Turla Ransomware: A Closer Look At The Russian Cyber Espionage Group StoneCast podcast

Artwork

Tech Podcasting Education Stonefly

Player FM - Internet Radio Done Right

Added five weeks ago

Content provided by Stonefly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Stonefly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

<

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/series-2996722">The So What from BCG</a></span>

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/series-2996722">The So What from BCG</a></span> podcast artwork

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/series-2996722">The So What from BCG</a></span> podcast artwork

1
The So What from BCG

5 days ago5d ago

Monthly+

This podcast from Boston Consulting Group looks around the corner of today’s big business and social issues. The goal–the so what–is to make sense of today and prepare busy leaders and executives for the day after tomorrow. Award-winning British journalist Georgie Frost interviews the leading thinkers and doers at BCG on the trends, developments, and ideas that will shape and disrupt the future. This is not your typical business strategy podcast.

StoneCast « »
Turla Ransomware: A Closer Look at the Russian Cyber Espionage Group

about a year ago 20:53

Share

MP3•Episode home

Content provided by Stonefly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Stonefly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Turla ransomware is a Russian-linked cyber espionage group linked to high profile cyberattacks including Solarwinds and Starlink cyberattack, and the recent cyberattack on the Ukrainian military network.

In this Deep Dive podcast, we breakdown Turla ransomware and the methods they use to infiltrate the networks of their victims including exploiting unmatched vulnerabilities, spear phishing, remote execution, credential harvesting, network scanning and the command-and-control methods used by Turla ransomware.

Our experts will also analyze the techniques Turla ransomware uses including:

· Hybrid tactics involving tools like Amadey and custom backdoors.

· Infrastructure sharing with other cyber criminals.

· Custom malware deployment using malware such as KazuarV2.

The podcast will conclude with a discussion about the different mitigation measures that businesses can implement to prevent a Turla ransomware attack including endpoint detection and response (EDR) tools, network segmentation, zero trust architecture, threat intelligence, and air-gapped and immutable backups.

Also read: Turla Ransomware: Comprehensive Analysis of the Russian APT

Looking to protect your sensitive data from Turla ransomware? Talk to our experts today. Contact sales@stonefly.com or call +1 510 265 1616.

… continue reading

30 episodes

#Tech #Podcasting Education #Stonefly

Artwork

Turla Ransomware: A Closer Look at the Russian Cyber Espionage Group

published about a year ago

Share

MP3•Episode home

Content provided by Stonefly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Stonefly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Turla ransomware is a Russian-linked cyber espionage group linked to high profile cyberattacks including Solarwinds and Starlink cyberattack, and the recent cyberattack on the Ukrainian military network.

In this Deep Dive podcast, we breakdown Turla ransomware and the methods they use to infiltrate the networks of their victims including exploiting unmatched vulnerabilities, spear phishing, remote execution, credential harvesting, network scanning and the command-and-control methods used by Turla ransomware.

Our experts will also analyze the techniques Turla ransomware uses including:

· Hybrid tactics involving tools like Amadey and custom backdoors.

· Infrastructure sharing with other cyber criminals.

· Custom malware deployment using malware such as KazuarV2.

The podcast will conclude with a discussion about the different mitigation measures that businesses can implement to prevent a Turla ransomware attack including endpoint detection and response (EDR) tools, network segmentation, zero trust architecture, threat intelligence, and air-gapped and immutable backups.

Also read: Turla Ransomware: Comprehensive Analysis of the Russian APT

Looking to protect your sensitive data from Turla ransomware? Talk to our experts today. Contact sales@stonefly.com or call +1 510 265 1616.

