Weekly: Mozi arrest, Fortinet credentials, and Splunk PowerShell Release

ShadowTalk hosts Sean, Rick, Ivan, and Austin bring you the latest in threat intelligence. This week they cover:* Mozi botnet operators arrested in China, >1.5M devices since 2019* Groove gang releases creds of comp’d Fortinet appliances, ~500k * Splunk releases new PowerShell analytics for threat hunters, includes support for SOAR responsesGet this week's Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10th-september***Resources from this week’s podcast***Microsoft Advisory https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444 CISA Advisoryhttps://twitter.com/USCERT_gov/status/1435342618704191491 [Blog] Splunk’s PowerShell Analytics https://www.splunk.com/en_us/blog/security/powershell-detections-threat-research-release-august-2021.html [Digital Shadows Blogs]The Neverending Ransomware Storyhttps://www.digitalshadows.com/blog-and-research/the-never-ending-ransomware-story/ Preventing Ransomwarehttps://www.digitalshadows.com/blog-and-research/preventing-ransomware-preventing-the-300-at-thermopylae/ Ransomware and Threat Intelhttps://www.digitalshadows.com/blog-and-research/protecting-against-ransomware-what-role-does-threat-intelligence-play/ What We’re Reading this Month https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-august-2021/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - shadowtalk@digitalshadows.com- if you have any questions, comments, or suggestions for the next episodes.