ShadowTalk: Powered by ReliaQuest

ShadowTalk: Powered by ReliaQuest

Want to hear what industry experts really think about the cyber threats they face? ShadowTalk is a weekly cybersecurity podcast, made by practitioners for practitioners, featuring analytical insights on the latest cybersecurity news and threat research. Threat Intelligence Analyst John Dilgen brings extensive expertise in cyber threat intelligence and incident response, specializing in researching threats impacting ReliaQuest customers. John and his guests provide practical perspectives on the week’s top cybersecurity news and share knowledge and best practices to help businesses mitigate the most pertinent cyber threats. With over 1,000 customers worldwide and 1,200 teammates across six global operating centers, ReliaQuest delivers security outcomes for the most trusted enterprise brands in the world. Learn more at www.reliaquest.com.

Episodes

July 1, 2026 25 mins

AI is not replacing threat actors, instead it is making them faster, cheaper, and harder to stop. From AI powered phishing campaigns generating thousands of pages simultaneously, to a newly discovered macOS implant called Gaslight that injects fabricated system error messages into AI powered triage pipelines, the arms race between attackers and defenders is accelerating. The question is not whether AI is being used against your org...

Listen
Watch
Mark as Played

In the Klue compromises threat actors walked in through a trusted integration, using legitimate credentials to quietly siphon Salesforce CRM data at scale. The challenge isn't just responding to Klue. It's recognizing that every OAuth-connected integration in your environment is part of your attack surface.

Join hosts Alexandra and John as they discuss:

  • How compromised Klue integrations were leveraged to exfiltrate Salesforce CRM...
Listen
Watch
Mark as Played

ShinyHunters dominated headlines this week: a zero-day, a BreachForums listing, and unverified claims all hitting at once. The problem isn't just keeping up with the volume. It's knowing which of it is real, which is noise, and what your team actually needs to act on.

Join hosts Tehman and John as they discuss:

  • ShinyHunters zero-day exploitation of CVE-2026-35273
  • Why a BreachForums listing extends the threat well beyond the initia...
Listen
Watch
Mark as Played

Your team built defenses around known China-linked clusters. The file hashes are tracked. The behavioral patterns are documented. What those weren't built to catch is a new cluster that studied those exact defenses and engineered around them. A China-linked attacker compromised an internet-facing IIS server, maintained access for over 75 days, and came back on fresh infrastructure.

With four China-linked clusters converging on the s...

Listen
Watch
Mark as Played

Your team patches the device. The firmware version matches the advisory. The ticket closes. The device comes off the remediation queue. What your workflow never tracked is that the advisory also required six manual LDAP configuration steps — and without them, the authentication bypass still works. An initial access broker authenticated through the VPN, reached a domain-joined file server, and was gone in under 40 minutes. You...

Listen
Watch
Mark as Played

Your user clicked a link, landed on a real Microsoft login page, typed their password, completed MFA, and walked away thinking nothing happened. Somewhere across the internet, an attacker's device just received an authenticated session token. The password is irrelevant. The MFA prompt already fired and passed. With PhaaS platforms now converging on token-theft tradecraft and post-compromise automation executing in seconds, defender...

Listen
Watch
Mark as Played

What happens when an AI agent uncovers a zero-day in hours instead of weeks, and state-backed groups are already operationalizing the same tools? With self-hosted AI infrastructure sprawling outside asset registers and supply chain worms reaching inside AI vendors themselves, defenders need a new operating model.

Join hosts Tehman and John as they discuss: 

  • How an AI agent surfaced a memory-safety zero-day in SQLite
  • How Mini ...
Listen
Watch
Mark as Played

What's driving the surge in weekly supply chain attacks, and why does the real defender problem start after the supplier gets hit? With 275 million records exposed and 8,809 institutions caught in the downstream fallout, organizations need a new playbook.

Join hosts Alexandra and John as they discuss:

  • How ShinyHunters abused admin sessions
  • RansomHouse's hypervisor-focused automation
  • How Mini Shai-Hulud compromised 170+ npm packages
  • ...

Listen
Watch
Mark as Played

What factors have driven the top ransomware and extortion groups' success in early 2026? And how should organizations structure their defenses to protect against them?

Join hosts Alexandra and John as they discuss:

  • How Akira is exploiting unknown assets inherited through M&A
  • Why ShinyHunters' vishing and SaaS misconfiguration models work
  • How The Gentlemen grew 588% quarter-over-quarter

 Two questions your organization ...

