Credential harvesters in the cloud. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

News, Tech News, Daily News, Technology

4.8 • 1.1K Ratings

🗓️ 16 November 2024

⏱️ 19 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

This week we are joined by, Blake Darché, Head of Cloudforce One at Cloudflare, to discuss their work on "Unraveling SloppyLemming’s Operations Across South Asia." Cloudforce One's investigation into the advanced threat actor "SloppyLemming" reveals an extensive espionage campaign targeting South and East Asia, with a focus on Pakistan's government, defense, telecommunications, and energy sectors. Leveraging multiple cloud service providers, SloppyLemming employs tactics like credential harvesting, malware delivery, and command-and-control (C2) operations, often relying on open-source adversary emulation tools like Cobalt Strike. Despite its activities, the actor's poor operational security (OPSEC) has allowed investigators to gain valuable insights into its infrastructure and tooling. The research can be found here: Unraveling SloppyLemming’s operations across South Asia Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.7	Hey, everybody, Dave here.
0:15.6	I want to talk about our sponsor, Legal Zoom.
0:19.5	You know, I started my first business back in the early 90s,
0:23.2	and oh, what I would have done to have been able to have the services of an organization like LegalZoom back then.
0:31.1	Just getting all of those business ducks in a row, all of that technical stuff, the legal stuff,
0:36.8	the registrations of the business, the taxes, all of those technical stuff, the legal stuff, the registrations of the business,
0:39.1	the taxes, all of those things that you need to go through when you're starting a business,
0:44.2	the hard stuff, the stuff that sucks up your time when you just want to get that business
0:49.4	launched and out there. Well, LegalZoom has everything you need to launch, run, and protect your
0:56.3	business all in one place. And they save you from wasting hours making sense of all that
1:02.7	legal stuff. Launch, run, and protect your business to make it official today at legalzoom.com.
1:10.4	You can use promo code Cyber10 to get 10% off any LegalZoom business information product,
1:17.1	excluding subscriptions and renewals.
1:19.4	That expires at the end of this year.
1:21.4	Get everything you need from setup to success at LegalZoom.com and use promo code Cyber10. That's legalzoom.com and promo code
1:30.8	cyber 10. LegalZoom provides access to independent attorneys and self-service tools. LegalZ
1:37.0	is not a law firm and does not provide legal advice except where authorized through its
1:41.1	subsidiary law firm, LZ Legal Services LLC.
1:44.4	Hello, everyone, and welcome to the CyberWire Research Saturday.
2:00.2	I'm Dave Bittner, and this is our weekly
2:02.3	conversation with researchers and analysts tracking down the threats and vulnerabilities,
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.