📌 We apologize for the technical issues experienced while filming this episode. Now onto the episode details: Oracle recently faced a major security scare after a hacker claimed to have stolen 6 million data records — a breach that has everyone talking. After initially denying the breach, Oracle is now saying their Oracle Cloud Infrastructure has n…

Emilio and Laz immediately throw Christian's topic in the trash and talk about the MINECRAFT MOVIE Also: should parents force their kids to play sports? Also: Take your kids' advice on how to youtube!By Christian, Emilio, Laz

By Christian, Emilio, Laz

or does he??? Christian and Emilio answer that questionBy Christian, Emilio, Laz

Christian and Laz discuss the federal government going to hell and how christian might group-buy a mansionBy Christian, Emilio, Laz

The Bybit crypto exchange was hacked for a record-breaking $1.5 billion theft of Ether cryptocurrency – perhaps the largest scale theft of all time. The FBI has linked the attack to TraderTraitor, a sub-cluster of the Lazarus Group, who leveraged a compromised machine of Safe{Wallet} to execute a supply chain attack on the Bybit platform. Matt and …

DeepSeek, the Chinese AI startup dominating news feeds, has experienced exponential growth while wiping almost $1 trillion off the U.S. stock market. However, the model's rise has now been overshadowed by a surge of malicious attacks. On this special episode of State of Cybercrime, Matt and David explore the rise of this innovative AI tool, the sub…

On this episode of State of Cybercrime, Matt and David cover the most recent Chinese state-sponsored APT attack by Silk Typhoon on the U.S. Treasury Department. They discuss how the attackers used a remote support tool to enable unauthorized access to Treasury workstations and unclassified documents. They also dive into some of the most pressing cy…

Songs stuck on loop! Old man tips! TNG and episodic television!By Christian, Emilio, Laz

In this episode, Matt and David delve into the evolving story of Salt Typhoon, a Chinese state-sponsored group, and their use of the innovative 'GhostSpider' backdoor to infiltrate telecommunication service providers. This sophisticated and far-reaching cyberattack, which is much larger than previously understood, has compromised sensitive cellular…

Russia's APT29, a.k.a "Midnight Blizzard," is arguably one of the world's most notorious threat actors. You might recall their involvement in the 2019 SolarWinds attack where they operated under the alias "Cozy Bear." The group is back with more relentless attacks—breaching cloud credentials and targeting over 100 organizations worldwide. In this e…

From AI: The conversation covers various topics including the benefits of electric lawnmowers, the concept of rest as resistance, and personal experiences with injuries. The hosts discuss the advantages of electric lawnmowers over gas-powered ones, highlighting their quietness and environmental friendliness. They also mention that California has ba…

Alien! Batman! Franchises! Lost! The Boys (ugh)!By Christian, Emilio, Laz

A very special episode of Let's Roll Characters!!By Christian, Emilio, Laz

Hosts Matt Radolec and David Gibson explain how cybercriminals are manipulating AI models like ChatGPT to plant false memories and steal data, along with other cybercrime-related stories like Salt Typhoon. Salt Typhoon is a Chinese hacking group that has reportedly breached multiple key U.S. broadband providers, raising significant concerns about t…

THE SECOND PART: Emilio uses his topic to run a surprise D&D game!! what is going on??By Christian, Emilio, Laz

Laz misses the beginning, christian is not fit, and emilio has... a surprise ending!!!By Christian, Emilio, Laz

The North Korean Lazarus group is running multiple high-risk campaigns: one exploiting Windows and another installing malware through fraudulent blockchain job offers. State of Cybercrime hosts Matt Radolec and David Gibson discuss the various APT groups, including a prolific ransomware-as-a-service operation and a Chinese cyber espionage gang know…

By Christian, Emilio, Laz

One of us has a duckBy Christian, Emilio, Laz

Matt Radolec and David Gibson discuss how an unknown attacker recently exploited a vulnerability in Proofpoint’s email routing system, allowing them to bypass security measures and send millions of spoofed emails on behalf of major companies. The co-hosts also cover: + The North Korean threat actor hired using AI + The biggest ransomware payment ev…

By Christian, Emilio, Laz

In this episode of State of Cybercrime, co-hosts Matthew Radolec and David Gibson dive into the details around LockBit, and cover other news including: + The MOVEit authentication bypass flaw + Developments in the Polyfill supply chain attack affecting millions of websites + Updates on the targeted campaign against Snowflake +A massive insider brea…

By Christian, Emilio, Laz

What are you the Scalabrine of? What is your most pathetic moment? Video StoresBy Christian, Emilio, Laz

By Christian, Emilio, Laz

Snowflake, a cloud storage platform used by some of the largest companies in the world, is investigating a targeted attack on its users who lack multifactor authentication. Join Matt Radolec and David Gibson for an episode of State of Cybercrime in which we discuss the increased attacks on Snowflake customers and share our five-point checklist for …

Music: https://soundcloud.com/magicalboombox/reckless-joy-practice-4By Christian, Emilio, Laz

Thank you to our sponsors "electric kettles" and BarillaBy Christian, Emilio, Laz

