The Defender's Advantage Podcast Mandiant
-
- Технологии
The Defender’s Advantage Podcast explores the world of cyber security and Mandiant through three distinct tracks. Threat Trends: Listen twice a month as host Luke McNamara interviews guests on the latest in cyber security research, the cyber landscape, and the latest news from Mandiant. Frontline Stories: Listen to Kerry Matre monthly as she is joined by notable guests on the frontlines of cyber security, including Mandiant customers, security professionals, and executives. Skills Gap: Listen to Kevin Bordlemay each month for this series focusing on thoughts, ideas, and initiatives for narrowing the skills gap in cyber security.
-
Investigations Into Zero-Day Exploitation of the Ivanti Connect Secure Appliances
Mandiant Principal Analysts John Wolfram and Tyler McLellan join host Luke McNamara to discuss their research in the "Cutting Edge" blog series, a series of investigations into zero-day exploitation of Ivanti appliances. John and Tyler discuss the process of analyzing the initial exploitation, and the attribution challenges that emerged following the disclosure and widespread exploitation by a range of threat actors. They also discuss the role a suspected Volt Typhoon cluster played into the follow-on exploitation, and share their thoughts on what else we might see from China-nexus zero-day exploitation of edge infrastructure this year.
For more on this research, please check out:
Cutting Edge, Part 1: https://cloud.google.com/blog/topics/threat-intelligence/suspected-apt-targets-ivanti-zero-day
Cutting Edge, Part 2: https://cloud.google.com/blog/topics/threat-intelligence/investigating-ivanti-zero-day-exploitation
Cutting Edge, Part 3: https://cloud.google.com/blog/topics/threat-intelligence/investigating-ivanti-exploitation-persistence
Cutting Edge, Part 4: https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
Follow John on X at @Big_Bad_W0lf_
Follow Tyler on X at @tylabs -
M-Trends 2024 with Mandiant Consulting Vice President Jurgen Kutscher
Jurgen Kutscher, Mandiant Vice President for Consulting, joins host Luke McNamara to discuss the findings of the M-Trends 2024 report. Jurgen shares his perspective on the "By the Numbers" data, the theme of evasion of detection in this year's report, and how Mandiant consultants have been leveraging AI in purple and red teaming operations.
For more on the M-Trends 2024 report: http://cloud.google.com/security/m-trends -
Assessing the State of Multifaceted Extortion Operations
Kimberly Goody, Head of Mandiant's Cyber Crime Analysis team and Jeremy Kennelly, Lead Analyst of the same team join host Luke McNamara to breakdown the current state of ransomware and data theft extortion. Kimberly and Jeremy describe how 2023 differed from the activity they witnessed the year prior, and how changes in the makeup of various groups have played out in the threat landscape, why certain sectors see more targeting, and more.
-
Hunting for "Living off the Land" Activity
Host Luke McNamara is joined by Mandiant consultants Shanmukhanand Naikwade and Dan Nutting to discuss hunting for threat actors utilizing "living off the land" (LotL) techniques. They discuss how LotL techniques differ from traditional malware based attacks, ways to differentiate between normal and malicious use of utilities, Volt Typhoon, and more.
-
Director of NSA's Cybersecurity Collaboration Center on Trends in 2024
Morgan Adamski, Director of the NSA's Cybersecurity Collaboration Center (CCC) joins host Luke McNamara to discuss the threat posed by Volt Typhoon and other threat actors utilizing living off the land (LotL) techniques, zero-day exploitation trends, how the CCC works with private sector organizations, and more.
-
The North Korean IT Workers
Principal Analyst Michael Barnhart joins host Luke McNamara to discuss Mandiant's research into the threat posed by the Democratic People's Republic of Korea's (DPRK) usage of IT workers to gain access to enterprises.
For more on Mandiant's analysis of North Korea's cyber capabilities, please see: https://www.mandiant.com/resources/blog/north-korea-cyber-structure-alignment-2023