2.8K
Downloads
58
Episodes
Stay ahead of the latest cybersecurity trends with Cyberside Chats! Listen to our weekly podcast every Tuesday at 6:30 a.m. ET, and join us live once a month for breaking news, emerging threats, and actionable solutions. Whether you’re a cybersecurity professional or an executive looking to understand how to protect your organization, cybersecurity experts Sherri Davidoff and Matt Durrin will help you stay informed and proactively prepare for today’s top cybersecurity threats, AI-driven attack and defense strategies, and more!
Join us monthly for an interactive Cyberside Chats: Live! Our next session will be announced soon.
Episodes
4 hours ago
4 hours ago
Ransomware gangs aren’t operating alone anymore and the lines between them are increasingly blurry.
In this episode of Cyberside Chats, we look at how modern ransomware groups collaborate, specialize, and team up to scale attacks faster. Using ShinyHunters’ newly launched data leak website as an example, we discuss how different crews handle access, social engineering, and data exposure, and why overlapping roles make attribution, defense, and response harder.
We also explore what this shift means for security leaders, from training and identity protection to preparing for data extortion that doesn’t involve encryption.
Key Takeaways
1. Harden identity and SaaS workflows, not just endpoints - Review help desk procedures, SSO flows, OAuth permissions, and admin access. Many recent incidents succeed without malware or exploits.
2. Train staff for voice phishing and IT impersonation - Add vishing scenarios to security awareness programs, especially for help desk and IT-adjacent roles.
3. Limit blast radius across cloud and SaaS platforms - Enforce least privilege, audit third-party integrations, and regularly review OAuth scopes and token lifetimes.
4. Plan for data extortion without ransomware - Update incident response plans and tabletop exercises to assume data theft and public exposure, even when no systems are encrypted.
5. Practice executive decision-making under data exposure pressure - Tabletop exercises should include legal, communications, and leadership discussions about public leaks, reputational risk, and extortion demands.
Resources
1. Panera Bread Breach Linked to ShinyHunters and Voice Phishing
https://mashable.com/article/panera-bread-breach-shinyhunters-voice-phishing-14-million-customers
2. BreachForums Database Leak Exposes 324,000 Accounts
3. BreachForums Disclosure and ShinyHunters
https://blog.barracuda.com/2026/01/26/breachforums-disclosure-shinyhunters
4. Scattered LAPSUS$ Hunters: 2025’s Most Dangerous Cybercrime
5. Microsoft Digital Defense Report
https://www.microsoft.com/security/business/security-insider/microsoft-digital-defense-report
No comments yet. Be the first to say something!