Welcome to Lane Nickell, where amazing things happen. Cover art photo provided by Nathan Anderson on Unsplash: https://unsplash.com/@nathananderson
…
continue reading
DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more about the threat behaviors and attack patterns. Each episode you’ll hear real world insights from our researchers about the latest trends in malware, threat actors, TTPs, and more. Welcome to DISCARDED
…
continue reading
1
Have you heard: Only Malware in the Building?
3:10
3:10
Play later
Play later
Lists
Like
Liked
3:10
Check out new episodes of Only Malware in the Building wherever you listen to podcasts: https://thecyberwire.com/podcasts/only-malware-in-the-buildingBy Proofpoint
…
continue reading
1
Malware Evasion Uncovered: The Battle Against Evolving Malware Techniques
33:53
33:53
Play later
Play later
Lists
Like
Liked
33:53
Hello, Cyber Pirates! In today's episode of the Discarded Podcast, hosts Selena Larson and Tim Kromphardt are joined by Kyle Cucci, Staff Threat Researcher at Proofpoint. Dive with us into the world of cyber attacks as Kyle breaks down the intricacies of evasion techniques used by threat actors. From defense evasion to anti-sandboxing and anti-reve…
…
continue reading
1
Checkmate: Breaking Down Operation Endgame
46:57
46:57
Play later
Play later
Lists
Like
Liked
46:57
Hello, cyber sleuths! In today's exciting episode of the Discarded Podcast, hosts Selena Larson and Sarah Sabotka are joined by the brilliant Pim Trouerbach, Senior Reverse Engineer at Proofpoint. Pim gives us the lowdown on this massive law enforcement operation targeting multiple high-profile botnets across the globe, called Operation Endgame, an…
…
continue reading
1
Hacking the Human Mind: How Cyber Attackers Exploit Our Brains
51:47
51:47
Play later
Play later
Lists
Like
Liked
51:47
Hello to all our cyber squirrels! Joining our series host, Selena Larson, is our co-host today, Tim Kromphardt. Together they welcome our special guest–Dr. Bob Hausmann, Proofpoint's Manager of Learning Architecture and Assessments and a seasoned psychologist. Our conversation explores how cyber threat actors exploit the different systems of though…
…
continue reading
1
Decrypting Cyber Threats: Tactics, Takedowns, and Resilience
43:30
43:30
Play later
Play later
Lists
Like
Liked
43:30
Hello to all our cyber pals! Joining our series host, Selena Larson, is our co-host today, Tim Kromphardt. Together they welcome our special guest–Daniel Blackford, the Director of Threat Research at Proofpoint. The conversation dives into the intricate world of cyber threats and the impact of law enforcement disruptions on malware, botnets, and ra…
…
continue reading
1
It Works on My Machine: Why and How Engineering Skills Matter in Threat Research
46:55
46:55
Play later
Play later
Lists
Like
Liked
46:55
The Discarded Podcast team is gearing up and working hard for a new season! Until then we have a special Re-Run treat--one of our favorite episodes! Enjoy! Engineering skills can play a massively beneficial role in cyber security, as Pim Trouerbach, a Senior Reverse Engineer at Proofpoint and Jacob Latonis, Senior Threat Research Engineer at Proofp…
…
continue reading
1
Decoding TA4903: Exploring the Dual Objectives of a Unique Cyber Threat Actor
40:57
40:57
Play later
Play later
Lists
Like
Liked
40:57
Today’s focus is on the elusive threat actor known as TA4903. But that's not all - we've got a special treat for you as well. Our longtime producer, Mindy, is joining us as a co-host, bringing her expertise and insights to the table, as we turn the mic around and interview, Selena! We explore recent research conducted by Selena and her team on TA49…
…
continue reading
1
A Trip Down Malware Lane: How Today's Hottest Malware Stacks Up Against Predecessors
56:22
56:22
Play later
Play later
Lists
Like
Liked
56:22
It has been a busy first quarter for the Proofpoint Threat Research team! Today we have returning guest, Pim Trouerbach, to share his personal stories about his favorite malware and discuss the current landscape, including insights on Pikabot, Latrodectus, and WikiLoader. The conversation explores the evolution from old school banking trojans to th…
