Just in time for spooky season, this episode takes you into the darkest corners of the cyber underworld, where the real monsters aren’t ghosts or goblins, but ransomware gangs lurking in the shadows.
We sat down with Matthew Maynard (3.42), a cybersecurity pro by day and a real-life cyber ghostbuster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
While most bug bounty programs reward researchers for finding flaws, Matthew’s work is far more chilling (and thrilling). As part of threat intelligence programs like Halcyon’s Threat Research Intelligence Program (TRIP), he infiltrates ransomware gangs, extracts their secrets and helps shut down their operations before they strike.
For CISOs and executives, Matthew’s experience offers a rare and critical perspective on how to shift from reactive fire-drills to proactive threat hunting. By leveraging dark web intelligence, undercover engagements, and threat actor profiling, security leaders can anticipate attacks, disrupt criminal operations, and even recover stolen data before it’s too late.
All content for Infosecurity Magazine Podcast is the property of Infosecurity Magazine and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Just in time for spooky season, this episode takes you into the darkest corners of the cyber underworld, where the real monsters aren’t ghosts or goblins, but ransomware gangs lurking in the shadows.
We sat down with Matthew Maynard (3.42), a cybersecurity pro by day and a real-life cyber ghostbuster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
While most bug bounty programs reward researchers for finding flaws, Matthew’s work is far more chilling (and thrilling). As part of threat intelligence programs like Halcyon’s Threat Research Intelligence Program (TRIP), he infiltrates ransomware gangs, extracts their secrets and helps shut down their operations before they strike.
For CISOs and executives, Matthew’s experience offers a rare and critical perspective on how to shift from reactive fire-drills to proactive threat hunting. By leveraging dark web intelligence, undercover engagements, and threat actor profiling, security leaders can anticipate attacks, disrupt criminal operations, and even recover stolen data before it’s too late.
ToolShell Deep Dive: The SharePoint Exploit Crisis Uncovered
Infosecurity Magazine Podcast
41 minutes 47 seconds
3 months ago
ToolShell Deep Dive: The SharePoint Exploit Crisis Uncovered
In this special episode of the Infosecurity Magazine podcast, we dive deep into the rapidly evolving story surrounding Microsoft SharePoint On-Premises.
Recent disclosures have revealed a series of vulnerabilities now being exploited in targeted campaigns, with Chinese threat actors at the centre but other threat actors joining in the attacks.
This episode breaks down the complexities of the incident, the ongoing exploitations and the broader implications for security practitioners. Stay updated as this story unfolds and equip yourself with valuable insights to better understand and defend against emerging cyber threats.
Our discussion includes:
Timeline of events surrounding the ToolShell Microsoft SharePoint on-prem vulnerability (02.20)
Interview with Charles Carmakal, CTO at Mandiant, now part of Google Cloud (06.38). Charles details these critical vulnerabilities and steps towards patching and what some orgnaizations may be missing, leaving them vulnerable to compromise.
Interview Lorri Janssen-Anessi, Director of External Cyber Assessments at BlueVoyant. With extensive experience from her time at the NSA and the Department of Homeland Security, Lorri provides an in-depth perspective on the impact these attacks are having and what they mean for organizations today. (17.18)
Sing up to receive Infosecurity Magazine's weekly newsletter here.
Infosecurity Magazine Podcast
Just in time for spooky season, this episode takes you into the darkest corners of the cyber underworld, where the real monsters aren’t ghosts or goblins, but ransomware gangs lurking in the shadows.
We sat down with Matthew Maynard (3.42), a cybersecurity pro by day and a real-life cyber ghostbuster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
While most bug bounty programs reward researchers for finding flaws, Matthew’s work is far more chilling (and thrilling). As part of threat intelligence programs like Halcyon’s Threat Research Intelligence Program (TRIP), he infiltrates ransomware gangs, extracts their secrets and helps shut down their operations before they strike.
For CISOs and executives, Matthew’s experience offers a rare and critical perspective on how to shift from reactive fire-drills to proactive threat hunting. By leveraging dark web intelligence, undercover engagements, and threat actor profiling, security leaders can anticipate attacks, disrupt criminal operations, and even recover stolen data before it’s too late.
