Episodes

  • S3 Ep13: Unpacking gifts after Christmas: extensions, packages, and fiascos

    S3 Ep13: Unpacking gifts after Christmas: extensions, packages, and fiascos
    Jan 7 2025
    [LIVE] Out of the Woods Podcast
    January 30, 2025 | 12:00 - 1:30 PM ET
    Sign Up -->     https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action

    Top Headlines:

    1. Socket | Quesar RAT Disguised as an npm Package for Detecting Vulnerabilities in Etherium Smart Contract: https://socket.dev/blog/quasar-rat-disguised-as-an-npm-package
    2. BleepingComputer | Windows 10 Users Urged to Upgrade to Avoid “Security Fiasco: https://www.bleepingcomputer.com/news/microsoft/windows-10-users-urged-to-upgrade-to-avoid-security-fiasco/?&web_view=true
    3. The Hacker News | When Good Extensions Go Bad: Takeways from the Campaign Targeting Browser Extensions: https://thehackernews.com/2024/12/when-good-extensions-go-bad-takeaways.html?m=1
    4. The Python Package Index Blog | Project Quarantine – The Python Package Index Blog: https://blog.pypi.org/posts/2024-12-30-quarantine/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    40 mins
  • S3 Ep12: Declawing, Disguising, and Destroying: Modern Cyber Threats Unmasked

    S3 Ep12: Declawing, Disguising, and Destroying: Modern Cyber Threats Unmasked
    Dec 17 2024
    Top Headlines:

    1. Elastic Security Labs | Declawing PUMAKIT: https://www.elastic.co/security-labs/declawing-pumakit
    2. XLab | Glutton: a New Zero-Day Detection PHP Backdoor from Winnti Targets Cybercriminals: https://blog.xlab.qianxin.com/glutton_stealthily_targets_mainstream_php_frameworks-en/
    3. Claroty | Inside a New OT/IoT Cyberweapon: IOCONTROL - https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
    4. SecureList | Careto is Back: What's New After 10 Years of Silence?: https://securelist.com/careto-is-back/114942/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    46 mins
  • S3 Ep11: Attack Away, Same Tricks Will Stay

    S3 Ep11: Attack Away, Same Tricks Will Stay
    Dec 10 2024
    Top Headlines:

    1. Embrace The Red | DeepSeek AI: From Prompt Injection to Account Takeover: https://embracethered.com/blog/posts/2024/deepseek-ai-prompt-injection-to-xss-and-account-takeover/
    2. Huntress | Cleo Software Actively Being Exploited in the Wild: https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild
    3. Zscaler | Unveiling RevC2 and Venom Loader: https://www.zscaler.com/blogs/security-research/unveiling-revc2-and-venom-loader
    4. Cyble | Threat Actor Targets Manufacturing Industry with Malware: https://cyble.com/blog/threat-actor-targets-manufacturing-industry-with-malware/?&web_view=true

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    37 mins
  • S3 Ep10: [LIVE] The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt

    S3 Ep10: [LIVE] The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt
    Dec 9 2024
    Welcome to Out of the Woods: The Threat Hunting Podcast! In this episode, "The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt," our expert team dives into what it means to reach the “ideal outcome” as a threat hunter, offering actionable insights to help you build an effective and enduring approach.

    This episode discussed:

    • Long-Term Impact: Discover how a structured threat hunt can benefit both hunters and their organizations, reinforcing stronger security measures and insights that last.
    • Security Stack Essentials: Learn about the ideal tools and technologies that make up a robust security stack, empowering you to align hunting efforts with broader security goals.
    • Integration and Team Synergy: Find out how to integrate threat hunting with security operations teams, fostering collaboration to create a well-rounded defense approach.
    • Skills for the Future: We’ll also discuss the critical skills and techniques that help threat hunters stay effective in an evolving threat landscape.

    Interesting Artifacts:
    • https://gptzero.me/
    • https://atomicgen.io/
    • https://securitydatasets.com/introduction.html

    🔗 Join us on Discord: https://discord.gg/Ka6tsEc3


    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    1 hr and 28 mins
  • S3 Ep9: [Bonus Episode] Dr. Joshua Scarpino on Guardrails for Responsible AI

    S3 Ep9: [Bonus Episode] Dr. Joshua Scarpino on Guardrails for Responsible AI
    Dec 2 2024
    **Out of the Woods: The Threat Hunting Podcast [LIVE EPISODE]
    December 5, 2024 | 12:00 - 1:30 PM EST
    Sign Up Here:     https://intel471.com/resources/podcasts/the-ideal-outcome-the-gift-of-a-well-crafted-threat-hunt

    ----------

    In this episode of Out of the Woods: The Threat Hunting Podcast, host Scott Poley speaks with Dr Joshua Scarpino, VP of Information Security at TrustEngine and CEO of Assessed.Intelligence, during the Information Security Summit in Cleveland. Josh shares insights from his extensive career in IT and security, diving into responsible technology deployment and the challenges of managing AI systems.

