DISCARDED: Tales From the Threat Research Trenches

• Your Best Defense against Social Engineering: The Gray-Matter Firewall

  Hello to all our Cyber Pals! Join host Selena Larson and guest hosts, Sarah Sabotka and Tim Kromphardt, both Senior Threat Researchers from Proofpoint, as they dive into the realities of current social engineering schemes —especially during high-risk times like tax season. Cybercriminals exploit fear, urgency, and excitement to manipulate victims, from IRS impersonation scams and fraudulent tax payment requests to deepfake cons and TikTok frauds.Our hosts dive into real-world examples, including:tax-themed phishing attackstech support scams targeting the elderlyjob scams leveraging Taylor Swift’s tourThey explore how AI is reshaping fraud tactics, why scammers still rely on outdated schemes like overseas financial windfalls, and how platforms like WhatsApp and Telegram play a role in modern cybercrime.Tune in to learn how these scams work, why they succeed, and—most importantly—how you can protect yourself. Check out our show notes for additional resources, and don’t forget to share this episode with friends and colleagues!For more information about Proofpoint, check out our website.Subscribe & Follow:Stay ahead of emerging threats, and subscribe! Happy hunting!

  --------  

  51:06
• Hiding in Plain Sight: How Defenders Get Creative with Image Detection

  Hello to all our Cyber Pals! Join host Selena Larson and guest host, Sarah Sabotka, as they speak with Kyle Eaton, Senior Security Research Engineer at Proofpoint.They explore the evolving world of image-based threat detection and the deceptive tactics cybercriminals use to evade defenses. From image lures embedded in emails, PDFs, and Office documents to the surprising ways attackers reuse visuals across campaigns, this conversation break down how detection engineering is adapting to counter new threats.There is also examination of how AI is shaping both cyber deception and detection, raising the question of how generative AI is influencing image-based security.Listeners will gain insights into real-world detection successes, persistent threats like TA505 and Emotet, and the role of instincts in cybersecurity—because, as Selena notes, sometimes good detection is all about the vibes. Key Topics Covered:Characteristics of Image-Based ThreatsGroups like TA505 and Emotet historically using recognizable image luresOneNote-Based Malware Detection (2023) & the Challenges with OneNoteShift to PDF-Based ThreatsPDF Object Hashing for Attribution & DetectionImage-Based Threat Detection InsightsGenerative AI’s Impact on Image-Based ThreatsJoin us as we uncover real-world detection wins, explore persistent threats like TA505 and Emotet, and dive into the importance of instincts in cybersecurity—because, as our guest puts it, sometimes good detection is all about the vibes.Resources mentioned:https://github.com/target/halogenhttps://www.proofpoint.com/us/blog/threat-insight/onenote-documents-increasingly-used-to-deliver-malwareFor more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  45:52
• Cyber Groundhog Day and romance scams, featuring Only Malware in the Building

  Hey Cyber Pals! This week we are doing a very special spotlight on a recent episode from Only Malware in the Building. Our very own, Selena Larson, also co-hosts on this fabulous podcast. Be sure to check it out and enjoy!Find more OMIB: https://thecyberwire.com/podcasts/only-malware-in-the-building/9/notes—------------------------------------------------Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode and since it is February (the month of love as Selena calls it), we talk about romance scams known throughout the security world as pig butchering. And, Rick's experiencing a bit of a Cyber Groundhog Day in his newly-realized retirement.

  --------  

  40:48
• The Power of Partnerships: An Interview with the NSA’s Kristina Walter

  Hello to all our Cyber Magicians! Join host Selena Larson and guest host, Joshua Miller, as they speak with Kristina Walter, the Chief of NSA’s Cybersecurity Collaboration Center.  They explore the cutting-edge collaborations between the NSA and industry partners to combat cyber threats, with a deep dive into the NSA’s Cybersecurity Collaboration Center (Triple C).Kristina sheds light on the growing awareness around cyber hygiene, the importance of collective defense, and the role of partnerships between government and private sectors in tackling malicious activity. She also offers practical advice for those looking to break into government cybersecurity roles, dispelling myths about the need for a STEM background and highlighting the relevance of "core skills" like public speaking, decision-making, and risk management.Key Topics Covered:Public-private partnership success storiesNSA’s approach to global collaborationThe shift from information consumption to actionable intelligence sharingThe average American's cybersecurity concernsInsights into the collaborative efforts needed to counter cyber threatsNaming malware campaignsThe episode wraps up with tips on staying current in the fast-paced world of cybersecurity, from leveraging NSA advisories to building communities for information sharing. Whether you're an aspiring cybersecurity professional or an industry veteran, this episode is packed with actionable advice and thought-provoking perspectives.Resources mentioned:https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3805947/nsa-announces-kristina-walter-as-the-new-chief-of-cybersecurity-collaboration-c/https://www.nsa.gov/Press-Room/News-Highlights/https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3669141/nsa-and-partners-spotlight-peoples-republic-of-china-targeting-of-us-critical-i/https://www.nsa.gov/about/cybersecurity-collaboration-center/For more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  39:30
• The Battle for a Safer Internet: Inside Domain Takedowns and Threat Actor Tactics

  Hello to all our Cyber Magicians! Join host Selena Larson and guest host,Tim Kromphardt, as they speak with Hannah Rapetti, the Takedown Services Manager at Proofpoint. Hannah shares her fascinating journey from librarian to cybersecurity expert, detailing her path into the industry through certifications, CTFs (Capture the Flag), and the Women in Cybersecurity (WiCyS) community.The conversation dives into real-world examples, techniques, and strategies used to identify, track, and eliminate malicious domains.Key Topics Covered:Collaborative Efforts: How teams work together to identify scam websites, gather evidence, and escalate for takedown.Tools and Techniques: Using tools like domain search, backend kits identification, and IP-based connections to uncover related sites.Challenges in Takedowns: Managing lists of hundreds of domains across multiple providers, verifying live activity, and the need for ongoing monitoring.Threat Actor Behavior: How threat actors use multiple registrars or re-register domains to evade detection.Best Practices for Organizations:Preemptively purchasing lookalike domains.Monitoring new domain registrations for suspicious activity.Educating users to identify and avoid malicious domains.Ethical Considerations: Balancing infrastructure disruption with the need for ongoing research, particularly for cyber espionage threats.Favorite Wins: Memorable investigations, such as takedowns during the Super Bowl, fake Olympics ticket scams, and real-time disruption of pig-butchering schemes.The episode highlights the importance of domain takedowns not just for individual companies but for contributing to a safer internet ecosystem. It’s a mix of practical advice, real-life stories, and insights into the ongoing battle against cybercrime.Resources mentioned:Genina Po Discarded Episodehttps://www.proofpoint.com/us/blog/threat-insight/pig-butchers-join-gig-economy-cryptocurrency-scammers-target-job-seekers https://www.wicys.org/ https://www.proofpoint.com/us/blog/threat-insight/pig-butchers-join-gig-economy-cryptocurrency-scammers-target-job-seekers https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000677061400 https://www.proofpoint.com/us/blog/threat-insight/security-brief-scammers-create-fraudulent-olympics-ticketing-websitesFor more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  38:05

Plus de podcasts Technologies

Podcasts tendance de Technologies

À propos de DISCARDED: Tales From the Threat Research Trenches

DISCARDED: Tales From the Threat Research Trenches: Podcasts du groupe