…
continue reading
1
Hiding In Plain Sight: Unique Methods Of C2 From Infostealers
27:23
27:23
Play later
Play later
Lists
Like
Liked
27:23
Network-based detections, such as those developed by threat detection engineers using tools like suricata and snort signatures, play a crucial role in identifying and mitigating cyber threats by scrutinizing and analyzing network traffic for malicious patterns and activities. Today’s guest is Isaac Shaughnessy, a Threat Detection Engineer at Proofp…
…
continue reading
1
From Attribution to Advancement: Red Canary’s Katie Nickels Tackles CTI’s Biggest Questions
47:04
47:04
Play later
Play later
Lists
Like
Liked
47:04
The esteemed Katie Nickels joins us on the show today! Katie is the Director of Intelligence Operations at Red Canary, and our conversation with her explores a wide array of topics, ranging from career growth in threat intelligence to the intricacies of attribution and threat actor naming. Katie delves into her diverse career journey and transition…
…
continue reading
1
Beyond the Headlines: Reporting on Sensitive Cybersecurity Topics to Resonate with Everyone
55:39
55:39
Play later
Play later
Lists
Like
Liked
55:39
*This episode contains content warnings of suicide and self-harm* “It’s not about preventing something from happening, it’s being prepared for when it does.” This episode is filled with stories from the different scenarios that have been plaguing people with cyber security attacks. Today’s guest is Kevin Collier, a cybersecurity reporter at NBC. He…
…
continue reading
1
Strategies for Defense and Disruption: Part Two of Predicting Cyber Threats in 2024
1:06:17
1:06:17
Play later
Play later
Lists
Like
Liked
1:06:17
Is 2024 the year of adaptability and collaboration within the security community? Let’s hope so! Today’s episode is Part Two of what to expect in cybersecurity in 2024, and our guests are Randy Pargman and Rich Gonzalez. Randy sheds light on the crucial role of the Detections Team and emphasizes the constant innovation of malware authors, and the t…
…
continue reading
1
Phishing, Elections, and Costly Attacks: Part One of Predicting Cyber Threats in 2024
45:00
45:00
Play later
Play later
Lists
Like
Liked
45:00
To move forward, it’s good to take a minute and reflect on what’s happened. Today’s episode focuses on insights from Daniel Blackford and Alexis Dorais-Joncas, both Senior Managers of Threat Research at Proofpoint. This is the first in our two-part series looking at what’s on the horizon for 2024. Reflecting on 2023, they discuss the use of QR code…
…
continue reading
1
Jingle Bells, Phishing Tales: Reflecting on Cybersecurity in the Holiday Spirit
1:04:59
1:04:59
Play later
Play later
Lists
Like
Liked
1:04:59
In this special Holiday edition of Discarded, the tables are turned with hosts, Selena and Crista, becoming the answer-ers, our returning Moderator, Mindy Semling, as the question asker, and our wonderful audience is transformed into Cyber Elves. This conversation is lively and filled with questions from a variety of engaged audience members. (Than…
…
continue reading
1
I Know This Might Sound Crazy but Russia’s TA422 Blasted Lots of Exploits
50:39
50:39
Play later
Play later
Lists
Like
Liked
50:39
Tis the season for understanding TA422’s latest activity AND for singing podcast guests! Today’s returning guest is Greg Lesnewich, Senior Threat Researcher at Proofpoint. He sheds light on the tactics, techniques, and procedures (TTPs) employed by TA422. The conversation touches on the significance of the high volumes observed starting in late sum…
…
continue reading
1
MITRE ATT&CK Evolves with Cyber Threat Sophistication
50:35
50:35
Play later
Play later
Lists
Like
Liked
50:35
Take a deep dive with us into the incomparable MITRE ATT&CK Framework, a comprehensive knowledge base that catalogs real-world threat actor behaviors derived from threat intelligence. Today’s guests are our great friends at MITRE ATT&CK, Adam Pennington (Attack Lead), and Patrick Howell O’Neill, (Lead Cyber Operations Analyst). They explore how the…
