ShadowTalk: Powered by ReliaQuest
Want to hear what industry experts really think about the cyber threats they face? ShadowTalk is a weekly cybersecurity podcast, made by practitioners for practitioners, featuring analytical insights on the latest cybersecurity news and threat research.
Threat Intelligence Analyst John Dilgen brings extensive expertise in cyber threat intelligence and incident response, specializing in researching threats impacting ReliaQuest customers. John and his guests provide practical perspectives on the week’s top cybersecurity news and share knowledge and best practices to help businesses mitigate the most pertinent cyber threats.
With over 1,000 customers worldwide and 1,200 teammates across six global operating centers, ReliaQuest delivers security outcomes for the most trusted enterprise brands in the world. Learn more at www.reliaquest.com.
Episodes
473 episodes
Canvas, Trellix, Mini Shai-Hulud: How Defenders Respond When Supply Chain Attacks Become Weekly
What's driving the surge in weekly supply chain attacks, and why does the real defender problem start after the supplier gets hit? With 275 million records exposed and 8,809 institutions caught in the downstream fallout, organizations ...
Akira, ShinyHunters, and The Gentlemen: Extortion Lessons From Early 2026
What factors have driven the top ransomware and extortion groups' success in early 2026? And how should organizations structure their defenses to protect against them?Join hosts Alexandra and John as they discuss:How Akira is...
What Happened to Black Basta's Playbook? The Automated Teams Phishing Threat Hitting Executives
Black Basta disbanded in February 2025, but their playbook didn't go with them. In March 2026, 77% of observed incidents targeted executives and directors, and attackers moved from first contact to malicious script execution in as little as 12 ...
Did ShinyHunters Compromise Vercel? Every CISO's Cloud Security Visibility Problem
89% of organizations that suffered a SaaS breach last year believed they had appropriate visibility. They had the logs — what they lacked was detection on what mattered. The Vercel incident shows exactly how costly that gap can be. ...
What Claude Mythos Means for Organizations
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Alex, alongside special guest and ReliaQuest CTO Joe Partlow, as they discuss:How Claude Mythos ...
Axios and Trivy — Supply Chain Gaps Organizations Must Fix
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Tehman as they break down two of the most consequential supply chain attacks of 2026:How DPRK ac...
Faster, Smarter, and Already Escalated — What It Takes to Defend Against the Modern Threat Landscape
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Alexandra and John, live from Exponent 2026, alongside top security leaders as they discuss:How organizat...
The Invisible Attack Surface: Iran-Aligned Threat Actors and Corporate Blind Spots
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:How Handala wiped 200,000 devices by weaponizing a trusted platformWhy...
The 2026 Annual Threat Report Breakdown, Part 3: The Long Game — Nation-State Threats & What's Coming in 2026
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Alex as they discuss:How a Chinese APT maintained access for over a yearWhy North Korean imper...
The 2026 Annual Threat Report Breakdown, Part 2 — Once They're In: Post-Compromise Tactics, Ransomware & Exfiltration
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Tehman and John as they discuss:Why ransomware now prioritizes exfiltration over encryption How at...
The 2026 Annual Threat Report Breakdown, Part 1 — How AI Contributes to Attacker Speed, and the Malware That's Winning
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:How attacker breakout times dropped to as little as 4 minutes Why...
Malware Isn't Required—How Ransomware Groups Turn Legitimate RMMs Into a Weapon
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Tehman as they discuss:What attackers prefer over custom malwareHow signature-based detection ...
Ransomware vs. Exfiltration-Only—The Extortion Model Showdown
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:Why extortion payment rates are the lowest everOrganizations paying ra...
Patch Management Is Losing—The Case for Predictive Vulnerability Defense
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:Why traditional patch cycles can't beat attackers exploiting vulnerabilities in...
Beyond Phishing Emails—Social Engineering Drives Initial Access
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Tehman as they discuss:Why phishing emails are no longer the top malware delivery methodEmergi...
Malicious AI—The New Face of Cyber Threats
Resources: https://linktr.ee/ReliaQuestShadowTalkJohn and Tehman as they discuss:How AI is enabling large-scale, high-speed attacksNation-states weaponizing AI for...
Maintainer Compromise: The Next Supply-Chain Attack Vector in 2026
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:How supply-chain attacks evolvedCampaigns targeting NPM package mainta...
Kicking Off 2026 with Ransomware Insights and Defense Strategies
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and Tehman as they discuss:The resurgence of LockBit 5.0 and its December 2025 surge in named organizati...
React2Shell Attacks Evolve, ClickFix Attacks, and Holiday Season Threats
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host John and intelligence analyst Ivan as they discuss:React2Shell Exploits Flood the Internet as Attacks Continue (1...
React2Shell Exploits, CISA’s Brickstorm Warning, ShadyPanda’s Browser Weaponization
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host John along with systems security engineer Corey and intelligence analyst Hayden as they discuss:Chinese Threat Gr...
Scattered Lapsus$ Hunters, SilverFox's ValleyRat Campaign, and More
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host John and intelligence analysts Alex and Hayden as they discuss:Scattered Lapsus$ Hunters Targeting Zendesk (1:14)...
Are Cyber Predictions Worth It? Plus Chinese AI Attacks, IoT Takeovers
Resources: https://linktr.ee/ReliaQuestShadowTalkDo you really need predictions to tackle cyber threats? Join host Kim along with intelligence analyst John & special guest CISO Raf...
Fortinet Flaw Exposed and Exploited! Plus, Threat Hunter Hacks: SEO Hits Hard
Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim, intelligence analyst John, and threat hunter Tristan as they discuss:Fortinet Flaw Enables Admin Takeover
Gootloader's Return, LANDFALL Android Spyware, Sector-by-Sector Cyber Trends
Resources: https://linktr.ee/ReliaQuestShadowTalkWondering why Gootloader is suddenly back in action? Join host Kim along with intelligence analyst Hayden & Systems Security Engine...
Why Cloud Threats Are Escalating: Identity Risks, Automation Flaws, and Legacy Vulnerabilities, Plus the Latest on Chinese APT Campaigns and NPM Package Abuse
Resources: https://linktr.ee/ReliaQuestShadowTalkDid you know 99% of cloud identities are over-privileged, creating the perfect storm for attackers to seamlessly infiltrate your enviro...