Episoder

  • This episode of the podcast looks at the Qilin ransomware group's attack on the UK's National Health Service. Or - more accurately - their ransomware attack against Synnovis, a third party pathology testing organization for a number of London hospitals.

    Guests Louise Ferrett and Joe Honey go through time timeline of the attack - discussing the group's history, whether to trust claims that the attack was politically motivated, and the reasoning behind leaking 400gb of stolen patient data.

    This episode also looks at the state of ransomware half a year into 2024 - including where some of the biggest groups from last year have disappeared off to, new groups that security professionals should be aware of, and the diversification of ransomware landscape as more groups emerge than ever before.

    Want to find out more or have a suggestion for future podcast episodes?

    Email: [email protected]: www.slcyber.ioLinkedIn: www.linkedin.com/company/searchlight-cyberX: www.twitter.com/SLCyberSecWeekly newsletter: www.slcyber.io/beacon/
  • This episode of The Dark Dive takes a listener's question as a jumping off point to talk about the topic of data leaked on the dark web.

    Guests Luke Donovan and Adam Wilson discuss noteworthy data leaks from over the years - impacting organizations such as 23andMe, Ashley Madison, and Yahoo! - and bring things right up to the present day (June 2024) by looking at the data leaks on BreachForums impacting Ticketmaster and Santander customers.

    We look at how data such as credit card information, addresses, passwords, usernames, and even biometric information is stolen in the first place, how it is packaged and sold on the dark web, and the implications of highly sensitive data being leaked.

    Want to find out more or have a suggestion for future podcast episodes?

    Email: [email protected]    Website: www.slcyber.io   LinkedIn: www.linkedin.com/company/searchlight-cyber  X: www.twitter.com/SLCyberSec      Weekly newsletter: www.slcyber.io/beacon/ 

    For more background on the cases we discuss:

    Ticketmaster: https://www.bbc.com/news/articles/cw99ql0239wo Santander: https://www.bbc.com/news/articles/c6ppv06e3n8o 23andMe: https://www.bbc.com/news/technology-67624182 El Salvador: https://securityaffairs.com/162790/data-breach/el-salvador-massive-leak-biometric-data.html Ashley Madison: https://www.forbes.com/sites/zakdoffman/2020/02/01/ashley-madison-hack-returns-to-haunt-its-victims-32-million-users-now-have-to-watch-and-wait/ Yahoo! 2013 data breach: https://www.bbc.co.uk/news/business-41493494 Nitro: https://www.bleepingcomputer.com/news/security/massive-nitro-data-breach-impacts-microsoft-google-apple-more/
  • Mangler du episoder?

    Klikk her for å oppdatere manuelt.

  • In the first episode of season two, The Dark Dive takes a forensic look at Operation Cronos, the international law enforcement takedown of the notorious ransomware group LockBit.

    Dr. Gareth Owenson and Louise Ferrett give an overview of LockBit, explain how Operation Cronos has unfolded, and discuss why law enforcement has taken an unconventional approach (“the most epic trolling in cybersecurity history”) to this ransomware group takedown.

    Recorded on May 14, this episode includes the “unmasking” of LockBitSupp in early May, how LockBit has responded to the law enforcement action, and how this operation has (and could still) impact other groups - with the BlackCat ransomware gang choosing early retirement.

    Useful links:

    NCA press release, February 20, 2024: https://www.nationalcrimeagency.gov.uk/news/nca-leads-international-investigation-targeting-worlds-most-harmful-ransomware-group/

    LockBit statement: https://x.com/vxunderground/status/1761506370656825531

    US DoJ sanctions, May 7, 2024: https://www.justice.gov/opa/pr/us-charges-russian-national-developing-and-operating-lockbit-ransomware

    Want to find out more or get in touch with us?:

    Email: [email protected] 

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.x.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/

  • The final episode of this limited series looks at how law enforcement and cybersecurity professionals can respond to the dark web criminality outlined in the previous five episodes.

