DISCARDED: Tales From the Threat Research Trenches
Proofpoint
91 episodes
1 week ago
Send us fan mail! Hello to all our Cyber Sleuths! Host Selena Larson, and guest host, Sarah Sabotka take you behind the scenes of the ever-changing world of cybercrime—where attackers innovate, scams evolve, and staying one step ahead is a constant challenge. From remote monitoring and management (RMM) abuse to adversary-in-the-middle (AiTM) phishing, web injects, flashy malware lures, and the latest wave of information stealers, we unpack the tactics, techniques, and procedures shaping today...
All content for DISCARDED: Tales From the Threat Research Trenches is the property of Proofpoint and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Send us fan mail! Hello to all our Cyber Sleuths! Host Selena Larson, and guest host, Sarah Sabotka take you behind the scenes of the ever-changing world of cybercrime—where attackers innovate, scams evolve, and staying one step ahead is a constant challenge. From remote monitoring and management (RMM) abuse to adversary-in-the-middle (AiTM) phishing, web injects, flashy malware lures, and the latest wave of information stealers, we unpack the tactics, techniques, and procedures shaping today...
Send us fan mail! Hello to all our Cyber Sleuths! Host Selena Larson, and guest host, Sarah Sabotka take you behind the scenes of the ever-changing world of cybercrime—where attackers innovate, scams evolve, and staying one step ahead is a constant challenge. From remote monitoring and management (RMM) abuse to adversary-in-the-middle (AiTM) phishing, web injects, flashy malware lures, and the latest wave of information stealers, we unpack the tactics, techniques, and procedures shaping today...
Send us fan mail! Hello to all our Pumpkin Spice Cyber Friends! It’s Cybersecurity Awareness Month — and what better way to kick it off than with a deep dive into the human side of cyber threats? In this episode host Selena Larson welcomes back guest and part-time co-host Sarah Sobatka, our “Cybersecurity Awareness Month Queen” and Staff Threat Researcher at Proofpoint. She joins us to break down why social engineering is at the heart of so many attacks. We take a closer look at how scams and...
Send us fan mail! Welcome in! You’ve entered, Only Malware in the Building — but this time, it’s not just another episode. This is a special edition you won’t want to miss. For the first time, our hosts are together in-studio — and they’re turning up the heat. Literally. Join Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED, along with N2K Networks Dave Bittner and Keith Mularski, former FBI cyb...
Send us fan mail! Hello to all our Cyber Stars! In this episode host Selena Larson welcomes back guest and part-time co-host Tim Kromphardt, fresh from DEFCON, to explore the world of request-for-quote (RFQ) fraud—a growing scam targeting small- to medium-sized businesses with fake purchase requests and net financing schemes. Tim explains how cybercriminals exploit legitimate business practices to steal physical goods like networking tools, surveillance equipment, and medical devices. Using s...
Send us fan mail! Hello to all our Cyber Squirrels! In this extra-packed episode of Discarded, host Selena Larson welcomes Proofpoint Principal Research Engineer Jason Ford for his first appearance on the show. Together, they dive into two resurging email attack techniques—Microsoft 365 Direct Send abuse and URL rewrite abuse—and why defending against them requires more than just traditional email security. Jason explains what Direct Send is, why attackers exploit this legacy feature, and how...
Send us fan mail! Hello to all our Cyber Panda Bears! In this extra-packed episode of Discarded, host Selena Larson and guest host, Sarah Sabotka reunite with Staff Threat Researcher Mark Kelly to dive deep into China-aligned espionage activity—this time with a focus on Taiwan’s semiconductor ecosystem and the strange, stealthy tools threat actors are using to get in. Mark walks us through Proofpoint’s latest research on custom malware (yes, “Voldemort” is back), threat clusters with pun-fill...
Send us fan mail! Hello to all our cyber! In this episode of Discarded, host Selena Larson and co-host, Tim Kromphardt, are joined by Joe Wise, Threat Researcher at Proofpoint for a deep dive into the chaotic brilliance of mid-tier eCrime actors—including the elusive TA582. We explore recent activity from TA2541 and TA558—two groups known for their uncanny consistency and precision targeting—before shifting focus to TA582: a standout in today’s threat landscape. TA582’s multilayered, region-s...
Hello to all our cyber detectives and pedantic CTI friends! In this episode of Discarded, host Selena Larson is joined by Greg Lesnewich, Staff Threat Researcher at Proofpoint for a behind-the-scenes look at one of the most frustratingly fascinating attribution cases yet. What begins as a lighthearted rant: “10 Things I Hate About Attribution,” quickly turns into a deep dive into the murky overlap between TA829 (aka RomCom), TA289, and the elusive GreenSec cluster. From TransferLoader and mal...
Hello to all our Cyber Pals! In this episode of Discarded, host Selena Larson and co-host Sara Sobotka are joined by Saher Naumaan and Greg Lesnewich, teammates on the espionage threat research team at Proofpoint to unravel the multifaceted—and often bizarre—world of North Korean cyber operations. The team explores: What sets DPRK’s threat actors apart from other nation-state groupsA closer look at North Korea’s cyber and physical support for Russia in UkraineHow cyber activity plays ...
