Digital Shadows

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:How Handala wiped 200,000 devices by weaponizing a trusted platformWhy your organization doesn't need to be a direct target to be at riskHow AI-enhanced malware is helping attackers get fasterJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Brandon Tirado: Brandon Tirado is the Director of GreyMatter Operations for ReliaQuest. Brandon is a skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest custom

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Alex as they discuss:How a Chinese APT maintained access for over a yearWhy North Korean impersonation surged 116%Why attackers exploit the same foundational gapsJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Alexander Capraro: Alexander Capraro is a Cyber Threat Intelligence Analyst at ReliaQuest with over five years of experience in cybersecurity. With his prior experience as a Security Analyst, he specializes in incident response, malware campaign tracking, and OSINT investigations. 

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Tehman and John as they discuss:Why ransomware now prioritizes exfiltration over encryption How attackers can exfiltrate your data in just 6 minutesWhy proactive darkweb monitoring is criticalJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Tehman Tariq: Sr. Manager of Cyber Operations at ReliaQuest. He has spent a majority of my career leading our Incident Response, Security Architecture, and Detection teams. As well has working hand in hand with CISOs to introduce automation allowing for the maturity of their security programs.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:How attacker breakout times dropped to as little as 4 minutes Why ClickFix surged 200%Why behavioral detection is criticalJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Brandon Tirado: Director of Threat Research for ReliaQuest. A skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical and strategic viewpoints.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Tehman as they discuss:What attackers prefer over custom malwareHow signature-based detection failsProactive governance vs. reactive triageJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Tehman Tariq: Sr. Manager of Cyber Operations at ReliaQuest. He has spent a majority of my career leading our Incident Response, Security Architecture, and Detection teams. As well has working hand in hand with CISOs to introduce automation allowing for the maturity of their security programs.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:Why extortion payment rates are the lowest everOrganizations paying ransomware but refusing data extortion demandsWhy defenders need both visibility and speedJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Brandon Tirado: Director of Threat Research for ReliaQuest. A skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:Why traditional patch cycles can't beat attackers exploiting vulnerabilities in 24 hoursThe shift from reactive patching to predictive intelligence using EPSS and CISA KEVHow to defend against zero-days when patching isn't an optionJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Brandon Tirado: Director of Threat Research for ReliaQuest. A skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts John and Tehman as they discuss:Why phishing emails are no longer the top malware delivery methodEmerging social engineering tactics: vishing, copy and paste abuse, and software impersonationHow campaigns have evolved from Black Basta to ShinyHuntersJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Tehman Tariq: Sr. Manager of Cyber Operations at ReliaQuest. He has spent a majority of my career leading our Incident Response, Security Architecture, and Detection teams. As well has working hand in hand with CISOs to introduce automation allowing for the maturity of their security programs.

Resources: https://linktr.ee/ReliaQuestShadowTalkJohn and Tehman as they discuss:How AI is enabling large-scale, high-speed attacksNation-states weaponizing AI for attack automationThe rise of sophisticated AI-generated malwareJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Tehman Tariq: Sr. Manager of Cyber Operations at ReliaQuest. He has spent a majority of my career leading our Incident Response, Security Architecture, and Detection teams. As well has working hand in hand with CISOs to introduce automation allowing for the maturity of their security programs.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and John as they discuss:How supply-chain attacks evolvedCampaigns targeting NPM package maintainersActionable defense strategiesBrandon Tirado: Director of Threat Research for ReliaQuest. A skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical and strategic viewpoints.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin hosts Brandon and Tehman as they discuss:The resurgence of LockBit 5.0 and its December 2025 surge in named organizationsHow top ransomware groups like Qilin, Akira, and Clop dominated in 2025.Actionable defense strategies for organizations to proactively combat ransomware in 2026Brandon Tirado: Director of Threat Research for ReliaQuest. Brandon is a skilled cyber defense professional with a unique combination of management and hands-on experience. With a deep understanding of adversary motives and the tactics, techniques, and procedures (TTPs) they use to achieve their goals, Brandon enjoys operationalizing his knowledge to make it more difficult for adversaries to operate within the environments of ReliaQuest customers. His managerial and hands-on experience enriches ShadowTalk with practical and strategic viewpoints.Tehman Tariq: Sr. Manager of Cyber Operations at ReliaQuest. He has spent a majority of my career leading our Incident Response, Security

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host John and intelligence analyst Ivan as they discuss:React2Shell Exploits Flood the Internet as Attacks Continue (1:06)ClickFix Style Attack Leveraging Grok and ChatGPT for Malware Delivery (7:39)New ConsentFix Attack Hijacking Microsoft Accounts via Azure CLI (13:50)Holiday Season Attack Risks: Phishing, Ransomware, and Defense Recommendations (18:22)John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Ivan Righi: Threat Intelligence Analyst at ReliaQuest, specializing in technical cyber threat research. Since joining ReliaQuest in June 2019, Ivan has focused on data breach investigations, automations, threat actor profiling, and reverse engineering threat campaigns. He holds a Master of Science degree in Cybersecurity and a GIAC Reverse Engineering

