Adversary Universe Podcast

CrowdStrike
  • 4.9 (77)
  • TECHNOLOGY
  • UPDATED BIWEEKLY

Modern adversaries are relentless. Today’s threat actors target organizations around the world with sophisticated cyberattacks. Who are they? What are they after? And most importantly, how can you defend against them? Welcome to the Adversary Universe podcast, where CrowdStrike answers all of these questions — and more. Join our hosts, a pioneer in adversary intelligence and a specialist in cybersecurity technology, as they unmask the threat actors targeting your organization.

  1. 1D AGO

    Taking Down Cybercriminals with Shawn Henry, Former FBI Leader

    How do you take down a cybercriminal? Last month, we explored that question through the lens of Operation Endgame. Today, we ask Shawn Henry, former Executive Assistant Director of the FBI and current Executive Advisor to the Founder and CEO of CrowdStrike. In some ways, it’s similar to taking down criminals in the physical world. But the speed and scale of cybercrime operations exacerbate the challenge of stopping them. While infrastructure can be dismantled, the impact is now short-lived as adversaries pivot to other setups. While law enforcement considers how to replicate successful operations, cybercriminals are thinking about how they can adapt and stay ahead. For those pursuing adversaries, speed and scale are difficult to achieve. As Shawn explains, successful takedowns require collaboration among dozens of groups; among them law enforcement agencies, international partners, intelligence analysts, reverse engineers, prosecutors, and private sector organizations that have visibility into adversary infrastructure. “A takedown isn’t a single door-kick moment. It’s a monthslong choreography of legal process and infrastructure mapping and partner synchronization,” he says. Are there ways to accelerate the process? He has a few ideas. Tune in as Shawn joins Adam and Cristian to share a behind-the-scenes take on stopping cybercrime. Learn the key challenges law enforcement faces, how a takedown comes together, why arrests alone aren’t enough to stop adversaries, and where there is still an opportunity to have real impact.

    49 min

  2. 12/30/2025

    2025 Wrapped: Updates on This Year’s Hottest Topics

    This was a busy year for the Adversary Universe podcast. We covered the emergence of new adversaries, the weaponization of AI, critical CrowdStrike research, and how cyberattacks look in different regions of the world. To recap 2025, we’re revisiting the topics that resonated most with our listeners to share year-end updates. Adam and Cristian cover the I-Soon data leaks, evolution of China as a nation-state threat, re-emergence of SCATTERED SPIDER, and the latest in ransomware-as-a-service. Tune in to learn the factors that may shape Chinese cyber operations in 2026 and why SCATTERED SPIDER activity looks different now compared to its summer of cybercrime. As a bonus, Adam shares some of the latest eCrime stats his team is seeing as we close out 2025 and explains why he believes we’ll see “an explosion of zero-days” in the months ahead. The adversary never slows down — and neither do we. We look forward to bringing you more information on the newest cyber threats in 2026. For more information: • I-Soon episode: See You I-Soon: A Peek at China’s Offensive Cyber Operations • Blog post: Unveiling WARP PANDA, a New Sophisticated China-Nexus Adversary • Blog post: CrowdStrike Services Observes SCATTERED SPIDER Escalate Attacks Across Industries

    36 min

  3. 12/18/2025

    Is This Endgame? How Takedowns Are Reshaping eCrime

    In November 2025, a major public-private sector collaboration took down three significant malware networks. Operation Endgame involved law enforcement agencies from six EU countries, Australia, Canada, the U.K., and the U.S., along with Europol and 30 private sector partners, including CrowdStrike. The dismantled infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials. Operation Endgame was a critical disruption of adversary operations — but it wasn’t the first. Law enforcement has for years sought to take down adversary infrastructure and often partners with private sector organizations like CrowdStrike to inform their operations. By disrupting the tools and processes threat actors rely on, these takedowns raise the cost for adversaries and make it harder for them to operate. As Adam and Cristian discuss in this episode, takedowns require careful planning and constant innovation. Adversaries are always finding new techniques and tools, and law enforcement must do the same. While disruption may slow them down, threat actors are often quick to pivot and find new ways to achieve their goals. In this episode, we examine how law enforcement takedowns disrupt adversary operations, how adversaries respond, where the private sector provides support, and what this all means for organizations facing modern threats.

    36 min

  4. 12/04/2025

    Defrosting Cybersecurity’s Cold Cases with CrowdStrike’s Tillmann Werner

    Not all cybercrimes are resolved. Some threat groups disappear completely, and some malware is never seen again. But sometimes, a long-dormant case is cracked open and elusive answers are found. Tillmann Werner, VP of Intelligence Production at CrowdStrike, has been a member of the CrowdStrike Intelligence team since 2012 and has analyzed many of these cold cases. In this episode, he joins Adam to chat about unresolved cyberattacks, the adversaries behind them, and cases that remained inactive for years before new technology or data allowed experts to close them. While it’s frustrating to close a file without success, Tillmann says, the evolution of technology and proliferation of data often help solve old cases that have collected dust. Tune in to hear Adam and Tillmann look back at decades-old eCrime and nation-state campaigns, some of which now have answers — and others that remain a mystery.