…
continue reading
1
Looking Behind the Curtain at the Palestinian-Aligned TA402
23:04
23:04
Play later
Play later
Lists
Like
Liked
23:04
While the current Israeli/Palestinian conflict is on everyone’s minds, how many are thinking about the repercussions of cyber security? Today’s guest is returning guest, Joshua Miller, Senior Threat Researcher on the APT team at Proofpoint. While he focuses on different Middle East, North African state-aligned threats, he is talking today about a P…
…
continue reading
1
Unmasking the Tricksters: The World of Fake Browser Updates
31:42
31:42
Play later
Play later
Lists
Like
Liked
31:42
How can you tell when a website (yes, a website) is compromised? These threats are pretty crafty because they aren't out to target specific individuals; they just wait for folks like you and me to innocently click on compromised websites during our regular browsing. But these threats don't stop at casual browsing. They sneak into emails, social med…
…
continue reading
1
Decoding the Malware Maze: Insights From a Threat Researcher
33:46
33:46
Play later
Play later
Lists
Like
Liked
33:46
Oh the days when spam was the only concern for email security! Our guest today is Chris Wakelin, a Senior Threat Researcher at Proofpoint. He recounts the era when email attachments were plain text, and the concept of malicious URLs had yet to become prevalent. Chris was a pioneer in implementing email security measures and recalled introducing Spa…
…
continue reading
1
Obfuscated: Online Threats and the Visually Impaired
28:44
28:44
Play later
Play later
Lists
Like
Liked
28:44
Billions of dollars in losses is bad enough. But when a friend loses $1,000 on a platform he trusted, online fraud gets personal. In this podcast episode, we dive deep into the world of online fraud with the personal account of Tim Utzig, a Senior Associate Analyst at Anser and friend of his Selena Larson. Utzig, who is blind, lost $1,000 in an onl…
…
continue reading
Live from New York City, it’s your Discarded podcast team at Protect 2023! Joining Selena Larson, is our special guest, John Hultquist, Chief Analyst at Mandiant, now part of Google Cloud. They discuss various cybersecurity threats and activities of nation-states like Russia, China, and North Korea. China stands out as it hasn't executed significan…
…
continue reading
1
From Rio to Madrid: Unmasking the Brazilian Banking Malware Wave
28:57
28:57
Play later
Play later
Lists
Like
Liked
28:57
Regardless of location, it’s important to understand what is happening in the global threat landscape because we are a global economy. What affects one region may affect one closer to home. Part of the reason Brazil has become a recent hotbed is the amount of online population is expanding rapidly. Today’s guest, Jared Peck (Senior Threat Researche…
…
continue reading
1
Everything Comes Back in Style: How Old TTPs are Remerging in China's E-Crime Ecosystem
37:04
37:04
Play later
Play later
Lists
Like
Liked
37:04
Just like a forensic scientist, the job of a threat analyst is to search for the digital fingerprints. The key is to have a starting reference point, and then being able to see what is off from there. Our guest today is Bryan Campbell, a Staff Threat Analyst at Proofpoint. He breaks down what is happening on the China cybercrime threat landscape, a…
…
continue reading
1
It Works on My Machine: Why and How Engineering Skills Matter in Threat Research
46:09
46:09
Play later
Play later
Lists
Like
Liked
46:09
Engineering skills can play a massively beneficial role in cyber security, as Pim Trouerbach, a Senior Reverse Engineer at Proofpoint and Jacob Latonis, Senior Threat Research Engineer at Proofpoint, are able to share. They emphasize the importance of understanding the requirements and context of security researchers to build effective tools. The c…
…
continue reading
1
An Apple a Day Won't Keep Iranian APT Away: How TA453 Targets Macs
35:38
35:38
Play later
Play later
Lists
Like
Liked
35:38
