- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
Vanilla Tempest: The Threat Actor Behind Recent Hospital Ransomware Attacks
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Anna and Keivan to discuss two prominent threat actors: Vanilla Tempest and Peach Sandstorm.\xa0\n\nVanilla Tempest, a financially motivated cybercrime group, has been involved in recent ransomware attacks on U.S. hospitals, utilizing various ransomware payloads such as Ink. They are known for using tools like PowerShell scripts and Goot Loader to exfiltrate data and extort victims. Peach Sandstorm, an Iranian nation-state threat actor, focuses on cyber espionage and intelligence collection. They have targeted various sectors, including energy, defense, and critical infrastructure, and have shown increasing sophistication in their attacks. Later, Sherrod speaks with Colton Bremer, a senior security researcher at Microsoft, about his work on the Defender Experts (DEX) team. Colton explains the different tiers of DEX services, which focus on detecting and mitigating advanced threats that may bypass traditional security measures.\xa0\n\n\nIn this episode you\u2019ll learn:\xa0\xa0\xa0\xa0\xa0\xa0\n\nA backdoor called Tickler that uses Azure infrastructure for command and control\xa0\n\nThe significance of these groups' tactics and maintaining ransomware resiliency\xa0\n\nThe different tiers of DEX services detecting and mitigating advanced threats\xa0\n\n\xa0\n\nSome questions we ask:\xa0\xa0\xa0\xa0\n\nHow does Vanilla Tempest typically execute their attacks?\xa0\n\nHas Peach Sandstorm evolved over time in their cyber espionage efforts?\xa0\n\nWhat can individuals or organizations do to mitigate cloud identity abuse?\xa0\n\n\xa0\n\nResources:\xa0\xa0\nView Colton Bremer on LinkedIn\xa0\xa0\nView Sherrod DeGrippo on LinkedIn\xa0\xa0\n\xa0\n\nRelated Microsoft Podcasts:\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\n\n\nAfternoon Cyber Tea with Ann Johnson\xa0\n\n\nThe BlueHat Podcast\xa0\n\n\nUncovering Hidden Risks\xa0\xa0\xa0\xa0\xa0\n\n\xa0\nDiscover and follow other Microsoft podcasts at microsoft.com/podcasts\xa0\xa0\n\xa0\nGet the latest threat intelligence insights and guidance at Microsoft Security Insider\xa0\n\xa0\n\xa0\nThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.