Hosts Matt Radolec and David Gibson explain how cybercriminals are manipulating AI models like ChatGPT to plant false memories and steal data, along with other cybercrime-related stories like Salt Typhoon. Salt Typhoon is a Chinese hacking group that has reportedly breached multiple key U.S. broadband providers, raising significant concerns about the security of sensitive communications data. The hackers may have had access to these networks for months, raising significant concerns about the security of sensitive communications data. More from Varonis ⬇️ Visit our website: https://www.varonis.com LinkedIn: https://www.linkedin.com/company/varonis X/Twitter: https://twitter.com/varonis Instagram: https://www.instagram.com/varonislife/ #Cybercrime #Podcast #DataSecurity

The North Korean Lazarus group is running multiple high-risk campaigns: one exploiting Windows and another installing malware through fraudulent blockchain job offers. State of Cybercrime hosts Matt Radolec and David Gibson discuss the various APT groups, including a prolific ransomware-as-a-service operation and a Chinese cyber espionage gang known as Volt Typhoon, and other vulnerable vulnerabilities in this episode, including: + Lazarus FudModule rootkit attacks and the concurrent Eager Crypto Beavers campaign + RansomHub attacks on Halliburton, Change Healthcare, and hundreds more + Large-scale extortion of AWS environments through exposed ENV files + Hundreds of exposed servers from Volt Typhoon’s ISP targeting + Payment gateway breach of over 1.7 million credit card owners

Matt Radolec and David Gibson discuss how an unknown attacker recently exploited a vulnerability in Proofpoint’s email routing system, allowing them to bypass security measures and send millions of spoofed emails on behalf of major companies. The co-hosts also cover: + The North Korean threat actor hired using AI + The biggest ransomware payment ever made + How X is training its Grok AI LLM with your posts + The EU’s groundbreaking AI act + How anyone can access deleted and private repositories on GitHub + Updates on AMD's silicon-level "SinkClose" processor flaw

The LockBit ransomware group claimed to have attacked the U.S. Federal Reserve, stating they would leak 33 terabytes of its data. However, analysis revealed that the data released on their website actually came from a financial services company in Arkansas, not the Federal Reserve.

Snowflake, a cloud storage platform used by some of the largest companies in the world, is investigating a targeted attack on its users who lack multifactor authentication. Join Matt Radolec and David Gibson for an episode of State of Cybercrime in which we will discuss the increased attacks on Snowflake customers and share our five-point checklist for ensuring your cloud databases are properly configured and monitored.

A new data leak of more than 500 documents published to GitHub reveals the big business behind China’s state-sponsored hacking groups — from top-secret surveillance tools to details of offensive cyber ops carried out on behalf of the Chinese government.

CISA issued an emergency directive to mitigate Ivanti Connect Secure and Ivanti Policy Secure vulnerabilities after learning of malware targeting the software company, allowing unauthenticated threat actors to access Ivanti VPNs and steal sensitive data. Join Matt, David, and Dvir to learn more about the Ivanti vuln and other cyber threats.

As cyber threats evolve, so do the targets. From the shocking “swatting” incidents at Fred Hutchinson's Cancer Center to the alarming rise of fake hack-back offers after ransomware attacks, the landscape of cybercrime is constantly shifting.

Artificial intelligence could create “catastrophic risks” or be the answer to our technology prayers, world leaders say. The AI Executive Order issued Oct. 30 plans to establish new standards for AI safety and security, but others warn against rushing to regulate AI technology before it’s fully understood. Our State of Cybercrime team will break down the bipartisan legislation and answer all your AI questions about robots ruling the world.

Join the State of Cybercrime team, Matt, David, and Dvir, to learn about the numerous tools hackers use for cred stuffing, examples of when these tactics have been used in organizational attacks, and what you can do to protect yourself.