ShadowTalk: Powered by ReliaQuest
Want to hear what industry experts really think about the cyber threats they face? ShadowTalk is a weekly cybersecurity podcast, made by practitioners for practitioners, featuring analytical insights on the latest cybersecurity news and threat research.
Threat Intelligence Analyst John Dilgen brings extensive expertise in cyber threat intelligence and incident response, specializing in researching threats impacting ReliaQuest customers. John and his guests provide practical perspectives on the week’s top cybersecurity news and share knowledge and best practices to help businesses mitigate the most pertinent cyber threats.
With over 1,000 customers worldwide and 1,200 teammates across six global operating centers, ReliaQuest delivers security outcomes for the most trusted enterprise brands in the world. Learn more at www.reliaquest.com.
ShadowTalk: Powered by ReliaQuest
Latest Episodes
Klue, Kali365, OAuth: When the Front Door Is a Trusted Integration
In the Klue compromises threat actors walked in through a trusted integration, using legitimate credentials to quietly siphon Salesforce CRM data at scale. The challenge isn't just responding to Klue. It's recognizing that every OAuth-connected...
ShinyHunters' Expanding Toolkit: Oracle PeopleSoft Zero-Day Exploitation and the BreachForums Defense Gaps
ShinyHunters dominated headlines this week: a zero-day, a BreachForums listing, and unverified claims all hitting at once. The problem isn't just keeping up with the volume. It's knowing which of it is real, which is noise, and what your team a...
China-Linked Cyber Espionage: How OP-512 Exploited Legacy IIS Servers and Evaded Detection
Your team built defenses around known China-linked clusters. The file hashes are tracked. The behavioral patterns are documented. What those weren't built to catch is a new cluster that studied those exact defenses and engineered around them. A...
SonicWall, MFA Bypass, IABs: Why Patched Devices Are Still Handing Attackers Initial Access
Your team patches the device. The firmware version matches the advisory. The ticket closes. The device comes off the remediation queue. What your workflow never tracked is that the advisory also required six manual LDAP configuration steps — an...
Device Code, OAuth, PhaaS: How Session Token Theft is Breaking the Phishing Playbook
Your user clicked a link, landed on a real Microsoft login page, typed their password, completed MFA, and walked away thinking nothing happened. Somewhere across the internet, an attacker's device just received an authenticated session token. T...