Adversary Universe Podcast

• Where AI Fits in the Adversary’s Toolbox

  Would you rather have an adversary profile you based on your AI chat history or tell your AI chatbot to forget everything it knows about you? That’s one of many questions Adam and Cristian explore in this episode on how adversaries are integrating AI into cyberattacks. These days, it seems AI is everywhere — and that includes the adversary’s toolbox. Adam and Cristian describe multiple forms of malware that use AI in different ways, from identifying text in photos to writing code. And while these attacks still require humans to stitch all the pieces together, there is a growing concern that adversaries will continue to improve. Tune in to learn how adversaries are baking AI into their tools, and about Adam’s latest adventures in baking bread, in this episode of the Adversary Universe podcast. 

  --------  

  20:31
• Catching Up on Cloud Attack Paths with Cloud Threat Specialist Sebastian Walla

  Today’s adversaries are increasingly operating in the cloud — and Sebastian Walla, Deputy Manager of Emerging Threats at CrowdStrike, is watching them. In this episode, he joins Adam and Cristian to dive into the latest cloud attack techniques and the adversaries behind them. So, who are they? SCATTERED SPIDER and LABYRINTH CHOLLIMA are two of the threat actors targeting and navigating cloud environments, but they have distinct methods of doing so. This conversation explores the different ways they slip into organizations undetected, some of the tools they rely on, and how they operate under the radar. It also touches on the future of cloud threat activity and AI’s influence on how these attacks are evolving. Of course, no Adversary Universe episode is complete without guidance. Adam, Cristian, and Sebastian share best practices for protecting enterprise cloud environments from these threats as adversaries continue to take aim.

  --------  

  28:53
• Inside the CrowdStrike 2025 Latin America Threat Landscape Report

  Latin America has become a hotspot for cyber activity. Threat actors around the world, particularly eCriminals, are targeting organizations operating in Central and South America, Mexico, and the Caribbean. Latin America-based cybercriminals are emerging as well.   The CrowdStrike 2025 Latin America Threat Landscape Report provides key insights into this activity. In its pages, the CrowdStrike Counter Adversary Operations team details the eCrime, targeted intrusions, hacktivist disruptions, and cyber espionage targeting organizations that operate in Latin America. And in this episode of the Adversary Universe podcast, Adam and Cristian give listeners a snapshot of the key findings. These include:   A 15% increase in Latin America-based victims named on data extortion and ransomware leak sites in 2024 Over one billion credentials leaked from Latin American organizations last year The evolving presence of eCriminals such as OCULAR SPIDER The activity of nation-state adversaries such as LIMINAL PANDA and VIXEN PANDA, both linked to China   Tune in to learn how this report came to be and understand some of the critical trends shaping the Latin America threat landscape. And of course, check out the report to learn all the details.   Links: Read the CrowdStrike 2025 Latin America Threat Landscape Report: https://www.crowdstrike.com/en-us/resources/reports/latam-threat-landscape-report/   Listen to our full episode on OCULAR SPIDER, referenced in this episode: https://open.spotify.com/episode/3gJMkVKuSfKhqSAHwMb7NX?si=cf2e453ebc0843a5   🎧 Spotify: https://open.spotify.com/show/1ZYDiiBuJvTx7YsvuCenEZ   🎧 Apple Podcasts: https://podcasts.apple.com/us/podcast/adversary-universe-podcast/id1694819239   🎧 Our site: https://lnkd.in/etSAySBb

  --------  

  20:49
• OCULAR SPIDER and the Rise of Ransomware-as-a-Service

  Ransomware has become more difficult for organizations to defend against, but easier for adversaries to deploy. The rise of ransomware-as-a-service (RaaS) — a model in which ransomware operators write the malware and affiliates pay to launch it — has lowered the barrier to entry so threat actors of all skill levels can participate and profit.   OCULAR SPIDER is one such operator. This adversary, newly named by CrowdStrike, is associated with the development of ransomware variants including Cyclops, Knight, and RansomHub. They targeted hundreds of named victims between February 2024 and March 2025, according to CrowdStrike intelligence, and they focus on industries such as professional services, technology, healthcare, and manufacturing in regions including the United States, Canada, Brazil, and some European countries.   But OCULAR SPIDER is one of many operators in the ransomware space. Adam and Cristian take listeners back to the early days of ransomware and track its evolution, variants, and key players from the mid-2010s through the launch of RansomHub in 2024. They explain how RaaS works, why it appeals to adversaries and complicates attribution, and how defenders can prepare to face today’s ransomware threats.   Come for an update on Adam’s adventures in bread-making; stay for a deep-dive into the RaaS evolution and the threat actors driving it.

  --------  

  29:09
• Meet LUNAR SPIDER: The Inner Workings of an eCrime Adversary

  To anticipate threat actors’ behavior, we must understand them. That’s why CrowdStrike closely tracks the evolution and activity of 257 named adversaries, including the eCrime actor LUNAR SPIDER. “They almost behave like a startup; they’re constantly testing and innovating and developing what they’re doing,” Adam says of the group. “It’s an interesting paradigm when you think about how these eCrime actors operate.” In this episode, Adam and Cristian take a deep dive into the inner workings of LUNAR SPIDER, discussing their role in the complex eCrime ecosystem, their collaboration with other adversaries, and the evolution of their techniques, including changes to the BokBot/IcedID malware over time and their eventual transition to the Lotus loader. Tune in to learn what defenders should know about this threat actor’s behavior and how to defend against their evolving activity. Learn more about the eCrime ecosystem in this infographic.

  --------  

  23:44

More Technology podcasts

Trending Technology podcasts

About Adversary Universe Podcast