… continue reading

30 episodes

#Tech #Podcasting Education #Stonefly

All episodes

×

Artwork

1
Decrypting Cactus Ransomware: A Deep Dive into Its Attack Methods and Mitigation 15:52

3 days ago15:52

15:52

Cactus ransomware has emerged as one of the most sophisticated cyber threats, using advanced encryption techniques and stealthy tactics to evade traditional security measures. In this episode, we take a deep dive into how Cactus operates, from its initial infiltration methods to its ability to disable security tools and execute double extortion attacks. We’ll break down: ✅ The Attack Chain – How Cactus gains access through VPN vulnerabilities and stolen credentials. ✅ Evasion Tactics – How the malware encrypts itself to bypass detection and disables security tools. ✅ Double Extortion – Why victims face not just data encryption but also the threat of data leaks. ✅ Mitigation Strategies – Best practices, including air-gapped backups, multi-factor authentication, and proactive ransomware detection. With ransomware-as-a-service (RaaS) becoming more sophisticated, organizations must be prepared. Tune in as we discuss how businesses can stay ahead of evolving threats like Cactus ransomware and protect their critical data from cybercriminals.…

Artwork

1
HIPAA Security Rule Updates 2024: Stonefly and Veeam Solutions 10:55

4 days ago10:55

10:55

StoneFly provides data protection and resilience solutions for hybrid and multi-cloud environments, including data backup, recovery, security, and intelligence. They offer self-managed software, Veeam-hosted services, and workload-specific solutions, with a focus on ransomware recovery and compliance. "HIPAA Security Rule 2024" discusses proposed changes to HIPAA regulations, driven by increasing cyberattacks in healthcare. These updates emphasize enhanced risk management, faster breach reporting, regular security audits, and robust backup and recovery measures. Healthcare organizations are advised to adopt zero-trust principles, strengthen cybersecurity, and conduct regular audits to meet the new requirements. Veeam positions itself as a provider of solutions that help clients address HIPAA compliance with tools for compliance, accelerated recovery, proactive threat defense, and modernized data operations.…

Artwork

1
Malvertising Unveiled: Navigating the Hidden Dangers of Online Ads 18:27

11 days ago18:27

18:27

In this episode, we dive deep into the dark world of malvertising — a sophisticated cyber threat that hides within seemingly harmless online advertisements. Often overlooked, malvertising serves as a gateway for cybercriminals to distribute malware, ransomware, and other malicious payloads. We'll break down how attackers infiltrate legitimate ad networks and target high-traffic websites, often reaching millions of unsuspecting users. From clever tactics like fake software ads to the more recent surge in BlackCat ransomware campaigns, we uncover how these threats operate and evolve. Our conversation explores the critical implications for businesses and individuals alike. How does malvertising compromise enterprise networks? What are the hidden dangers of ignoring cybersecurity when browsing the web? We’ll answer these questions and more, offering actionable strategies for defense, including robust backup and recovery solutions to protect enterprise environments from attack vectors like malvertising. Tune in to learn how to recognize the signs of malicious ads, the security layers needed to safeguard your digital environment, and why vigilance is essential in today’s interconnected world. This is a must-listen for anyone seeking to stay ahead of cyber threats in the digital age.…

Artwork

1
Inside Trigona: Ransomware Tactics, Targets, and Countermeasures 21:24

11 days ago21:24

21:24

In this episode, we take a deep dive into Trigona ransomware , an advanced and dangerous malware variant that targets organizations by encrypting their critical data and demanding hefty ransom payments. We analyze its sophisticated encryption techniques and discuss how it spreads through unpatched vulnerabilities and phishing campaigns. Our experts break down the complete attack lifecycle of Trigona, from initial infiltration to data exfiltration, highlighting its double-extortion strategy that pressures victims into payment by threatening public exposure of stolen data. We also explore actionable defense strategies, including advanced threat detection, patch management, user awareness training, and backup best practices to help organizations build resilience against Trigona and other ransomware threats. Whether you're an IT professional, security enthusiast, or business leader, this episode delivers valuable insights to fortify your cyber defenses and navigate the ever-evolving threat landscape. Tune in to stay ahead of cybercriminals and safeguard your digital assets.…

