economy. Don’t forget to leave your questions in the comments, and they might be addressed in future episodes!

00:00 Introduction and Episode Re-Run Announcement
00:29 Guest Introduction: Tammy Harper from Flair io
00:41 Exploring the Dark Web and Ransomware
02:21 Tammy Harper's Background and Expertise
03:40 Understanding the Ransomware Ecosystem
04:02 Ransomware Business Models and Initial Access Brokers
07:08 Double and Triple Extortion Tactics
11:23 History of Ransomware: From AIDS Trojan to WannaCry
13:02 The Rise of Ransomware as a Service (RaaS)
19:41 Conti: The Ransomware Giant
26:17 Conti's Tools of the Trade: EMOTET, ICEDID, and TrickBot
32:05 The Conti Leaks and Their Impact
34:04 LockBit and the Ransomware Cartel
37:07 National Hazard Agency: A Subgroup of LockBit
38:17 Release of Volume Two and Its Impact
39:08 Details of the Training Manual
40:52 Ransomware Negotiations
41:28 Ransom Chat Project
42:27 Conti vs. LockBit Negotiation Tactics
43:30 Professionalism in Ransomware Operations
47:07 Ransomware Chat Simulation
48:03 Ransom Look Project
49:11 Current Ransomware Landscape
50:32 Infiltration and Research Methods
51:47 Profiles of Emerging Ransomware Groups
01:05:21 Initial Access Market
01:10:26 Future of Ransomware and Law Enforcement Efforts
01:13:14 Conclusion and Final Thoughts

Cybersecurity Today: The Good News Edition

In this episode, host Jim Love addresses a previous mistake regarding the location of Yellowknife and announces a special 'good news' edition. Key stories include Microsoft's dismantling of a global phishing-as-a-service operation Raccoon 0365, the recovery of nearly $2 million lost to a business email compromise scam by a Texas county, and the Commonwealth Bank of Australia's significant reduction in scam losses through AI-powered defenses. The episode emphasizes lessons learned in cybersecurity and the positive outcomes from recent countermeasures. Love also mentions that the usual host, David Shipley, will return on Monday.

00:00 Introduction and Apology
01:38 Good News Stories Overview
02:18 Microsoft Dismantles Raccoon 0365
03:59 Texas County Recovers $2 Million
05:51 CommBank's AI-Powered Scam Prevention
08:01 Conclusion and Contact Information

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More...

In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, including those maintained by CrowdStrike. Love explains practical but challenging measures to mitigate such threats. He also explores steganography's role in hiding malicious scripts within seemingly benign image files, urging vigilance against embedding hidden commands. Additionally, the episode covers a cyber incident in Yellowknife, causing severe disruptions to municipal services and emphasizing the importance of cyber hygiene and support from higher government levels. Lastly, Jim examines how a Windows 11 patch has created a new vulnerability, stressing the need for enhanced monitoring and quick updates.

00:00 Introduction and Overview
00:21 The Shy Ude Worm: A New Threat
02:19 Steganography: Hiding in Plain Sight
05:30 Cybersecurity Incident in Yellowknife
07:24 Microsoft's Patch Problems
08:27 Conclusion and Contact Information