    Learn how organizations can implement guardrails to mitigate risks, tackle scope creep, and build foundational frameworks like the NIST AI Risk Management Framework (RMF). Josh also emphasizes the importance of addressing unknown risks and the need for diverse perspectives in AI system development to ensure fairness and accountability.

    Tune in to gain practical strategies for assessing risks, establishing governance, and driving secure innovation in today’s evolving tech landscape.

    *Connect with Dr. Joshua Scarpino: https://www.linkedin.com/in/joshuascarpino/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    9 mins
  • S3 Ep8: Exposures Unveiled: Keys, Clouds and Evolving Threats

    S3 Ep8: Exposures Unveiled: Keys, Clouds and Evolving Threats
    Nov 26 2024
    **Out of the Woods: The Threat Hunting Podcast [LIVE EPISODE]
    December 5, 2024 | 12:00 - 1:30 PM EST
    Sign Up Here:     https://intel471.com/resources/podcasts/the-ideal-outcome-the-gift-of-a-well-crafted-threat-hunt

    ----------

    Top Headlines:

    1. We Live Security | Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine: https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/
    2. Phylum Research | Python Crypto Library Updated to Steal Private Keys: https://blog.phylum.io/python-crypto-library-updated-to-steal-private-keys/?&web_view=true
    3. Censys | The 2024 State of the Internet Report: Internet-Connected Industrial Control System: https://go.censys.com/rs/120-HWT-117/images/2024SOTIR.pdf
    4. Hunters Security | Unmasking VEILDrive: Threat Actors Exploit Microsoft Services for C2: https://www.hunters.security/en/blog/veildrive-microsoft-services-malware-c2?&web_view=true

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    46 mins
  • S3 Ep7: [Bonus Episode] Protecting Privacy: Brian Hill on Cyber Threats and Individual Security

    S3 Ep7: [Bonus Episode] Protecting Privacy: Brian Hill on Cyber Threats and Individual Security
    Nov 19 2024
    In this episode of Out of the Woods: The Threat Hunting Podcast, Scott Poley sits down with Brian Hill, a cybersecurity leader with a rich background in law enforcement, military service, and corporate security. Brian shares his journey from major crimes detective and forensics expert to building and managing Security Operations Centers (SOCs) at organizations like Arctic Wolf and Black Cloak. The discussion highlights challenges in scaling SOCs, the importance of balancing specialized expertise with cross-functional training, and unique threats faced by high-profile individuals, such as SIM swapping and personal device vulnerabilities. Brian also explores broader trends like artificial intelligence and deepfake technology, emphasizing the need for education and proactive measures to stay ahead of evolving cyber threats.


    *Connect with Brian Hill: https://www.linkedin.com/in/brian-hill-776b50100/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    32 mins
  • S3 Ep5: [Bonus Episode] Privacy Meets Protection: Violet Sullivan on the Real Scope of Cyber Insurance

    S3 Ep5: [Bonus Episode] Privacy Meets Protection: Violet Sullivan on the Real Scope of Cyber Insurance
    Nov 14 2024
    In this episode of Out of the Woods: The Threat Hunting Podcast, Scott Poley catches up with Violet Sullivan, cyber services lead for insurance carrier Crum and Forester, at the Information Security Summit in Cleveland. Violet dives into the evolving world of cyber insurance, shedding light on the often-overlooked layers of coverage that go beyond cyber events, including system outages and privacy litigation. She explains the shifting focus from ransomware to privacy issues, and how the rising importance of privacy is impacting both insurance policies and legal frameworks.

    They discuss the nuanced world of privacy litigation and emerging technologies like privacy scans, which scrutinize website data collection practices. Violet also addresses the current debate on AI training data, ownership, and privacy, offering insights into the challenges and implications for companies and individuals alike. If you’re interested in the intersection of cyber insurance, privacy, and AI, this episode offers a compelling look at how these fields are rapidly converging.

    *Connect with Violet Sullivan: https://www.linkedin.com/in/txcyberlawyer/

    ----

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    25 mins