
PP104: How SocGholish Picks Locks to Let In Ransomware
From Packet Protector by Packet Pushers
April 7, 2026 · 28 min · Episode 104
About this episode
This episode discusses how initial access brokers use tools like SocGholish to facilitate cybercrime.
In the cybercrime industry, initial access brokers specialize in break-ins. They pick digital locks and slide open electronic windows, and then sell that access to other threat actors who specialize in ransomware, exfiltration, and other crimes. SocGholish is a widely used tool in the access broker toolkit. Typically disguised as a legitimate software update, SocGholish ... Read more »
Topics covered
- cybersecurity
- ransomware
- initial access brokers
- digital security
- cybercrime tools
Keywords
- SocGholish
- ransomware
- cybercrime
- initial access brokers
- digital locks
Mentioned in this episode
Organizations: SocGholish, cybercrime industry, initial access brokers, ransomware, threat actors
More episodes of Packet Protector
- PP113: Patch Gaps, Pretexting, and AI Use for Crimes and Crimefighting: 2026 Verizon DBIR Highlights · June 9, 2026 · 55 min
- PP112: When You Look But Don’t Find: The Art of Knowing When to Stop · June 2, 2026 · 41 min
- PP111: New HPE Mist Features Validate NAC Changes, Enable Inline Microsegmentation (Sponsored) · May 26, 2026 · 48 min
- PP110: News Roundup–Linux Fragged, Edge’s Password Manager Dragged, Android Intrusions Tagged, and More · May 19, 2026 · 58 min
- PP109: ThreatLocker Enforces Zero Trust With Strict Application Control (Sponsored) · May 12, 2026 · 45 min
- PP108: How to Build and Sustain a Successful Zero Trust Project · May 5, 2026 · 51 min
Explore listener stats, chart rankings, contacts and more on the Packet Protector podcast page.