logo
episode-header-image
Aug 16
1h 13m

Exploring the Ransomware Ecosystem with ...

Jim Love
About this episode

In this episode of 'Cybersecurity Today,' the host welcomes Tammy Harper from Flair.io for an in-depth exploration into the ransomware ecosystem. Tammy, a seasoned threat intelligence researcher and certified dark web investigator, shines a light on the complex world of ransomware, its history, business models, and the various threat actor groups involved. The discussion covers initial access brokers, notable ransomware groups like Conti and LockBit, and modern shifts in the ransomware landscape fueled by AI and affiliate models. This episode offers a comprehensive guide for understanding how ransomware operates and the tactics used by cybercriminals, making it a must-watch for anyone interested in cybersecurity.

00:00 Introduction 
00:50 Meet Tammy Harper: Expert in Ransomware
01:59 Understanding the Ransomware Ecosystem
03:26 Ransomware Business Models and Initial Access Brokers
06:39 Double and Triple Extortion Explained
10:50 The Evolution of Ransomware
15:43 The Role of Cryptocurrency in Ransomware
19:22 The Rise and Fall of Conti
25:56 Tools of the Trade: EMOTET, ICEDID, and TrickBot
33:35 LockBit and the Ransomware Cartel
36:37 The National Hazard Agency and Ba Lord
38:13 LockBit Training Materials
40:23 Ransomware Negotiations
40:54 Ransom Chat Project
41:58 Conti vs. LockBit Negotiation Tactics
47:30 Modern Ransomware Groups
51:18 Medusa and Other Emerging Groups
01:04:52 Initial Access Market
01:09:41 Conclusion and Final Thoughts

 

Up next
Today
Teenage Ransomware Arrest In Day Care Ransom
Cybersecurity Today: Teenage Ransomware Arrests, GoAnywhere Critical Flaw, and Google AI Vulnerability In this episode of Cybersecurity Today, hosted by Jim Love, two teenagers were arrested in London for a ransomware attack on Kiddo International preschools, involving child data ... Show More
7m 3s
Oct 8
AI Tools Lead Corporate Data
North Korean Hackers Target Crypto Wealth, LinkedIn Fights Data Scraping, and AI Tools Leak Corporate Data In this episode of Cybersecurity Today, host Jim Love covers the latest cybersecurity headlines including North Korean hackers targeting wealthy crypto investors, LinkedIn s ... Show More
8m 20s
Oct 6
Sora 2 Unveiled To Mixed Reviews
Emerging AI, Google Updates, and Falling Satellites: A Tech Rundown In this episode of hashtag Trending, host Jim Love discusses the latest developments in AI and tech. Open AI's new app Sora 2 promises revolutionary video generation capabilities, but early reviews are mixed with ... Show More
9m 51s
Recommended Episodes
Jul 2023
New phishing campaigns hit Microsoft 365 and Adobe users. Big Head ransomware. Multichain bridge compromised. CISA adds a KEV. Progress patches MOVEit. Telegram's role in Russia's war.
New phishing campaigns afflict users of Microsoft 365 and Adobe. An analysis of Big Head ransomware. Multichain reports a crypto heist with over $100 million stolen. CISA makes an addition to the Known Exploited Vulnerability Catalog. Progress Software issues additional MOVEit pa ... Show More
31m 15s
Aug 27
LIVE From Rare Evo: Crypto Wendy on Protecting Your Wealth in Crypto
Wendy O, cryptocurrency analyst and host of The O Show, discusses how one careless click can jeopardize your financial security. She shares practical advice for starting your journey in crypto, earning BAT, and protecting your wealth from digital risks. Key Takeaways: The critica ... Show More
18m 34s
Feb 2025
PAN-ic mode: The race to secure PAN-OS.
Palo Alto Networks confirms a recently patched firewall vulnerability is being actively exploited. CISA warns of an actively exploited iOS vulnerability. Juniper Networks has issued a critical security advisory for an API authentication bypass vulnerability. The acting commission ... Show More
35m 23s
Aug 2024
Cyber revolt or just digital ruckus?
Hacktivists respond to the arrest of Telegram’s CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth zero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A ... Show More
31m 20s
Dec 2024
Watching the watchers. IoT vulnerabilities exposed by AI. [Research Saturday]
This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected ... Show More
21m 15s
Apr 2025
Lights out, lines down.
A massive power outage strikes the Iberian Peninsula. Iran says it repelled a “widespread and complex” cyberattack targeting national infrastructure. Researchers find hundreds of SAP NetWeaver systems vulnerable to a critical zero-day. A British retailer tells warehouse workers t ... Show More
30m 38s
Sep 2024
U.S. rains on Russia’s fake news parade.
The DOJ disrupts Russia’s Doppelganger. NSA boasts over 1,000 public and private partners. The FBI warns of North Korean operatives launching “complex and elaborate” social engineering attacks. Iran pays the ransom to sure up their banking system. Cisco has disclosed two critical ... Show More
30m 22s
Aug 24
3397: From Wallets to Agents: The Next Chapter for Magic Labs
In this episode of Tech Talks Daily, Neil sits down with Sean Li, co-founder and CEO of Magic Labs, to explore the intersection of crypto wallets, artificial intelligence, and the future of autonomous finance. Sean shares how Magic Labs has already onboarded over 50 million crypt ... Show More
40m 24s
May 2025
Cybercrime Magazine Update: Small Business Alert. Top 10 Most Common Social Engineering Attacks.
Tech Bullion has highlighted the top 10 most common social engineering attacks that small businesses should know, including phishing emails and spear phishing. In this episode, host Paul John Spaulding is joined by Steve Morgan, Founder of Cybersecurity Ventures and Editor-in-Chi ... Show More
4m 20s
Aug 2021
The T-Mobile hacker speaks (we think). SparklingGoblin enters the cyberespionage ring. Is someone stealing data to train AI? Cellebrite’s availability. Ragnarok ransomware says it’s going out of busin
A young man claiming responsibility for the T-Mobile breach talks to the Wall Street Journal. A new cyberespionage group, “SparklingGoblin,” seems particularly interested in educational institutions, especially in Southeast and East Asia. Are governments training AI with stolen d ... Show More
30m 14s
Listen to millions of songs and podcasts on Anghami