Artwork

1
Zero Trust Architecture: A Blueprint for Enterprise Ransomware Protection 16:14

11 days ago16:14

16:14

In this comprehensive episode, we explore the transformative power of Zero Trust Architecture (ZTA) in safeguarding enterprises against the escalating threat of ransomware attacks. Traditional security models often operate on the assumption that entities within the network can be trusted, leaving systems vulnerable to internal threats and lateral movement by malicious actors. Zero Trust challenges this paradigm by enforcing strict verification processes for every user, device, and application seeking access, regardless of their location within or outside the network. Key Discussion Points: Understanding Zero Trust Architecture: Definition and core principles of ZTA. Evolution from traditional perimeter-based security models to a Zero Trust approach. Core Principles of Zero Trust: Verify Identity: Implementing robust authentication mechanisms to ensure that every access request is legitimate. Least Privilege Access: Restricting user permissions to only those necessary for their roles, thereby minimizing potential damage from compromised accounts. Assume Breach: Operating under the assumption that breaches are inevitable, which fosters a proactive security posture. Continuous Monitoring: Regularly assessing and monitoring all activities to detect and respond to anomalies in real-time. Implementing Zero Trust Architecture: Network Segmentation: Dividing the network into isolated segments to contain potential breaches. Micro-Segmentation: Creating granular zones within the network to prevent unauthorized lateral movement. Identity and Access Management (IAM): Deploying solutions that manage user identities and control access based on strict verification processes. Endpoint Security Measures: Ensuring that all devices accessing the network comply with security policies and are continuously monitored for threats. The Role of Backup and Disaster Recovery in Zero Trust: Data Protection: Highlighting the importance of robust backup solutions that align with Zero Trust principles. Air-Gapped and Immutable Backups: Discussing solutions that provide isolated and unchangeable backups to safeguard against ransomware attacks. Ensuring Resilience: Strategies to maintain business continuity and data integrity in the face of cyber threats. Challenges in Adopting Zero Trust: Integration with Existing Infrastructure: Addressing the complexities of implementing Zero Trust within current systems. User Adoption and Change Management: Overcoming resistance and ensuring smooth transitions for end-users. Scalability and Complexity: Managing the scalability of Zero Trust solutions in large and dynamic enterprise environments. Future Trends and Innovations: Advancements in Zero Trust Technologies: Exploring emerging tools and methodologies enhancing Zero Trust implementations. Emerging Threats and Countermeasures: Identifying new cyber threats and discussing proactive measures to counteract them. Join us as we delve into these topics, providing actionable insights and expert perspectives on how Zero Trust Architecture can be effectively leveraged to protect enterprises from the ever-evolving landscape of ransomware and cyber threats.…

Artwork

1
Ransomware-Proof NAS Backup Storage: StoneFly' Blueprint 26:47

19 days ago26:47

26:47

In this episode, we dive into the critical importance of robust NAS storage backup strategies amid escalating cyber threats, hardware failures, and human error. With ransomware attacks targeting NAS devices increasing by over 400% in the past year, traditional methods like RAID fall short of providing sufficient protection. Join us as we explore why multi-layered approaches — incorporating air-gapped backups, cloud backups, local storage, and comprehensive disaster recovery plans — are essential for modern data protection. We break down key concepts, such as: How air-gapped backups act as a digital escape route, keeping your data secure from ransomware. The role of cloud-based air gapping as a cost-effective, scalable fortress in the cloud. Why RAID alone is like a spare tire, useful but inadequate for sophisticated threats. StoneFly's cutting-edge solutions take center stage, with automated policy-driven air gapping and consulting services that make advanced protection more accessible. Hear real-world examples from healthcare and financial services sectors that have successfully fortified their backup strategies using StoneFly technologies. Whether you're a business owner, IT professional, or data enthusiast, this episode delivers actionable insights to help you build a resilient data protection strategy and safeguard your critical information.…