What is new with Iranian actor TA453, and what is happening with their attack chains? To answer these questions, today’s guest is Joshua Miller, a Senior Threat Researcher on the APT team at Proofpoint. Since his last visit, Joshua has published new research on TA453, highlighting new malware and social engineering techniques, which can be found he…
…
continue reading
When researching cyber threats, there is a bias towards to the West and most of Europe. But what about the global majority? Today’s guest is Martijn Grooten, a Digital Security Threat Analyst with Internews. With 16 years of experience in cybersecurity, he has recently focused on the impact of security for at risk groups and people. Join us as we d…
…
continue reading
1
Weird & Wacky Researcher Summer: The Artifacts & Detections Edition
37:15
37:15
Play later
Play later
Lists
Like
Liked
37:15
It's shaping up to be a weird and wacky summer for threat researchers. While it’s been quieter on the front end, there are still many stories to share with some weird and wacky incidents. This episode also includes a fun, dramatized read of an email tactic. Join us as we discuss the following: Where the team identifies on the Cyber Alignment Chart …
…
continue reading
1
It's Summertime: What’s the E-crime Vibe?
44:30
44:30
Play later
Play later
Lists
Like
Liked
44:30
Who’s quiet and who’s making noise? What’s the backchannel chatter over at Proofpoint? Proofpoint threat researchers Joe Wise and Pim Trouerbach join this week’s episode to discuss the e-crime vibe for the first half of 2023. Join us as we discuss the following: Emotet’s activity, or lack thereof Chaotic vibes from IcedID TA570 and TA577 setting tr…
…
continue reading
1
When the Threat Profile is High: Protecting At-Risk Individuals Online
32:13
32:13
Play later
Play later
Lists
Like
Liked
32:13
How does cybercrime threaten individual reporters? What about an entire newsroom? What if you’re an average person who suddenly becomes the center of a dark conspiracy theory? Welcome to the world of cybersecurity for at-risk individuals. In this episode, renowned cybersecurity expert, Runa Sandvik joins to talk about her work protecting journalist…
…
continue reading
1
The Spies and Stalkers of Surveillance Capitalism
37:14
37:14
Play later
Play later
Lists
Like
Liked
37:14
A brief note on content for today's episode, we are going to be discussing or mentioning stalking, domestic abuse, and sex trafficking in today's show. If you’re a threat actor with a million dollar budget targeting high ranked targets like dissidents, activists, journalists and politicians, how do you do it? What if you’d like to stalk your neighb…
…
continue reading
At least three threat actors are ushering in a new era for IcedID, originally classified as banking malware in 2017. In this episode, Proofpoint researchers, Joe Wise and Pim Trouerbach, are here to share their research on the Lite and Forked IcedID variants Join us as we discuss the following: Lite IcedID Variant Forked IcedID Variant The key diff…
…
continue reading
1
“Did I miss you in Orlando?”: The Rise of SMS Phishing
27:32
27:32
Play later
Play later
Lists
Like
Liked
27:32
In this podcast episode, Proofpoint senior threat researcher, Adam McNeil, joins us to talk about conversational SMS phishing. These campaigns target mobile devices and often start with a simple, innocuous question. “Are you coming to dinner tomorrow?” can lead to anything from fraud to impersonation to financial schemes and is considered a $3 bill…
…
continue reading
1
Staying Ahead of Cloud-Based Threats: Insights on today's threat landscape
30:52
30:52
Play later
Play later
Lists
Like
Liked
30:52
Cloud threats are a growing concern due to users' and organizations' increasing adoption of cloud computing. It's crucial to develop the skills needed to identify and analyze cloud-based threats and know the latest security tools and techniques to detect, prevent, and respond to cloud-based attacks. Ultimately, security researchers and analysts pla…
…
continue reading
In the cyber threat intelligence and cybersecurity world, there is a growing recognition of the value of professionals with diverse backgrounds and skillsets. While many individuals in the field come from traditional computer science or engineering backgrounds, there is also a trend of people entering the field from unexpected paths. Sarah Sabotka,…
