I Know This Might Sound Crazy but Russia’s TA422 Blasted Lots of Exploits

Tis the season for understanding TA422’s latest activity AND for singing podcast guests! Today’s returning guest is Greg Lesnewich, Senior Threat Researcher at Proofpoint. He sheds light on the tactics, techniques, and procedures (TTPs) employed by TA422. The conversation touches on the significance of the high volumes observed starting in late summer, the exploitation of vulnerabilities for NTLM credential harvesting, and the brief usage of the WinRAR vulnerability. They touch upon the pot...