Artwork

1
Two-Hour Incident Response: The Key to Cybersecurity Readiness 12:10

19 days ago12:10

12:10

Explore the world of advanced cybersecurity solutions with a focus on StoneFly's groundbreaking incident response and proactive defense services. In this episode, we take a comprehensive look at how StoneFly ensures business continuity through their guaranteed 2-hour response time for cybersecurity incidents. Discover the meticulous process they follow to quickly assess, contain, and mitigate threats before they escalate. But that's not all — we also dive into their proactive services designed to keep organizations secure long before a threat materializes. From penetration testing that uncovers hidden vulnerabilities to comprehensive cloud security assessments and compliance management, StoneFly provides a multi-layered approach to safeguarding critical systems. Learn why leading organizations trust StoneFly not only for their rapid incident response but also for building long-term resilience against an evolving threat landscape. Whether you're a business owner, IT professional, or cybersecurity enthusiast, this episode will provide valuable insights on staying one step ahead of cyber adversaries with StoneFly's innovative solutions.…

Artwork

1
StoneFly DR365V: The Ultimate Backup and Disaster Recovery Solution with Air-Gapped Security 5:28

20 days ago5:28

5:28

In this deep dive, we explore the importance of backup storage in today’s cyber threat landscape. Discover how StoneFly’s DR365V, a Veeam-certified backup solution, provides enterprise-grade protection with features like air-gapped storage, immutability, and flexible storage options (SAN, NAS, and S3 object storage). Learn how this cost-effective solution ensures data security against ransomware and integrates seamlessly with existing infrastructures. Stay ahead of cyber threats with StoneFly’s cutting-edge technology. Watch now to see why DR365V is a game-changer for data protection!…

Artwork

1
Unlocking the Power of Local S3 Object Storage: Scalability, Security, and StoneFly Solutions 21:15

20 days ago21:15

21:15

Discover how S3 object storage brings cloud-like scalability and performance to on-premises environments. In this deep dive, we explore what S3 object storage is, how it works, and why it’s essential for managing unstructured data. Learn about StoneFly’s innovative solutions, including SCVM for virtualized setups and high-performance S3 object storage appliances. Plus, find out how StoneFly’s advanced security features, like air-gapped vaults and always-on air-gapped storage, protect your data from ransomware threats. If you're looking for a reliable, scalable, and secure local S3 storage solution, this guide is for you!…

Artwork

1
Ransomware-Proof Unified SAN, NAS, and S3 Object Storage Platform: StoneFly USO 28:57

27 days ago28:57

28:57

In this episode, we dive into the advanced technology behind the StoneFly Unified Storage Appliance, a comprehensive solution that seamlessly integrates SAN, NAS, and S3 object storage into a single, high-performance platform. We explore how this appliance redefines enterprise storage strategies by offering unmatched flexibility, scalability, and data protection capabilities for modern IT environments. Key Technical Highlights: Unified Storage Architecture: We break down how the appliance consolidates SAN (block-level), NAS (file-level), and S3 object storage, allowing enterprises to manage diverse workloads with a single, streamlined solution. Storage Virtualization with StoneFusion: Discover how the patented StoneFusion storage operating system virtualizes storage resources, enabling dynamic provisioning, thin provisioning, snapshots, and replication for optimized data management. Performance and Scalability: Learn how the appliance supports scalable storage configurations, including NVMe SSDs for ultra-fast performance, SAS drives for high-capacity storage, and built-in tiering to optimize data placement across hot and cold tiers. Data Protection and Security: Explore advanced features such as air-gapped and immutable storage for ransomware protection, built-in encryption, and automated replication for disaster recovery. High Availability and Fault Tolerance: Understand how the system ensures continuous data access with active-active controllers, clustered configurations, and automated failover/failback mechanisms. Multi-Cloud Integration: We discuss how the appliance integrates seamlessly with public cloud providers and supports hybrid cloud architectures, giving enterprises the flexibility to manage data across on-premises and cloud environments. Cost Efficiency and Infrastructure Optimization: Find out how the appliance helps businesses reduce TCO by consolidating storage silos, simplifying management, and maximizing existing infrastructure investments. Whether you're an IT leader looking to modernize your data storage strategy, a systems architect exploring hybrid cloud solutions, or a data protection expert seeking resilient storage options, this episode offers deep insights into how StoneFly’s unified storage appliance delivers the performance, scalability, and security required for today’s data-driven enterprises.…