Hello to all our Cyber Masked Vigilantes! In this episode of Discarded, host Selena Larson and co-host Tim Kromhardt are joined by James Emery-Callcott, a Security Researcher on Proofpoint’s Emerging Threats team, for an insider’s look at the technical, tactical, and collaborative forces shaping modern network detection. James takes us behind the curtain of rule writing, CVE coverage, and malware detection, breaking down how signatures are developed, validated, and deployed to protect...
Hello to all our Cyber Stars! Join host Selena Larson, and guest host, Sarah Sabotka, as they sit down with Alex Pinto, Associate Director of Threat Intelligence at Verizon Business and the lead author behind the industry-defining Verizon Data Breach Investigations Report (DBIR). Together, they unpack the most pressing findings from the brand new VZDBIR, offering a behind-the-scenes look at how the reports are built—and what they reveal about today’s rapidly evolving threat landscape. Alex sh...
Hello to all our Cyber Spring Chickens! Join host Selena Larson, and guest host, Sarah Sabotka, as they chat with Saher Naaman, Senior Threat Researcher at Proofpoint, for a deep dive into how modern espionage and cybercrime are increasingly blurring lines. At the center of the conversation is ClickFix—a fast-evolving social engineering technique originally used by cybercriminals but now adopted by espionage actors across at least three countries in just 90 days. We explore: how t...
Hello to all our Cyber Spring Chickens! Join host Selena Larson and guest hosts, Tim Kromphardt and Sarah Sabotka, both Senior Threat Researchers at Proofpoint. These top sleuths crack open Proofpoint’s new Human Factor series and explore one of the most deceptively dangerous tactics in a threat actor’s playbook: the benign conversation. What exactly is a benign conversation—and why is it anything but harmless? Whether it’s a simple “Do you have a minute?” or a seemingly legit job offer...
Hello to all our Cyber Cherry Blossoms! Join host Selena Larson and guest host, Tim Kromphardt, a Senior Threat Researcher, as they chat with Andrew Couts, Senior Editor, Security and Investigations at WIRED. Andrew shares insights into his work overseeing cybersecurity coverage and investigative reporting, collaborating with newsrooms, and uncovering the hidden threats lurking in the digital world. We dive into how cybersecurity and privacy reporting has evolved, the growing risks posed by d...
Hello to all our Remote Cyber Pals! Join host Selena Larson and guest host, Tim Kromphardt, a Senior Threat Researcher, as they chat with Staff Threat Researcher, Ole Villadsen, from Proofpoint. They explore the broader shift from traditional malware to commercially available tools that fly under the radar and how cybercriminals are increasingly abusing Remote Monitoring and Management (RMM) tools (sometimes called Remote Access Software) to gain initial access in email-based attacks.&n...
Hello to all our Cyber Pals! Join host Selena Larson and guest hosts, Sarah Sabotka and Tim Kromphardt, both Senior Threat Researchers from Proofpoint, as they dive into the realities of current social engineering schemes —especially during high-risk times like tax season. Cybercriminals exploit fear, urgency, and excitement to manipulate victims, from IRS impersonation scams and fraudulent tax payment requests to deepfake cons and TikTok frauds. Our hosts dive into real-world examples, inclu...
Hello to all our Cyber Pals! Join host Selena Larson and guest host, Sarah Sabotka, as they speak with Kyle Eaton, Senior Security Research Engineer at Proofpoint. They explore the evolving world of image-based threat detection and the deceptive tactics cybercriminals use to evade defenses. From image lures embedded in emails, PDFs, and Office documents to the surprising ways attackers reuse visuals across campaigns, this conversation break down how detection engineering is adapting to counte...
Hey Cyber Pals! This week we are doing a very special spotlight on a recent episode from Only Malware in the Building. Our very own, Selena Larson, also co-hosts on this fabulous podcast. Be sure to check it out and enjoy! Find more OMIB: https://thecyberwire.com/podcasts/only-malware-in-the-building/9/notes —------------------------------------------------ Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s mos...
Hello to all our Cyber Magicians! Join host Selena Larson and guest host, Joshua Miller, as they speak with Kristina Walter, the Chief of NSA’s Cybersecurity Collaboration Center. They explore the cutting-edge collaborations between the NSA and industry partners to combat cyber threats, with a deep dive into the NSA’s Cybersecurity Collaboration Center (Triple C).Kristina sheds light on the growing awareness around cyber hygiene, the importance of collective defense, and the role of par...
Hello to all our Cyber Magicians! Join host Selena Larson and guest host,Tim Kromphardt, as they speak with Hannah Rapetti, the Takedown Services Manager at Proofpoint. Hannah shares her fascinating journey from librarian to cybersecurity expert, detailing her path into the industry through certifications, CTFs (Capture the Flag), and the Women in Cybersecurity (WiCyS) community.The conversation dives into real-world examples, techniques, and strategies used to identify, track, and eliminate ...
DISCARDED: Tales From the Threat Research Trenches
Send us fan mail! Hello to all our Cyber Sleuths! Host Selena Larson, and guest host, Sarah Sabotka take you behind the scenes of the ever-changing world of cybercrime—where attackers innovate, scams evolve, and staying one step ahead is a constant challenge. From remote monitoring and management (RMM) abuse to adversary-in-the-middle (AiTM) phishing, web injects, flashy malware lures, and the latest wave of information stealers, we unpack the tactics, techniques, and procedures shaping today...
