Friend
Professional
- Messages
- 2,653
- Reaction score
- 860
- Points
- 113
Experts talked about the tactics of the most dangerous groups that can penetrate the company's networks while you are not looking.
On the Microsoft Threat Intelligence podcast, host Sherrod DeGrippo and her guests discussed the latest trends and threats in the field of cybersecurity, paying special attention to the actions of hacker groups and their use of advanced technologies. Security researchers Daria Pop and Anna Saitz took part in the conversation, sharing their observations on the activities of Black Basta and other groups.
Daria Pop noted that Black Basta continues to be one of the most active groups engaged in extortion. In recent years, they have significantly changed their methods and tools of attack, ranging from phishing attacks to more sophisticated social engineering schemes. Among the new techniques of Black Basta is the use of remote management tools such as TeamsPhisher to distribute malware through platforms such as Microsoft Teams. Daria Pop stressed that, despite the popularity and "reliability" of the techniques used, it is important to constantly monitor changes in the methods of work of such groups.
According to DeGrippo, while such techniques are not new, they have become proven tools in the arsenal of cybercriminals, allowing them to easily access systems and carry out attacks. In addition, Daria Pop noted the impact of the operation to destroy Qakbot on the activity of Black Basta, which led to a temporary change in the hackers' strategy. This trend is due to the fact that Qakbot is associated with Black Basta.
Anna Seitz talked about how government hackers such as Forest Blizzard and Emerald Sleet are beginning to use LLM models to optimize their attacks. The models help criminals improve their social engineering skills, quickly fix bugs in the code, and look for vulnerabilities. Anna emphasized that the threats associated with LLMs do not yet go beyond the scope of already known attack methods, which gives defenders time to develop new countermeasures.
Concluding the discussion, the experts drew attention to the importance of maintaining high standards of cyber hygiene and the use of multi-factor authentication to protect organizations from new threats. Reference was also made to the growing role of artificial intelligence in both defensive and offensive operations, which requires increased readiness and vigilance from all participants in cyberspace.
Source
On the Microsoft Threat Intelligence podcast, host Sherrod DeGrippo and her guests discussed the latest trends and threats in the field of cybersecurity, paying special attention to the actions of hacker groups and their use of advanced technologies. Security researchers Daria Pop and Anna Saitz took part in the conversation, sharing their observations on the activities of Black Basta and other groups.
Daria Pop noted that Black Basta continues to be one of the most active groups engaged in extortion. In recent years, they have significantly changed their methods and tools of attack, ranging from phishing attacks to more sophisticated social engineering schemes. Among the new techniques of Black Basta is the use of remote management tools such as TeamsPhisher to distribute malware through platforms such as Microsoft Teams. Daria Pop stressed that, despite the popularity and "reliability" of the techniques used, it is important to constantly monitor changes in the methods of work of such groups.
According to DeGrippo, while such techniques are not new, they have become proven tools in the arsenal of cybercriminals, allowing them to easily access systems and carry out attacks. In addition, Daria Pop noted the impact of the operation to destroy Qakbot on the activity of Black Basta, which led to a temporary change in the hackers' strategy. This trend is due to the fact that Qakbot is associated with Black Basta.
Anna Seitz talked about how government hackers such as Forest Blizzard and Emerald Sleet are beginning to use LLM models to optimize their attacks. The models help criminals improve their social engineering skills, quickly fix bugs in the code, and look for vulnerabilities. Anna emphasized that the threats associated with LLMs do not yet go beyond the scope of already known attack methods, which gives defenders time to develop new countermeasures.
Concluding the discussion, the experts drew attention to the importance of maintaining high standards of cyber hygiene and the use of multi-factor authentication to protect organizations from new threats. Reference was also made to the growing role of artificial intelligence in both defensive and offensive operations, which requires increased readiness and vigilance from all participants in cyberspace.
Source