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host John along with systems security engineer Corey and intelligence analyst Hayden as they discuss:Chinese Threat Groups Exploiting the React2Shell Vulnerability (1:18)CISA Issues Alert on Persistent Brickstorm Backdoor Attacks (9:05)ShadyPanda Hackers Turn Millions of Browsers into Weapons (13:36)Storm-0249’s Shift to Targeted EDR Exploitation (20:09)John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Corey Carter: Systems Security Engineer at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a detection researcher, security analyst, and threat hunter at ReliaQuest, combined with his military backg

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host John and intelligence analysts Alex and Hayden as they discuss:Scattered Lapsus$ Hunters Targeting Zendesk (1:14)Microsoft Teams Guest Access Phishing Bypass (3:37)Dark AI Tools Enhancing Threat Actors (6:08)Silver Fox’s Campaign: Chinese APT Spotlight (10:05)John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Alexander Capraro: Cyber Threat Intelligence Analyst at ReliaQuest with over five years of experience in cybersecurity. With his prior experience as a Security Analyst, he specializes in incident response, malware campaign tracking, and OSINT investigations. Hayden Evans: Cyber Threat Intelligence Analyst at ReliaQuest. He has experience in the F3EAD lifecycle and analyzing adversaries' TTPs to operationalize this information. He is also

Resources: https://linktr.ee/ReliaQuestShadowTalkDo you really need predictions to tackle cyber threats? Join host Kim along with intelligence analyst John & special guest CISO Rafal Baran as they discuss:New NPM Supply Chain Threat (1:13)China Manipulates AI for Initial Access (4:46)Cloud Gaps Bring IoT Takeover (7:29)2026 Cyber-Threat Predictions (10:57)Rafal Baran: IT security leader and CISO in the global reinsurance space. He focuses on building practical security and privacy programs across multiple jurisdictions, with an emphasis on cloud security and incident readiness. He advises senior leadership on emerging risks and resilience and holds boardroom certification as a Qualified Technology Expert, along with multiple credentials spanning cybersecurity, privacy, and the re/insurance domains. Outside his role, he mentors upcoming security professionals and contributes to the broader cyber community. Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joi

Resources: https://linktr.ee/ReliaQuestShadowTalkJoin host Kim, intelligence analyst John, and threat hunter Tristan as they discuss:Fortinet Flaw Enables Admin TakeoverAkira Ransomware Targets Nutanix VMsSmart Redirects Evade Phishing DetectionThreat Hunter Hacks: SEO Hits HardListen on @Listennotes: https://lnns.co/mgbyVjXv7p6Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Tristan Luikey: Threat Hunter at ReliaQuest, specializing in responding to and mitigating active breaches to

Resources: https://linktr.ee/ReliaQuestShadowTalkWondering why Gootloader is suddenly back in action? Join host Kim along with intelligence analyst Hayden & Systems Security Engineer Corey as they discuss:Gootloader Returns Using SEO Poisoning (1:27)New Android Spyware LANDFALL (6:33)Curly COMrades Hide in Windows Using Linux VMs (10:57)Sector-by-Sector Cyber Trends Q3 2025 (15:20)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.Corey Carter: Detection Researcher at ReliaQuest. A Florida native and former infantryman in the United States Marines, Corey holds a bachelor's degree in computer science with a specialization in information assurance. His experience as a Security Analyst and Threat Hunter at ReliaQuest, combined with h

Resources: https://linktr.ee/ReliaQuestShadowTalkDid you know 99% of cloud identities are over-privileged, creating the perfect storm for attackers to seamlessly infiltrate your environment? Join host Kim along with intelligence analysts John & Alex as they discuss: Chinese Nation-State Campaigns and Geopolitics (1:12)Malicious NPM Packages (7:20)TruffleNet Attacks on AWS (10:53)The Danger of Over-Privileged Cloud Identities (15:36)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest

Resources: https://linktr.ee/ReliaQuestShadowTalkPicture this: You close a $50M acquisition on Friday and by Monday, attackers are in your network. Sound far-fetched? It's not. Join host Kim along with intelligence analyst John & Threat Hunter Leo as they discuss:Attackers Exploit WSUS Flaw (1:15)Qilin Deploys Cross-Platform Attacks (4:21)Lazarus Group Reignites Operation DreamJob (9:05)Threat Hunter Hacks: Active Cyber Threats in M&A (15:19)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Tr

Resources: https://linktr.ee/ReliaQuestShadowTalkWondering what makes ransomware operations successful? Join host Kim along with intelligence analyst John & former FBI Special Agent Keith Mularski as they discuss:Year-Long F5 Breach (2:42)North Korean Attacker Adopts EtherHiding (7:53)Phishing Attacks Target LastPass (12:11)Fighting Ransomware Automation: A CISO's Guide (17:19)Kim Bromley: Senior Cyber Threat Intelligence Analyst on the ReliaQuest Threat Research Team. She joined ReliaQuest in June 2020 following a 10-year career in UK law enforcement, and has acted as host since 2024.  Kim brings a wealth of experience in threat intelligence and law enforcement tactics, providing unique insights.John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.Keith Mularski is the Chief Global Ambassador at Q