…
continue reading
1
Prank or Propaganda? TA499 Pesters Politics
39:14
39:14
Play later
Play later
Lists
Like
Liked
39:14
In this episode, Zydeca Cass, Senior Threat Researcher at Proofpoint, joins the show to discuss Russia-aligned threat actor TA499. Zydeca dives into what makes tracking this threat actor so unique. Join us as we discuss: Who TA499 are and what they do What makes their activity a cyber threat others should pay attention to What their activity tells …
…
continue reading
1
A Venture Mindset: North Korean Actors Go Beyond Espionage
40:17
40:17
Play later
Play later
Lists
Like
Liked
40:17
We’ve discussed a handful of APT actors on the Discarded podcast, like Russia, Iran, China and Turkey. In this episode, we dive into the isolated world of North Korean aligned actors with Sr. Threat Researcher, Greg Lesnewich. In this episode, we discuss the following: The role DPRK’s culture of isolation has played in its approach to cyber espiona…
…
continue reading
1
Why Do We Click? Understanding the Psychology of Social Engineering
58:45
58:45
Play later
Play later
Lists
Like
Liked
58:45
Social engineering is a technique used by attackers to manipulate individuals into performing actions that may put their personal or sensitive information at risk. Attackers know the biggest weakness in cybersecurity is humans—and with this, leverage socially engineered phishing emails to manipulate the human psychology. In this episode, we have Dr…
…
continue reading
1
New Year, New Threats: Prepping for the 2023 Threat Landscape
39:31
39:31
Play later
Play later
Lists
Like
Liked
39:31
A new year has arrived! The 2022 threat landscape had some extremely notable activity, from Russian APT actors to Microsoft's blocking of macros. We saw a lot and can guarantee threat actors won't be slowing down in 2023 and will continue to be a major threat to organizations. In this episode, Threat Research Managers, Alexis Dorais-Joncas, Rich Go…
…
continue reading
1
Confidence, confusion, cashout: How pig butchering is blindsiding victims
43:37
43:37
Play later
Play later
Lists
Like
Liked
43:37
Threat actors are disarming their victims with a new approach: The long game. Instead of asking for money or gift cards upfront, they build a connection and confidence until they cash in on the big payout. In this episode of Discarded, Selena Larson and Crista Giering are joined by Proofpoint team members: Tim Kromphardt, Email Fraud Researcher, an…
…
continue reading
1
Holiday Happy Hour: 12 Faves of Threat Research
32:55
32:55
Play later
Play later
Lists
Like
Liked
32:55
As the end of year is rapidly approaching, it’s important to reflect back on some of the top learnings for the year. In this special holiday edition of The Discarded podcast, Selena and Crista are joined by Mindy Semling, Podcast Producer at Proofpoint, to answer questions on their favorite things from threat research over the past year — from blog…
…
continue reading
1
AMA Answers From the Threat Research Trenches
51:26
51:26
Play later
Play later
Lists
Like
Liked
51:26
In this highly entertaining episode of DISCARDED, Selena Larson and Crista Giering host a wild round of “Ask Me Anything,” with Sherrod DeGrippo, VP of Threat Research and Detection, and Daniel Blackford, Threat Researcher at Proofpoint. Featuring insightful questions from listeners and former guests, these industry experts cover a wide range of to…
…
continue reading
1
The Many-Faced Threat: Multi-Persona Impersonation (MPI) In Your Inbox
27:08
27:08
Play later
Play later
Lists
Like
Liked
27:08
Social proof is a potent tool, even in the absence of direct support. When someone is pressured to do something in the presence of trusted peers, they are more likely to follow through unless someone objects. Unfortunately, threat actors have taken notice and are investing significant time and resources into looking like a trusted party to gain acc…
…
continue reading
1
Machine Learning Is a Party With Camp Disco!
