Adversary Universe Podcast

CrowdStrike
  • 4,9 (75)
  • ТЕХНОЛОГИИ
  • КАЖДЫЕ ДВЕ НЕДЕЛИ
Adversary Universe Podcast

Modern adversaries are relentless. Today’s threat actors target organizations around the world with sophisticated cyberattacks. Who are they? What are they after? And most importantly, how can you defend against them? Welcome to the Adversary Universe podcast, where CrowdStrike answers all of these questions — and more. Join our hosts, a pioneer in adversary intelligence and a specialist in cybersecurity technology, as they unmask the threat actors targeting your organization.

  1. 10 АПР.

    OCULAR SPIDER and the Rise of Ransomware-as-a-Service

    Ransomware has become more difficult for organizations to defend against, but easier for adversaries to deploy. The rise of ransomware-as-a-service (RaaS) — a model in which ransomware operators write the malware and affiliates pay to launch it — has lowered the barrier to entry so threat actors of all skill levels can participate and profit.   OCULAR SPIDER is one such operator. This adversary, newly named by CrowdStrike, is associated with the development of ransomware variants including Cyclops, Knight, and RansomHub. They targeted hundreds of named victims between February 2024 and March 2025, according to CrowdStrike intelligence, and they focus on industries such as professional services, technology, healthcare, and manufacturing in regions including the United States, Canada, Brazil, and some European countries.   But OCULAR SPIDER is one of many operators in the ransomware space. Adam and Cristian take listeners back to the early days of ransomware and track its evolution, variants, and key players from the mid-2010s through the launch of RansomHub in 2024. They explain how RaaS works, why it appeals to adversaries and complicates attribution, and how defenders can prepare to face today’s ransomware threats.   Come for an update on Adam’s adventures in bread-making; stay for a deep-dive into the RaaS evolution and the threat actors driving it.

    29 мин.

  2. 27 МАР.

    Meet LUNAR SPIDER: The Inner Workings of an eCrime Adversary

    To anticipate threat actors’ behavior, we must understand them. That’s why CrowdStrike closely tracks the evolution and activity of 257 named adversaries, including the eCrime actor LUNAR SPIDER.“They almost behave like a startup; they’re constantly testing and innovating and developing what they’re doing,” Adam says of the group. “It’s an interesting paradigm when you think about how these eCrime actors operate.”In this episode, Adam and Cristian take a deep dive into the inner workings of LUNAR SPIDER, discussing their role in the complex eCrime ecosystem, their collaboration with other adversaries, and the evolution of their techniques, including changes to the BokBot/IcedID malware over time and their eventual transition to the Lotus loader. Tune in to learn what defenders should know about this threat actor’s behavior and how to defend against their evolving activity.Learn more about the eCrime ecosystem in this infographic.

    24 мин.

  3. 13 МАР.

    NSOCKS: Insights into a Million-Dollar Residential Proxy Service

    When an adversary wants to target an organization, they want to make it look like they’re coming from a regional or local internet service provider. This makes their activity seem more legitimate and buys time until they get caught. Proxies, which adversaries can use to conceal the origin of malicious traffic, are essential to this process.   NSOCKS is a residential proxy provider that CrowdStrike researchers dug into to learn more about how it was constructed and proactively identify how adversaries were using it to mask their attacks. They found that a range of internet of things (IoT) devices, such as home routers and network-attached storage (NAS) devices, are targeted by proxy providers to build out infrastructure and provide access to residential internet connections. Many of these devices have basic misconfiguration issues that make them accessible to attackers, but the CrowdStrike team was also able to identify a range of zero-day and n-day vulnerabilities being used.     Joel Snape, Senior Security Researcher at CrowdStrike, is part of that team. In this episode, Joel and Adam get into the details of the researchers’ findings, from how NSOCKS works to its takedown in late 2024 and the steps listeners can take to identify suspicious activity on their networks. Joel has presented this research at multiple security conferences — and now he brings it to the Adversary Universe podcast.

    31 мин.

  4. 27 ФЕВР.

    China’s Cyber Enterprise Grows: CrowdStrike 2025 Global Threat Report

    China’s cyber enterprise is rapidly growing: China-nexus activity was up 150% across industries in 2024, with a 200-300% surge in key sectors such as financial services, media, manufacturing, and industrials/engineering. CrowdStrike identified seven new China-nexus adversaries in 2024. “After decades investing in offensive cyber capabilities, China has achieved parity with some of the top players out there, and I think that is the thing that should terrify everybody,” Adam says.   China-nexus threat actors aren’t the only ones evolving their cyber operations. As the CrowdStrike 2025 Global Threat Report shows, nation-state and eCrime adversaries spanning regions and skill levels are gaining speed and refining their techniques. They’re learning what works and what doesn’t, and they’re scaling their effective tactics to achieve their goals. So what works? Voice phishing (vishing) skyrocketed 442% between the first and second half of 2024 as adversaries leaned on vishing, callback phishing, and help desk social engineering to access target networks. Generative AI played a key role in social engineering, where its low barrier to entry and powerful capabilities help adversaries create convincing content at scale. Compromised credentials also proved handy last year, helping threat actors enter and move laterally through organizations and operate as legitimate users.  What doesn’t work as well? Malware. 79% of detections in 2024 were malware-free, indicating a rise in hands-on-keyboard activity as adversaries face stronger security defenses.  Tune in to hear Adam and Cristian dig into the key findings of the CrowdStrike 2025 Global Threat Report, which also examines the latest on cloud-focused attacks, vulnerability exploitation, and nation-state activity around the world.

