A new year has arrived! The 2022 threat landscape had some extremely notable activity, from Russian APT actors to Microsoft's blocking of macros. We saw a lot and can guarantee threat actors won't be slowing down in 2023 and will continue to be a major threat to organizations. In this episode, Threat Research Managers, Alexis Dorais-Joncas, Rich Gonzalaz and Daniel Blackford, join us to share their perspectives on the 2023 threat landscape. Join us as we discuss the following: What our experts are anticipating in 2023 How vulnerabilities help in detection creation Emerging techniques that cou ..read more

Threat actors are disarming their victims with a new approach: The long game. Instead of asking for money or gift cards upfront, they build a connection and confidence until they cash in on the big payout. In this episode of Discarded, Selena Larson and Crista Giering are joined by Proofpoint team members: Tim Kromphardt, Email Fraud Researcher, and Genina Po, Threat Analyst, to discuss socially engineered attacks and how victims are tricked. Join us as we discuss: Understanding what pig butchering is How the scam blindsides victims The evolution of the fraud from China to other countries in ..read more

As the end of year is rapidly approaching, it’s important to reflect back on some of the top learnings for the year. In this special holiday edition of The Discarded podcast, Selena and Crista are joined by Mindy Semling, Podcast Producer at Proofpoint, to answer questions on their favorite things from threat research over the past year — from blogs to malware to holiday songs, we cover it all. Join us as we discuss: Celebrating the year The 12 favorites A thank you to our guests Resources mentioned: https://www.proofpoint.com/us/blog/threat-insight/exploiting-covid-19-how-threat-actors-hij ..read more

In this highly entertaining episode of DISCARDED, Selena Larson and Crista Giering host a wild round of “Ask Me Anything,” with Sherrod DeGrippo, VP of Threat Research and Detection, and Daniel Blackford, Threat Researcher at Proofpoint.  Featuring insightful questions from listeners and former guests, these industry experts cover a wide range of topics, from silly to serious. Join us as we discuss: The most boring malware and common threat actor mistakes New developments in Ukraine and the Global South A proliferation of mobile malware and sports-related attacks Keep up with the latest ..read more

Social proof is a potent tool, even in the absence of direct support. When someone is pressured to do something in the presence of trusted peers, they are more likely to follow through unless someone objects. Unfortunately, threat actors have taken notice and are investing significant time and resources into looking like a trusted party to gain access to your personal information. Josh Miller and Sam Scholten join this episode to share their experiences with the evolving intellect of attackers and their multifaceted breach strategies. Using multi-persona impersonation (MPI), attackers establis ..read more

In this episode, Dr. Zachary Abzug, Manager and Tech Lead of Data Science at Proofpoint joins the show to discuss a machine learning enabled tool called Camp Discovery, AKA Camp Disco and the importance of the human interaction required for making use of machine learning in malware detection. Join us as we discuss: What exactly Camp Disco is and the need/idea behind its creation How Camp Disco played a role in the discovery of Chocolatey threat activity Why Camp Disco uses its own neural network language model instead of an existing language model Natural Language Processing and how to teach a ..read more

In this episode, Joe Wise, Threat Researcher at Proofpoint, joins the show to discuss his and Selena’s research into a small e-crime actor, TA558 and its targeting against the hospitality and travel e-crime sector since at least 2018. Join us as we discuss: Classifying threat actors and how it relates to s’mores Understanding e-crime vs. APT actors Why hospitality and travel e-crimes are still successful TA558’s TTPs and how their consistencies have aided in Proofpoint’s attribution of their activity over the years Joe shares his theories on why TA558 uses so many different malware types Che ..read more

Cybersecurity doesn't have to be spooky this Halloween. In this episode, Sherrod DeGrippo, VP of Threat Research and Detection at Proofpoint, joins the show to discuss all things cybersecurity awareness so you can be prepared, not scared, this October. So grab a sweet treat and pull up a seat, the Hallow-queen is about to give her hot takes! Join us as we discuss: The growing risk of TOADs (Telephone Oriented Attack Delivery) Benign phishing reconnaissance emails by threat actors What you need to know to adapt to this ever changing threat landscape Bring awareness to cybersecurity this October ..read more

All for wine, and wine for all. But only if it isn’t fraudulent. In July 2022, Allan Liska, an analyst at Recorded Future and wine expert, released some new research on counterfeit wine, spirits and cheese. Allan joins the show as our first ever external guest to give us an overview of what that research entailed and the different types of wine fraud he’s observed. By the end of this episode, we’ll all be partners in cybercrime and wine. Join us as we discuss: What is wine fraud and the different types of fraud that fall under the counterfeit umbrella How the pandemic impacted wine fraud due t ..read more

In this episode, Joshua Miller and Michael Raggi, Senior Threat Researchers at Proofpoint, join the show to discuss APT groups targeting and impersonating journalists. Joshua, Michael, and Crista discovered during their research how APT actors use journalist and their leads as a form of espionage to collect sensitive information. Join us as we discuss: Proofpoint’s unique report on APTs targeting journalists and insight into the motivations behind these attacks Understanding the “why” behind threat actors targeting or posing as journalists and media organizations The most common methods APT ac ..read more