Listen
Watch
Mark as Played

Black Basta disbanded in February 2025, but their playbook didn't go with them. In March 2026, 77% of observed incidents targeted executives and directors, and attackers moved from first contact to malicious script execution in as little as 12 minutes. The tactic has been automated, refined, and is now running faster than most SOCs can respond.

 Join hosts Alexandra and John as they discuss:

  • How attackers leverage Microsoft ...
Listen
Watch
Mark as Played

89% of organizations that suffered a SaaS breach last year believed they had appropriate visibility. They had the logs — what they lacked was detection on what mattered. The Vercel incident shows exactly how costly that gap can be.

 Join hosts Brandon and John as they discuss:

  • How a third-party OAuth chain may have exposed Vercel's internal data
  • Why SaaS visibility gaps leave organizations exposed
  • The controls that can b...
Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts John and Alex, alongside special guest and ReliaQuest CTO Joe Partlow, as they discuss:

  • How Claude Mythos autonomously generated exploits
  • Why AI is accelerating CVE volume
  • Defense strategies organizations need now

Joe Partlow: CTO of ReliaQuest, a leading Information Security provider and is currently involved with new product initiatives along with research and devel...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts John and Tehman as they break down two of the most consequential supply chain attacks of 2026:

  • How DPRK actors socially engineered a NPM maintainer
  • Why hijacked GitHub versions are a CI/CD wake-up call
  • The three gaps every security team needs to close

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impact...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts Alexandra and John, live from Exponent 2026, alongside top security leaders as they discuss:

  • How organizations keep pace with attackers
  • Why one in four incidents starts with social engineering
  • How automated response is helping organizations

Chris Thompson: CISO of Caris Life Sciences, a leading, next-generation AI TechBio company and precision medicine pioneer.  ...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts Brandon and John as they discuss:

  • How Handala wiped 200,000 devices by weaponizing a trusted platform
  • Why your organization doesn't need to be a direct target to be at risk
  • How AI-enhanced malware is helping attackers get faster

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customer...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts John and Alex as they discuss:

  • How a Chinese APT maintained access for over a year
  • Why North Korean impersonation surged 116%
  • Why attackers exploit the same foundational gaps

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously s...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts Tehman and John as they discuss:

  • Why ransomware now prioritizes exfiltration over encryption 
  • How attackers can exfiltrate your data in just 6 minutes
  • Why proactive darkweb monitoring is critical

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical b...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts Brandon and John as they discuss:

  • How attacker breakout times dropped to as little as 4 minutes 
  • Why ClickFix surged 200%
  • Why behavioral detection is critical

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts John and Tehman as they discuss:

  • What attackers prefer over custom malware
  • How signature-based detection fails
  • Proactive governance vs. reactive triage

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Re...

Listen
Watch
Mark as Played

Resources: https://linktr.ee/ReliaQuestShadowTalk

Join hosts Brandon and John as they discuss:

  • Why extortion payment rates are the lowest ever
  • Organizations paying ransomware but refusing data extortion demands
  • Why defenders need both visibility and speed

John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical backgro...

Listen
Watch
Mark as Played

Popular Podcasts

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.

    Dateline NBC

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com

    Betrayal Weekly

    Betrayal Weekly is back for a new season. Every Thursday, Betrayal Weekly shares first-hand accounts of broken trust, shocking deceptions, and the trail of destruction they leave behind. Hosted by Andrea Gunning, this weekly ongoing series digs into real-life stories of betrayal and the aftermath. From stories of double lives to dark discoveries, these are cautionary tales and accounts of resilience against all odds. From the producers of the critically acclaimed Betrayal series, Betrayal Weekly drops new episodes every Thursday. If you would like to share your story, you can reach out to the Betrayal Team by emailing them at betrayalpod@gmail.com and follow us on Instagram at @betrayalpod and @glasspodcasts. Please join our Substack for additional exclusive content, curated book recommendations, and community discussions. Sign up FREE by clicking this link Beyond Betrayal Substack. Join our community dedicated to truth, resilience, and healing. Your voice matters! Be a part of our Betrayal journey on Substack.

    The Clay Travis and Buck Sexton Show

    The Clay Travis and Buck Sexton Show. Clay Travis and Buck Sexton tackle the biggest stories in news, politics and current events with intelligence and humor. From the border crisis, to the madness of cancel culture and far-left missteps, Clay and Buck guide listeners through the latest headlines and hot topics with fun and entertaining conversations and opinions.

    The Joe Rogan Experience

    The official podcast of comedian Joe Rogan.

Advertise With Us
Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

© 2026 iHeartMedia, Inc.

  • Help
  • Privacy Policy
  • Terms of Use
  • AdChoicesAd Choices