.png)
CyberBrief Project
CyberBrief Project is an audio series that breaks down one creative cyber-attack technique in each episode.
Rather than covering routine threats, each episode focuses on clever methods that repurpose tools in unexpected ways.
Voiced by AI instructors, the series is designed to help listeners understand how attackers think, what they target, and how to spot threats with greater clarity.
This is valuable information for anyone in cybersecurity, especially defenders, and for anyone curious about how real-world cyberattacks start and unfold.
CyberBrief Project
How Scattered Spider Hijacks ESXi
In this episode, we explore a creative and highly effective ransomware technique used by Scattered Spider, one that doesn't rely on malware or exploits, but on deep knowledge of virtual infrastructure.
The Disk-Swap attack on ESXi allows attackers to extract Active Directory and deploy ransomware by misusing trusted VMware features. It's quiet, fast, and completely sidesteps traditional detection tools.
We'll walk through how the attack works, why it bypasses so many defenses, and what defenders need to rethink in their architecture to close this gap.
If you've ever assumed your hypervisors were out of reach—this episode is for you.
This technique is also in my YouTube channel: CyberBrief Project
Thanks for spending a few minutes on the CyberBrief Project.
If you want to dive deeper or catch up on past episodes, head over to cyberbriefproject.buzzsprout.com.
You can also find the podcast on YouTube at youtube.com/@CyberBriefProject — I’d love to see you there.
And if you find these episodes valuable and want to support the project, you can do that here: buzzsprout.com/support
Your support means a lot.
See you in the next one, and thank you for listening.