Special thanks to the one and only Al Pacino for his appearance early on. Class actBy Christian, Emilio, Laz

We're looking at our towns on a map and asking questionsBy Christian, Emilio, Laz

By Christian, Emilio, Laz

Emilio just finished a 6 hour d&d session. He's drunk, he's tired, he's probably incoherent -- LET'S ROLL. (pun intended)By Christian, Emilio, Laz

By Christian, Emilio, Laz

Completely uncensored Real Talk with your hosts CHICO, LAZ, and THA BUTTBy Christian, Emilio, Laz

Emilio, Christian, and Laz kick off episode one of CST with the important topics of the week and Emilio's Gripe CornerBy Christian, Emilio, Laz

A new data leak of more than 500 documents published to GitHub reveals the big business behind China’s state-sponsored hacking groups — from top-secret surveillance tools to details of offensive cyber ops carried out on behalf of the Chinese government. Join Matt and David for a special State of Cybercrime, which dives into China's espionage campai…

CISA issued an emergency directive to mitigate Ivanti Connect Secure and Ivanti Policy Secure vulnerabilities after learning of malware targeting the software company, allowing unauthenticated threat actors to access Ivanti VPNs and steal sensitive data. CISA is requiring all federal agencies to disconnect from affected Ivanti products by EOD Febru…

Enjoy our first State of Cybercrime episode of 2024 as Matt Radolec and David Gibson cover: Who is to blame for 23andMe’s big breach SEC’s X account getting hacked Threat actors swatting patients Varonis Threat Labs research on a new, widespread vulnerability: https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes Mentioned…

In this episode of 'State of Cybercrime', the hosts discuss various topics including an executive order on Artificial Intelligence(AI) by President Biden promoting a balance between AI safety, security, privacy and innovation, as well as implications for American leadership in AI. They covered the disruptive Mozi Botnet, SolarWinds CISO's challenge…

Few breaches have drawn as much social media fervor as the recent 23andMe incident, in which the genomics company was victim to a massive credential stuffing attack that leveraged leaked and reused passwords to target accounts without MFA. What differentiates this attack from others is that 23andMe itself was not breached, but an entire wave of its…

Join Matt Radolec and David Gibson for this episode of the State of Cybercrime, recording from Black Hat 2023, as they cover the latest threats you need to know about.Also be sure to check out our webinar, New SEC Cyber Rules: Action Plan for CISOs and CFOs on Tuesday, August 22 | 12 p.m. ET. Link here:https://info.varonis.com/en/webinar/what-the-n…

The Storm-0558 incident has proven to be even more widespread than initially reported. While Microsoft originally stated that only Outlook.com and Exchange Online were affected, Wiz Research has discovered that the compromised signing key may have allowed the cybercriminal group to forge access tokens for SharePoint, Teams, OneDrive, and every othe…

A Microsoft zero-day vulnerability has allowed hacking group Storm-0558 to forge Azure AD authentication tokens, and breach organizations — including U.S. government agencies — in the past week.Watch this State of Cybercrime episode to hear our experts break down how this attack happened, see the discoveries made by the Varonis Threat Labs team, an…

Across the globe, CL0P ransomware group is extorting hundreds of organizations after exploiting an unknown SQL injection vulnerability in file transfer service MOVEit. The victims need to contact the ransomware group by June 14 or their stolen data will be published publicly on the group’s extortion site.Join Matt Radolec, David Gibson, and special…

In the wake of the U.S. defense leak, the Pentagon CIO has given a one-week deadline for all defense agencies to ensure compliance with DOD information security protocols. But what does that actually mean?Join Matt, David, and Varonis Team Lead Engineer for U.S. Public Sector Trevor Brenn for a State of Cybercrime episode that breaks down what the …

Links mentioned in this episode: • Video course (free) on building an IR plan: https://info.varonis.com/thank-you/course/cyber-incident-response • Blog post about LockBit: https://www.varonis.com/blog/anatomy-of-a-ransomware-attack • Blog post about HardBit: https://www.varonis.com/blog/hardbit-2.0-ransomware Want to join us live? Save a seat here:…

Recent cyberattacks, zero-days, and APTs have positioned China as a cybersecurity adversary.Join Matt Radolec and David Gibson for a special State of Cybercrime episode, during which the two will discuss the recent wave of stealth Chinese cyberattacks against U.S. private networks and what this means for U.S.-Chinese relations in 2023.Matt and Davi…

Still reeling from last year’s data breach, password manager LastPass recently shared that the same attacker who targeted the organization in August has struck again, this time using stolen data to hack an employee’s home computer. Join Matt Radolec and David Gibson as they walk you through the multi-stage attack, revisiting the discussion of the i…

We're back! Kind of. We'll soon relaunch this podcast and wanted to give you a quick update on what's happening. Want to join us live? Save a seat here:https://www.varonis.com/state-of-cybercrimeMore from Varonis ⬇️ Visit our website: https://www.varonis.comLinkedIn: https://www.linkedin.com/company/varonisX/Twitter: https://twitter.com/varonisInst…