Podcast bait, malware switch. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 5 October 2024

⏱️ 20 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Joshua Miller from Proofpoint is discussing their work on "Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset." Proofpoint identified Iranian threat actor TA453 targeting a prominent Jewish figure with a fake podcast interview invitation, using a benign email to build trust before sending a malicious link. The attack attempted to deliver new malware called BlackSmith, containing a PowerShell trojan dubbed AnvilEcho, designed for intelligence gathering and exfiltration. This malware consolidates all of TA453's known capabilities into a single script rather than the previously used modular approach. The research can be found here: Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K. And now a word from our sponsor,
0:17.0	Security teams face a barrage of more, more security tools, create more complexity. More devices need protection. More security
0:23.0	devices need protection,
0:25.0	more specialized focus areas create more silos.
0:29.0	The security landscape is changing fast.
0:32.0	How can security operations transform to meet current threats?
0:36.0	Cortex by Palo Alto networks consolidates Secop Tools into an integrated platform
0:42.0	and helps organizations stop threats at scale
0:45.0	with AI automation and analytics. Learn more at Palo Alto Networks
0:49.8	dot com slash cortex. Hello.
0:54.0	Hello.
0:55.0	Hello.
0:58.0	Hello, Hello everyone and welcome to the CyberWire's research Saturday.
1:08.0	I'm Dave Bitner and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities,
1:15.6	solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.
1:21.4	Thanks for joining us.
1:23.0	As we hunt for espionage threats in our data, one of the things we look at is different lures that we see them use over and over.
1:35.8	And so specifically for TA 453, we've seen them use the approach of a Bina podcast host before, as well as just up-in-nine conversation to different targets.
1:47.0	That's Joshua Miller, threat researcher at Proof Point.
1:51.0	The research we're discussing today is titled Best Laid Plans.
1:54.8	TA 453 targets religious figure with fake podcast invite delivering new blacksmith
2:01.1	malware tool set.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.