 |
ShadowTalk: Powered by ReliaQuestAuthor: ReliaQuest
Want to hear what industry experts really think about the cyber threats they face? ShadowTalk is a weekly cybersecurity podcast, made by practitioners for practitioners, featuring analytical insights on the latest cybersecurity news and threat research.Threat Intelligence Analyst Kim Bromley brings over 15 years of experience in threat intelligence across the public and private sectors. Kim and her guests provide practical perspectives on the weeks top cybersecurity news and share knowledge and best practices to help businesses mitigate the most pertinent cyber threats. With over 1,000 customers worldwide and 1,200 teammates across six global operating centers, ReliaQuest delivers security outcomes for the most trusted enterprise brands in the world. Learn more at www.reliaquest.com. Language: en Genres: News, Tech News, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it Trailer: |
Listen Now...
China-Linked Cyber Espionage: How OP-512 Exploited Legacy IIS Servers and Evaded Detection
Wednesday, 10 June, 2026
Your team built defenses around known China-linked clusters. The file hashes are tracked. The behavioral patterns are documented. What those weren't built to catch is a new cluster that studied those exact defenses and engineered around them. A China-linked attacker compromised an internet-facing IIS server, maintained access for over 75 days, and came back on fresh infrastructure.With four China-linked clusters converging on the same legacy IIS stack in twelve months, defenders building detection programs around yesterday's cluster are already behind the next one.Join hosts Alex and John as they discuss:How OP-512 engineered its tooling to evade defensesWhy killing a malicious process is incompleteWhat advantage cross-source correlation providesTwo questions your organization should be asking right now:When your detection sources each generate a separate low-confidence signal from the same host, does anything in your current workflow correlate those signals automatically?Do you have internet-facing IIS servers running end-of-life .NET in your environment, and does your vulnerability-management workflow prioritize correctly?Resources: https://linktr.ee/ReliaQuestShadowTalkAlexandra Moore: Manager of Threat Intelligence at ReliaQuest, where she leads intelligence analysis and customer dissemination to help organizations understand and respond to emerging cyber threats. Prior to this, she established and scaled monitoring across Russian-language cybercriminal platforms at Digital Shadows, building collection and analytical coverage to support digital risk protection capabilities.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.
