Episode Description

Forecast = Substantial Atmospheric River Warning

In this episode of Storm⚡️Watch, we delve into the pressing issue of ransomware payments, which are on a notable decline as victims increasingly choose not to pay.

The conversation then turns to the alarming frequency of cyberattacks that often go unnoticed by the public, and highlights one recent breach in the municipality where a major U.S. court case is occurring. We highlight several incidents at organizations across the globe, emphasizing the pervasive nature of these security breaches.

We also dissect the sobering findings from the Dragos Industrial Ransomware Report for Q4, which reveals the increasing number of groups involved in ransomware attacks. This report underscores the challenges faced by industries in safeguarding their operations against such threats.

A surprising revelation comes from Germany, where a job posting for a Windows 3.11 administrator for a rail line brings to light the outdated and insecure systems still in use, which pose significant security risks.

The episode doesn't shy away from discussing major breaches, including the recent attacks on HPE and Microsoft, and the potential spillover effects these could have on the broader tech ecosystem.

We also explore Cert Spotter, a Certificate Transparency log monitor from SSLMate that alerts you when an SSL/TLS certificate is issued for one of your domains.

The team covers two recent blogs by Censys researchers, and takes a look at GreyNoise tags that are linked to ransomware gang activity.

Lastly, we briefly note CISA’s new Water and Wastewater Sector Incident Response Guid,e and touch upon the latest trends and active campaigns in the cybersecurity landscape, as well as a roundup of known exploited vulnerabilities, providing listeners with a comprehensive overview of the current state of cyber threats.

View episode Slides
Link to GreyNoise Twitter account
Link to GreyNoise Twitter account