39:50
39:50
Play later
Play later
Lists
Like
Liked
39:50
In this episode, Dr. Zachary Abzug, Manager and Tech Lead of Data Science at Proofpoint joins the show to discuss a machine learning enabled tool called Camp Discovery, AKA Camp Disco and the importance of the human interaction required for making use of machine learning in malware detection. Join us as we discuss: What exactly Camp Disco is and th…
…
continue reading
1
Reservation Confirmed: Threat Actors Visiting the Hospitality World
39:01
39:01
Play later
Play later
Lists
Like
Liked
39:01
In this episode, Joe Wise, Threat Researcher at Proofpoint, joins the show to discuss his and Selena’s research into a small e-crime actor, TA558 and its targeting against the hospitality and travel e-crime sector since at least 2018. Join us as we discuss: Classifying threat actors and how it relates to s’mores Understanding e-crime vs. APT actors…
…
continue reading
1
The Hallow-queen of Cybersecurity: Spooky and Sweet Takes with Sherrod DeGrippo
35:18
35:18
Play later
Play later
Lists
Like
Liked
35:18
Cybersecurity doesn't have to be spooky this Halloween. In this episode, Sherrod DeGrippo, VP of Threat Research and Detection at Proofpoint, joins the show to discuss all things cybersecurity awareness so you can be prepared, not scared, this October. So grab a sweet treat and pull up a seat, the Hallow-queen is about to give her hot takes! Join u…
…
continue reading
1
Investigating Wine Fraud with the Ransomware Sommelier
49:54
49:54
Play later
Play later
Lists
Like
Liked
49:54
All for wine, and wine for all. But only if it isn’t fraudulent. In July 2022, Allan Liska, an analyst at Recorded Future and wine expert, released some new research on counterfeit wine, spirits and cheese. Allan joins the show as our first ever external guest to give us an overview of what that research entailed and the different types of wine fra…
…
continue reading
1
Hot off the Press: APT Actors Posing as Journalists
30:31
30:31
Play later
Play later
Lists
Like
Liked
30:31
In this episode, Joshua Miller and Michael Raggi, Senior Threat Researchers at Proofpoint, join the show to discuss APT groups targeting and impersonating journalists. Joshua, Michael, and Crista discovered during their research how APT actors use journalist and their leads as a form of espionage to collect sensitive information. Join us as we disc…
…
continue reading
1
Misfits Managed: Breaking Down Misfit Malware
36:42
36:42
Play later
Play later
Lists
Like
Liked
36:42
In this episode, Sara Sabotka Senior Threat Researcher on the field-facing team at Proofpoint, joins the show to chat about Misfit Malware. Although it is sometimes referred to as commodity malware, this kind of malicious software is anything but boring. You’ll want to stick around to find out who belongs on the Island of Misfit Malware and the imp…
…
continue reading
In this episode, Konstantin Klinger, Senior Security Research Engineer at Proofpoint, joins the show to chat about his role on the threat research team, focusing on DDX (Detonation, Detection, and Extraction). You won’t want to miss his breakdown of the Pyramid of Pain and how to utilize it for threat detection engineering. Join us as we discuss: R…
…
continue reading
1
APT Attribution: Trials and Tribulations From the Field
31:17
31:17
Play later
Play later
Lists
Like
Liked
31:17
In this episode, Joshua Miller and Zydeca Cass, Senior Threat Researchers at Proofpoint, join the show to discuss attribution, specifically APT actor attribution. Joshua and Zydeca dive into their experiences of attribution successes and failures, sharing tales of threat actors impersonating Russian opposition leaders and an Iranian kidnapping plot…
…
continue reading