BROADCASTS.com

In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo discusses North Korean threat actors with one of our Microsoft Threat Intelligence researchers and Greg Schloemer focusing on two prominent groups: Onyx Sleet and Storm 0530. Onyx Sleet is a long-standing espionage group known for targeting defense and energy sectors, particularly in the U.S. and India. However, they\u2019ve diversified into ransomware, using tactics like malware downloaders, zero-day vulnerabilities, and a remote access Trojan called D-Track. The conversation also touches on the use of fake certificates and the group's involvement in the software supply chain space.\xa0\n\xa0\n\nIn this episode you\u2019ll learn:\xa0\xa0\xa0\xa0\xa0\xa0\n\nThe relationship between Onyx Sleet and Storm 0530\xa0\n\nNorth Korea's broader strategy of using cyber-attacks and moonlighting activities\xa0\n\nSurprising nature of recent attack chains involving vulnerability in the Chromium engine\xa0\n\n\xa0\n\nSome questions we ask:\xa0\xa0\xa0\xa0\xa0\n\nDoes Onyx Sleet engage in cryptocurrency activities as well as traditional espionage?\xa0\n\nHow does the use of a fake Tableau software certificate fit into Onyx Sleet's attack chain?\xa0\n\nWhere does the name "Holy Ghost" come from, and why did they choose it?\xa0\n\n\xa0\n\nResources:\xa0\xa0\nView Greg Schloemer on LinkedIn\xa0\xa0\nView Sherrod DeGrippo on LinkedIn\xa0\xa0\n\xa0\n\nRelated Microsoft Podcasts:\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\n\n\nAfternoon Cyber Tea with Ann Johnson\xa0\n\n\nThe BlueHat Podcast\xa0\n\n\nUncovering Hidden Risks\xa0\xa0\xa0\xa0\xa0\n\n\nDiscover and follow other Microsoft podcasts at microsoft.com/podcasts\xa0\xa0\n\xa0\nGet the latest threat intelligence insights and guidance at Microsoft Security Insider\xa0\n\xa0\n\xa0\nThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.