335 episodes

Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.

Research Saturday N2K Networks

    • Technology
    • 4.4 • 8 Ratings

Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.

    Inside SendGrid's phishy business.

    Inside SendGrid's phishy business.

    Robert Duncan from Netcraft is sharing their research on "Phishception - SendGrid abused to host phishing attacks impersonating itself." Netcraft has recently observed that criminals abused Twilio SendGrid’s email delivery, API, and marketing services to launch a phishing campaign impersonating itself. 
    Hackers behind this novel phishing campaign used SendGrid’s Tracking Settings feature, which allows users to track clicks, opens, and subscriptions with SendGrid. The malicious link was masked behind a tracking link hosted by SendGrid. 
    Please take a moment to fill out an audience survey! Let us know how we are doing!
    The research can be found here:
    Phishception – SendGrid is abused to host phishing attacks impersonating itself

    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 31 min
    Understanding the multi-tiered impact of ransomware.

    Understanding the multi-tiered impact of ransomware.

    This week we are joined by Jamie MacColl and Dr. Pia Hüsch from RUSI discussing their work on "Ransomware: Victim Insights on Harms to Individuals, Organisations and Society." The research reveals some of the harms caused by ransomware, including physical, financial, reputational, psychological and social harms.
    Researchers state "Based on interviews with victims and incident responders, this paper outlines the harm ransomware causes to organisations, individuals, the UK economy, national security and wider society."
    Please take a moment to fill out an audience survey! Let us know how we are doing!
    The research can be found here:
    Ransomware: Victim Insights on Harms to Individuals, Organisations and Society

    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 22 min
    The return of a malware menace.

    The return of a malware menace.

    This week we are joined by, Selena Larson from Proofpoint, who is discussing their research, "Bumblebee Buzzes Back in Black." Bumblebee is a sophisticated downloader used by multiple cybercriminal threat actors and was a favored payload from its first appearance in March 2022 through October 2023 before disappearing.
    After a four month hiatus, Proofpoint researchers found that the downloader returned. Its return aligns with a surge of cybercriminal threat activity after a notable absence of many threat actors and malware.
    The research can be found here:

    Bumblebee Buzzes Back in Black 

    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 21 min
    Web host havoc: Unveiling the Manic Menagerie campaign.

    Web host havoc: Unveiling the Manic Menagerie campaign.

    Assaf Dahan and Daniel Frank from Palo Alto Networks Cortex sit down with Dave to talk about their research "Manic Menagerie 2.0: The Evolution of a Highly Motivated Threat Actor." From late 2020 to late 2022, Unit 42 researchers discovered an active campaign that targeted several web hosting and IT providers in the United States and European Union.
    The research states "They have further deepened their foothold in victims’ environments by mass deployment of web shells, which granted them sustained access, as well as access to internal resources of the compromised websites."
    The research can be found here:
    Manic Menagerie 2.0: The Evolution of a Highly Motivated Threat Actor

    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 23 min
    Hackers come hopping back.

    Hackers come hopping back.

    Ori David from Akamai is sharing their research "Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal." FritzFrog takes advantage of the fact that only internet facing applications were prioritized for Log4Shell patching and targets internal hosts, meaning that a breach of any asset in the network by FritzFrog can expose unpatched internal assets to exploitation. 
    The research states "FritzFrog has traditionally hopped around by using SSH brute force, and has successfully compromised thousands of targets over the years as a result." Over the years Akamai has seen more than 20,000 FritzFrog attacks, and 1,500+ victims.
    The research can be found here:
    Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal

    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 20 min
    Ransomware is coming.

    Ransomware is coming.

    Jon DiMaggio, Chief Security Strategist for Analyst1, is discussing his research on "Ransomware Diaries Volume 4: Ransomed and Exposed - The Story of RansomedVC." While there is evidence to support that RansomedVC runs cybercrime operations, Jon questions the claims it made regarding the authenticity of the data it stole and the methods it used to extort victims.
    The research states "I uncovered sensitive information about the group's leader, Ransomed Support (also known as Impotent), relating to secrets from his past." In this episode John shares his 6 key findings after spending months engaging with the lead criminal who runs RansomedVC.
    The research can be found here:
    Ransomware Diaries Volume 4: Ransomed and Exposed - The Story of RansomedVC

    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 30 min

Customer Reviews

4.4 out of 5
8 Ratings

8 Ratings

Jedi Wannabi ,

A fascinating look into the guts of the machine

I love learning about how even the people who deeply know and understand the intricacies of existing data networks are constantly breaking new ground.

[REDACTED] USER ,

Podcast doesn’t play while on VPN.

Podcast doesn’t play while on VPN.

GottaRun21 ,

The go-to for cyber research discussion

Need or want to know more about the leading research in security? You’ve found just the thing. It’s the perfect show to catch up on the latest research over a cup of joe on a Saturday morning.

Top Podcasts In Technology

All-In with Chamath, Jason, Sacks & Friedberg
All-In Podcast, LLC
Lex Fridman Podcast
Lex Fridman
Hard Fork
The New York Times
No Priors: Artificial Intelligence | Machine Learning | Technology | Startups
Conviction | Pod People
TED Radio Hour
NPR
Acquired
Ben Gilbert and David Rosenthal

You Might Also Like

Word Notes
N2K Networks
Caveat
N2K Networks
CyberWire Daily
N2K Networks
Hacking Humans
N2K Networks
Threat Vector by Unit 42
Palo Alto Networks Unit 42 and N2K Networks
Click Here
Recorded Future News