Artwork

1
AI-Integrated Sandbox: Improving DevOps, Threat Analysis & Disaster Recovery 19:16

27 days ago19:16

19:16

In this episode, we explore the cutting-edge capabilities of the StoneFly AI SandboxHub, a revolutionary appliance designed to merge AI-powered analytics with secure, isolated sandbox environments. This unique solution enables enterprises to accelerate DevOps testing, conduct sophisticated threat analysis, and enhance disaster recovery orchestration with AI precision. We begin by examining the key architectural elements of the AI SandboxHub. Built with high-performance compute and storage components, it delivers seamless integration with enterprise IT environments, supporting hypervisors such as Proxmox, VMware, and Hyper-V. The appliance also features built-in automation and orchestration capabilities, optimized for both on-premises and hybrid cloud deployments. Key topics we discuss include: AI-Powered Threat Analysis: Learn how the AI SandboxHub detects and analyzes sophisticated cyber threats by leveraging machine learning algorithms trained to identify anomalies and malicious patterns. DevOps Testing and Agile Development: Discover how the appliance accelerates software development lifecycles by providing developers with isolated, AI-assisted testing environments, enabling faster bug detection and feature validation. Disaster Recovery Orchestration: Hear how the appliance integrates AI-driven decision-making into DR workflows, automating critical tasks like workload failover, replication monitoring, and data integrity verification. Security and Compliance: The sandbox environments offer complete data isolation, ensuring that sensitive information remains protected while meeting stringent compliance requirements. We also dive into the technical innovations behind StoneFly’s appliance, such as its use of air-gapped storage, support for NVMe SSDs for ultra-fast data access, and integration with AI/ML models that can be trained on-premises for advanced analytics. Whether you're a cybersecurity expert, DevOps engineer, or IT leader seeking to enhance disaster recovery strategies, this episode provides valuable insights into how the StoneFly AI SandboxHub is transforming enterprise IT operations with AI-driven intelligence and security-first principles.…

Artwork

1
Spear Phishing Survival Guide: Defend Your Enterprise Like a Pro 12:21

28 days ago12:21

12:21

In this episode of Deep Dive, we dissect one of the most dangerous and targeted cyber threats — spear phishing . Unlike generic phishing attempts, spear phishing involves meticulously crafted emails aimed at specific individuals or organizations, often impersonating trusted entities to deceive victims into divulging sensitive information or granting unauthorized access. We explore the anatomy of a spear phishing attack, covering the following critical areas: Attack Methods: Understand how threat actors gather information from public sources, social media, and compromised databases to personalize their attacks and increase the likelihood of success. Common Payloads: Discover how spear phishing emails deliver malicious payloads, including ransomware, credential-stealing malware, or links to fraudulent login pages. Key Indicators: Learn to identify red flags such as subtle changes in sender addresses, urgent language, and unexpected attachment requests. Enterprise Defense Strategies: Email Security Solutions: Implementing advanced email filtering with AI-driven threat detection. User Training: Building a human firewall through phishing awareness programs. Zero Trust Models: Limiting network access to reduce exposure even if a breach occurs. Multi-Factor Authentication (MFA): Adding layers of security to critical systems. Incident Response: Practical advice on isolating compromised accounts, resetting credentials, and analyzing the attack vector to strengthen defenses. Join us for an in-depth look at spear phishing and learn how to fortify your defenses against this growing cyber threat targeting enterprises worldwide.…

