Malspace Podcast By Julien cover art

Malspace

Malspace

By: Julien
Listen for free

About this listen

A Cyber Security Podcast, focussed on Threat Research and the interesting people behind it.Julien
Episodes
  • Operation Crimson Palace
    Dec 8 2024

    On this episode, Mark Parsons, Senior Threat Hunter at Sophos MDR, discusses his team's investigation into Operation Crimson Palace, which uncovered Chinese state-sponsored cyberespionage targeting a Southeast Asian government. Mark explains how they identified three distinct clusters of activity using advanced malware and evasion techniques, including previously unreported tools like CCoreDoor and PocoProxy.


    Show Notes

    • ​Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government
    • ​Surfacing a Hydra: Unveiling a Multi-Headed Chinese State-Sponsored Campaign Against a Foreign Government
    • ​Crimson Palace returns: New Tools, Tactics, and Targets


    Show more Show less
    43 mins
  • Doppelgänger
    Nov 10 2024

    In this episode of Malspace, Pierre Delcher, Head of Cyber Threat Research at HarfangLab, discusses the alarming rise of Russian disinformation campaigns targeting European and US media. We explore how cloned websites of outlets like Der Spiegel, Le Monde, and The Washington Post are being used to spread fake news, manipulating public opinion. Pierre sheds light on the techniques behind these operations and the role European companies play in keeping them online.


    Show Notes

    • EU Disinfo Lab on Doppelgänger
    • Qurium - Under the hood of a Doppelgänger
    • Correctiv - How Russia uses EU companies for its propaganda
    • BayLfV report (German)
    • Mid-year Doppelgänger information operations in Europe and the US
    Show more Show less
    50 mins
  • The Darkside of TheMoon
    Oct 7 2024

    On this episode, Chris Formosa and Steve Rudd of Lumen’s Black Lotus Labs share their research on a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of TheMoon malware. TheMoon, which emerged in 2014, has been operating quietly, while growing to over 40,000 bots from 88 countries in January and February of 2024.


    Show Notes

    • Darkside of TheMoon Blog Article
    • Giving a Face to the Malware Proxy Service Faceless
    • IOCs on Github
    • BSides Las Vegas Talk



    Show more Show less
    34 mins
No reviews yet