    Returning guest Dr. Gareth Owenson is joined by Ben Jones, CEO of Searchlight Cyber, and Evan Blair, General Manager of North America, to discuss the actions that law enforcement agencies and private organizations are tackling threats that emerge from the dark web.

    This bumper conversation ranges from how officers identify individuals that are masking their identity with the anonymity of the dark web, to how security teams are beginning to monitor the dark web for "early warning signals" that their organization is about to be attacked, and concludes with the final messages that our experts would like listeners to take away from this podcast series.

    Want to find out more or have a suggestion for future podcast episodes?

    Email: [email protected]

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.twitter.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/

    Report, "Government Agency Targeted on the Dark Web": https://www.slcyber.io/whitepapers-reports/government-agency-targeted-on-the-dark-web/

  • This episode of The Dark Dive looks at what host Aidan Murphy describes as "dark web service providers" - i.e. the services that keep dark web criminality ticking.

    In particular, threat intelligence experts Carlito Perschky and Rob Fitzsimons explain where cryptocurrency fits into the dark web, how it has enabled illegal marketplaces to flourish, and the methods criminals use to hide where their funds are going to and from.

    We also discuss the paradox of dark web search engines and link sites that criminals use to navigate the dark web, as well as stranger aspects of the dark web that haven't been covered in our previous podcast episodes.

    Want to find out more?

    Email: [email protected]

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.twitter.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/

  • In this episode of The Dark Dive we look at how cyber defender's biggest nemeses - ransomware groups - use the dark web.

    Returning threat intelligence experts Jim Simpson and Louise Ferrett explain all of the functions of a ransomware leak site, how ransomware group members use dark web forums, and how monitoring this activity helps us understand how ransomware threat is evolving.

    We cover some of the biggest groups*, take a fascinating look at how they work with each other, and host Aidan Murphy learns the difference between "state-backed" and "nation-backed" threat actors.

    *Note - this episode was recorded before the takedown of LockBit in the international law enforcement action, Operation Cronos.

    Want to find out more?

    Email: [email protected]

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.twitter.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/

    Report: "More Groups, More Problems: Ransomware in 2023"

  • We're joined by threat intelligence experts Joe Honey and Vlad to delve into dark web hacking forums.

    The conversation covers how dark web forums differ from regular internet forums, the topics that users are discussing, and how forums manage to have such longevity in comparison to criminal marketplaces.

    On the way our guests explain the "barrier to entry" to getting onto these forums, the blurry line between Russian, English language, and Chinese forums, and how these sites act as a market for a specific type of cybercriminal known as "Initial Access Brokers".

    Want to find out more?

    Email: [email protected]

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.twitter.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/

    Report, "Combatting Initial Access Brokers With Dark Web Intelligence": https://www.slcyber.io/whitepapers-reports/combating-initial-access-brokers-with-dark-web-intelligence/

  • In this episode of The Dark Dive - the podcast that delves into the depths of the dark web - we take a forensic look at dark web markets.

    Guests Louise Ferrett and Dave Osler outline the different types of marketplaces that exist on the dark web, the illicit and criminal goods they sell, and the challenges they create for law enforcement.

    In the process, we discuss the difference between drug and digital goods markets (known as "autoshops"), the short lifespan of marketplace sites, and the strangest things they've seen sold on the dark web.

    Want to find out more?

    Email: [email protected]

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.twitter.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/

  • In this first episode of The Dark Dive we start at the beginning, with the question: what is the dark web?

    Renowned dark web academic Dr. Gareth Owenson and threat intelligence expert Jim Simpson define exactly what the "dark web" is in relation to the "clear web" and the "deep web", how dark web networks like Tor work, and why it's relevant to law enforcement and cybersecurity professionals.

    They also provide an overview of the types of traditional and cyber criminal activity that take place on the dark web, while busting (and confirming) some dark web myths.

    Want to find out more?

    Email: [email protected]

    Website: www.slcyber.io

    LinkedIn: www.linkedin.com/company/searchlight-cyber

    X: www.twitter.com/SLCyberSec

    Weekly newsletter: www.slcyber.io/beacon/