    34 min

  5. 11/20/2025

    Prompted to Fail: The Security Risks Lurking in DeepSeek-Generated Code

    CrowdStrike research into AI coding assistants reveals a new, subtle vulnerability surface: When DeepSeek-R1 receives prompts the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of it producing code with severe security flaws increases by up to 50%. Stefan Stein, manager of the CrowdStrike Counter Adversary Operations Data Science team, joined Adam and Cristian for a live recording at Fal.Con 2025 to discuss how this project got started, the methodology behind the team’s research, and the significance of their findings. The research began with a simple question: What are the security risks of using DeepSeek-R1 as a coding assistant? AI coding assistants are commonly used and often have access to sensitive information. Any systemic issue can have a major and far-reaching impact.  It concluded with the discovery that the presence of certain trigger words — such as mentions of Falun Gong, Uyghurs, or Tibet — in DeepSeek-R1 prompts can have severe effects on the quality and security of the code it produces. Unlike most large language model (LLM) security research focused on jailbreaks or prompt injections, this work exposes subtle biases that can lead to real-world vulnerabilities in production systems. Tune in for a fascinating deep dive into how Stefan and his team explored the biases in DeepSeek-R1, the implications of this research, and what this means for organizations adopting AI.

    37 min

  6. 11/06/2025

    Extortion Rises and Nation-State Activity Intensifies: The CrowdStrike 2025 European Threat Landscape Report

    Europe is a prime target for global adversaries. There is a strong emphasis on eCrime across the region as well as a rise in hacktivism and espionage stemming from ongoing conflicts. The CrowdStrike 2025 European Threat Landscape Report breaks down these trends. In this episode, Adam and Cristian cover the highlights. They start with cybercrime, a major theme of the report. The five most targeted European nations were the U.K., Germany, Italy, France, and Spain, which also represent the region’s largest economies (excluding Russia). The most targeted sectors were manufacturing, professional services, technology, industrials and engineering, and retail. Adam explains how eCrime threat actors are looking for victims with a high need to stay operational. “With manufacturing, if they’re knocked offline because of ransomware, they can count the downtime in dollars and cents,” he shares as an example. On the nation-state front, Russia is top of mind. Since its invasion of Ukraine in 2022, many Russian threat actors who operated globally are more focused on Ukraine and areas related to the conflict. Adam and Cristian discuss reports of North Korean threat actors supporting the Russians with weapons and personnel, North Korea targeting Ukraine, and the tactics and techniques that stand out most. The European threat landscape is crowded and complex. Tune in to understand the key findings, and download the full report for more details. https://www.crowdstrike.com/en-us/resources/reports/2025-european-threat-landscape-report/

    27 min

  7. 10/23/2025

    Thriving Marketplaces and Regional Threats: The CrowdStrike 2025 APJ eCrime Landscape Report

    In the Asia Pacific and Japan (APJ) region, a burgeoning set of threat actors is emerging with a different language set, distinct tools, and an ecosystem where they interact with adversaries across the threat landscape. The CrowdStrike 2025 APJ eCrime Landscape Report explores the trends and issues facing organizations operating in this part of the world. For example, criminal groups in APJ are focused on opportunistic big game hunting and primarily target organizations in manufacturing, technology, industrials and engineering, financial services, and professional services. The sale of phishing kits is popular, with some going for up to $1 million. These threat actors prefer phishing, spam campaigns, and remote access toolkits to enable their operations. And they often find them on thriving Chinese-language marketplaces, which enable the sale of illicit services. While Eastern Europe is typically known as a hotbed of eCrime activity, the APJ region is one to watch. Tune in to hear Adam and Cristian discuss the key adversaries operating in the region, the threats that stand out to them, and how defenders can stay safe. Read the report: 2025 APJ eCrime Landscape Report Watch on YouTube: https://youtu.be/97javj3hmAA

    20 min

  8. 10/16/2025

    A Brief History of Ransomware

    Ransomware is not new, but the ransomware of today is very different from the ransomware of 1989. Today’s episode doubles as a history lesson, as Adam and Cristian look back at how a prolific global threat has evolved over the decades.   Gone are the days of malware arriving on floppy disks and victims waiting weeks to restore their systems in exchange for $200 ransom payments. “The early days of viruses were weird,” Adam points out. But much has changed since then. Several factors — the advent of cryptocurrency, the rise of enterprise targeting, and the shift to ransomware as a service — have caused the threat to transform. Today’s adversaries run ransomware like a business and collect hundreds of millions of dollars in payments.   The hosts reflect on the first ransomware to hit a business, the first to make news headlines, and the first major botnet operator to deploy ransomware, among other key events. Tune in for a discussion that spans years of ransomware evolution, highlights the key adversaries involved, and explains how businesses can defend themselves as the threat landscape continues to change.

    39 min
See All (66)

Trailer

4.9
out of 5
77 Ratings

About

Modern adversaries are relentless. Today’s threat actors target organizations around the world with sophisticated cyberattacks. Who are they? What are they after? And most importantly, how can you defend against them? Welcome to the Adversary Universe podcast, where CrowdStrike answers all of these questions — and more. Join our hosts, a pioneer in adversary intelligence and a specialist in cybersecurity technology, as they unmask the threat actors targeting your organization.

Information

  • Creator
    CrowdStrike
  • Years Active
    2023 - 2026
  • Episodes
    66
  • Rating
    Clean
  • Copyright
    © Copyright 2023 All rights reserved.
  • Show Website
    Adversary Universe Podcast

You Might Also Like