Artwork

1
BlackCat (ALPHV) Uncovered: Tactics, Payloads & Defense Strategies 20:55

29 days ago20:55

20:55

In this Deep Dive episode, we unravel the complexities of BlackCat (ALPHV) ransomware , a sophisticated and highly adaptable strain written in Rust—a programming language known for its speed and cross-platform compatibility. BlackCat's advanced features and modular architecture have made it one of the most versatile threats in the ransomware landscape. We break down the technical elements that set BlackCat apart, including its encryption algorithms, stealthy attack vectors, and multi-platform deployment capabilities targeting Windows and Linux environments. Learn how BlackCat leverages double extortion techniques, where encrypted data is held for ransom and sensitive information is threatened with public exposure if demands are not met. Key discussion points include: BlackCat's Attack Lifecycle: How it infiltrates systems using phishing emails, compromised credentials, and RDP exploits. Payload Analysis: Deep insights into its Rust-based structure and unique encryption processes. Mitigation Strategies: Practical defenses, including robust access controls, network segmentation, air-gapped backups, and immutable storage solutions. Incident Response: How organizations can recover from a BlackCat attack and improve future resilience. Join us for a technical exploration into one of the most advanced ransomware threats today and discover actionable steps to protect your enterprise from becoming the next target.…

Artwork

1
From Factories to Firewalls: The Automotive Industry’s Ransomware Crisis 23:16

30 days ago23:16

23:16

In this episode, we explore the escalating threat of ransomware attacks on the automotive industry, a sector increasingly reliant on digital systems and interconnected technologies. Drawing from StoneFly’s blog, we uncover how cybercriminals are exploiting vulnerabilities in manufacturing systems, supply chains, and connected vehicles to launch devastating attacks. We’ll dissect real-world incidents where ransomware has halted production lines, disrupted supply chains, and compromised sensitive data, costing companies millions. The discussion will delve into the technical mechanisms of these attacks, including phishing, unpatched software vulnerabilities, and weak network security, which serve as entry points for ransomware. The episode will also highlight the unique challenges faced by the automotive industry, such as the integration of IoT devices in vehicles, legacy systems in factories, and the complexity of global supply chains. We’ll examine how these factors create a perfect storm for ransomware proliferation. To combat this growing threat, we’ll explore actionable strategies, including the implementation of advanced endpoint protection, regular penetration testing, and robust backup and disaster recovery solutions. We’ll also discuss the role of AI-driven threat detection and employee training in building a resilient cybersecurity posture. Whether you’re an automotive industry professional, a cybersecurity expert, or simply interested in the intersection of technology and security, this episode will provide critical insights into defending against one of the most pressing cyber threats of our time. Tune in to learn how the automotive industry can stay one step ahead of ransomware attackers.…

Artwork

1
SaaS Downtime Exposed: How Single Points of Failure Cripple Industries 14:24

4 weeks ago14:24

14:24

In this episode, we take a deep dive into the critical issue of SaaS downtime and how single points of failure can bring entire industries to a standstill. Drawing insights from StoneFly’s blog, we explore the technical and operational challenges that arise when SaaS platforms fail, from cascading outages to lost productivity and revenue. We’ll break down the anatomy of single points of failure, examining how dependencies on centralized infrastructure, inadequate redundancy, and poor disaster recovery planning can amplify the impact of downtime. Using real-world examples, we’ll discuss how industries like healthcare, finance, and e-commerce are particularly vulnerable to these disruptions. The episode will also cover proactive strategies to mitigate these risks, including the adoption of distributed architectures, robust backup solutions, and failover mechanisms. We’ll highlight the role of technologies like hyperconverged infrastructure (HCI), cloud-native redundancy, and automated recovery systems in building resilient SaaS ecosystems. Whether you’re an IT professional, a business leader, or simply curious about the hidden vulnerabilities of the cloud, this episode will provide actionable insights to help you safeguard your operations against the next big outage. Tune in to learn how to turn potential disaster into a roadmap for resilience.…

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

Listen to 500+ topics

Quick Reference Guide

Top Podcasts

The Bill Simmons Podcast

Comedy of the Week

How Did This Get Made?

Doug Loves Movies

TED Talks Daily

NBC Nightly News with Lester Holt

The World This Hour

Daily Boost Motivation and Coaching

This American Life

Sword and Scale

Help/FAQ | Upgrade | Advertise

Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion

Science|Soccer|Sports|Storytelling|Technology|True Crime

Copyright 2025 | Sitemap | Privacy Policy | Terms of Service | | Copyright

Listen to this show while you explore