    34 мин.

  5. 20 ФЕВР.

    A Deep Dive into DeepSeek and the Risks of Foreign LLMs

    DeepSeek took the internet by storm earlier this year, making headlines and sparking conversations about its development, use, and associated risks. Today, Adam and Cristian take a deep dive into the new AI model. At a time when new AI models are constantly emerging, the launch of DeepSeek has led to questions and concerns around AI model security, data security, and national security. What is DeepSeek, and how was it trained? What are the risk implications of using it? Are there safe ways to explore new AI models, or should they be avoided entirely? And how worried do we need to be about data poisoning? Tune in for the answers to these questions and more in this episode of the Adversary Universe podcast.

    27 мин.

  6. 6 ФЕВР.

    Putting a Spotlight on Energy Sector Threats with Corelight's Greg Bell

    Cyberattacks targeting critical infrastructure have made more headlines in recent years, sparking concern about how these systems are protected. Adversaries are taking aim at older technologies that are both essential to everyday life and difficult to secure. Our guest for this episode is Greg Bell, chief strategy officer at Corelight. Before he co-founded the network security firm, Greg spent most of his career working in the National Laboratory system, part of the U.S. Department of Energy. He brings his perspective and expertise to this conversation about energy sector threats, the adversaries behind them, and the unique challenges that utility organizations face in detecting and defending against cyberattacks. There is a scary side to energy sector threats — but there is also an optimistic side. Adam, Cristian, and Greg discuss everything from the history of critical infrastructure threats to the attacks they’re seeing today, the complications of securing energy systems, and collaborative efforts to improve defense. Key to these efforts are partnerships like the one between CrowdStrike and Corelight, which work together to improve network threat detection and response. Come for the comprehensive look at energy sector threats and stay for Cristian’s energy sector puns in this episode of the Adversary Universe podcast.

    34 мин.

  7. 16 ЯНВ.

    See You I-Soon: A Peek at China’s Offensive Cyber Operations

    “It would not be an understatement to say that China is the number one national security concern that I think we have here in the West.” China’s offensive cyber activity has undergone a massive shift: What used to be simple smash-and-grab operations in the mid-2000s have evolved into sophisticated business models. We got a lens into this environment through a leak stemming from Chinese company I-Soon, whose data provided a narrow but revealing glimpse into the Chinese cyber contractor marketplace. I-Soon is a mid-sized contractor that has been operating since 2010. It provides state-sponsored advanced persistent threat (APT) cyber operations and tools, surveillance products and training for public security agencies, intelligence services and the military. The leak, which came from an anonymous GitHub user, included its internal documents and employee chat logs. These shed light on its products, services and customers as well as how some China-nexus adversaries are connected and sharing tools and capabilities. Adam and Cristian take a deep dive into these findings and how Chinese offensive cyber operations reached this point. They also dig into which PANDA adversaries are connected to I-Soon, how the cyber contractor recruits talent and what we learned about its disgruntled staff. The key takeaway? Leaks like this won’t stop adversaries — and China’s cyber operations aren’t slowing down.

    36 мин.

  8. 19.12.2024

    The Most Prolific Adversaries and Threats of 2024

    It has been another busy year for defenders and adversaries alike. As we wrap up 2024, Adam and Cristian reflect on the nation-state and eCrime threat activity that defined this year and what they expect as we head into 2025.Tune in to hear their observations on changing eCrime activity in Latin America, Chinese adversaries evolving their tactics and targeting telecommunications entities, the disruption of eCrime operations in the United States and more. And of course, you’ll hear the stories and context behind how these events unfolded and how we got to where we are today.Thank you to our listeners for all your support this year. We appreciate you sharing feedback and topics you’d like to hear on the show. As we plan for 2025, we anticipate another year of in-depth conversations, adversary insight and guest perspectives on the Adversary Universe podcast. Happy holidays!

    33 мин.
См. все (49)

Трейлер

4,9
из 5
Оценок: 75

Об этом подкасте

Modern adversaries are relentless. Today’s threat actors target organizations around the world with sophisticated cyberattacks. Who are they? What are they after? And most importantly, how can you defend against them? Welcome to the Adversary Universe podcast, where CrowdStrike answers all of these questions — and more. Join our hosts, a pioneer in adversary intelligence and a specialist in cybersecurity technology, as they unmask the threat actors targeting your organization.

Информация

  • Автор
    CrowdStrike
  • Годы выхода
    2023 - 2025
  • Выпуски
    49
  • Ограничения
    Без ненормативной лексики
  • Авторские права
    © Copyright 2023 All rights reserved.
  • Сайт подкаста
    Adversary Universe Podcast

Вам может также понравиться

Контент имеет ограничения

Этот выпуск нельзя воспроизвести через веб-браузер в вашей стране или регионе.

Чтобы прослушивать выпуски с ненормативным контентом, войдите в систему.

Следите за новостями подкаста

Войдите в систему или зарегистрируйтесь, чтобы следить за подкастами, сохранять выпуски и получать последние обновления.
Выберите страну или регион

Африка, Ближний Восток и Индия

Азиатско-Тихоокеанский регион

Европа

Латинская Америка и страны Карибского бассейна

США и Канада