DISCARDED: Tales From the Threat Research Trenches

• The Power of Partnerships: An Interview with the NSA’s Kristina Walter

  Hello to all our Cyber Magicians! Join host Selena Larson and guest host, Joshua Miller, as they speak with Kristina Walter, the Chief of NSA’s Cybersecurity Collaboration Center.  They explore the cutting-edge collaborations between the NSA and industry partners to combat cyber threats, with a deep dive into the NSA’s Cybersecurity Collaboration Center (Triple C).Kristina sheds light on the growing awareness around cyber hygiene, the importance of collective defense, and the role of partnerships between government and private sectors in tackling malicious activity. She also offers practical advice for those looking to break into government cybersecurity roles, dispelling myths about the need for a STEM background and highlighting the relevance of "core skills" like public speaking, decision-making, and risk management.Key Topics Covered:Public-private partnership success storiesNSA’s approach to global collaborationThe shift from information consumption to actionable intelligence sharingThe average American's cybersecurity concernsInsights into the collaborative efforts needed to counter cyber threatsNaming malware campaignsThe episode wraps up with tips on staying current in the fast-paced world of cybersecurity, from leveraging NSA advisories to building communities for information sharing. Whether you're an aspiring cybersecurity professional or an industry veteran, this episode is packed with actionable advice and thought-provoking perspectives.Resources mentioned:https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3805947/nsa-announces-kristina-walter-as-the-new-chief-of-cybersecurity-collaboration-c/https://www.nsa.gov/Press-Room/News-Highlights/https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3669141/nsa-and-partners-spotlight-peoples-republic-of-china-targeting-of-us-critical-i/https://www.nsa.gov/about/cybersecurity-collaboration-center/For more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  39:30
• The Battle for a Safer Internet: Inside Domain Takedowns and Threat Actor Tactics

  Hello to all our Cyber Magicians! Join host Selena Larson and guest host,Tim Kromphardt, as they speak with Hannah Rapetti, the Takedown Services Manager at Proofpoint. Hannah shares her fascinating journey from librarian to cybersecurity expert, detailing her path into the industry through certifications, CTFs (Capture the Flag), and the Women in Cybersecurity (WiCyS) community.The conversation dives into real-world examples, techniques, and strategies used to identify, track, and eliminate malicious domains.Key Topics Covered:Collaborative Efforts: How teams work together to identify scam websites, gather evidence, and escalate for takedown.Tools and Techniques: Using tools like domain search, backend kits identification, and IP-based connections to uncover related sites.Challenges in Takedowns: Managing lists of hundreds of domains across multiple providers, verifying live activity, and the need for ongoing monitoring.Threat Actor Behavior: How threat actors use multiple registrars or re-register domains to evade detection.Best Practices for Organizations:Preemptively purchasing lookalike domains.Monitoring new domain registrations for suspicious activity.Educating users to identify and avoid malicious domains.Ethical Considerations: Balancing infrastructure disruption with the need for ongoing research, particularly for cyber espionage threats.Favorite Wins: Memorable investigations, such as takedowns during the Super Bowl, fake Olympics ticket scams, and real-time disruption of pig-butchering schemes.The episode highlights the importance of domain takedowns not just for individual companies but for contributing to a safer internet ecosystem. It’s a mix of practical advice, real-life stories, and insights into the ongoing battle against cybercrime.Resources mentioned:Genina Po Discarded Episodehttps://www.proofpoint.com/us/blog/threat-insight/pig-butchers-join-gig-economy-cryptocurrency-scammers-target-job-seekers https://www.wicys.org/ https://www.proofpoint.com/us/blog/threat-insight/pig-butchers-join-gig-economy-cryptocurrency-scammers-target-job-seekers https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000677061400 https://www.proofpoint.com/us/blog/threat-insight/security-brief-scammers-create-fraudulent-olympics-ticketing-websitesFor more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  38:05
• Hackers, Heists, and Heroes: The Evolving Ransomware Game

  Hello to all our Cyber Pals! Join host Selena Larson and guest, ransomware expert, Allan Liska, CSIRT at Recorded Future, drops by to share his creative take on cyber-themed graphic novels, proving there’s nothing ransomware can’t inspire—even superheroes. In this episode, we uncover the shadowy ecosystem driving ransomware attacks, from the industrialization of cybercrime to the rise of "small-batch" threat actors redefining chaos. Explore how Operation Endgame dealt a devastating blow to malware powerhouses like Pikabot and SmokeLoader, shaking trust within underground networks and leaving cybercriminals scrambling to regroup.We’ll also decode the evolving tactics of ransomware gangs, from slick AI-powered voice disguises to the surprising shift toward consumer scams. Plus, we’ll discuss whether law enforcement’s crackdown will make ransomware too expensive for crooks, forcing them to rethink their game plans—or at least settle for less glamorous schemes like crypto theft.Don’t miss the Champagne pick that pairs perfectly with ransomware disruptions! 🥂Resources mentioned:https://www.chainalysis.com/blog/2024-crypto-crime-mid-year-update-part-1/https://www.marketplace.org/shows/marketplace-tech/how-scammers-hijack-their-victims-brains/https://www.cisa.gov/resources-tools/resources/review-attacks-associated-lapsus-and-related-threat-groups-reporthttps://www.proofpoint.com/us/blog/threat-insight/major-botnets-disrupted-global-law-enforcement-takedownhttps://www.justice.gov/opa/pr/us-charges-russian-national-developing-and-operating-lockbit-ransomwarehttps://therecord.media/russian-national-in-custody-extraditedhttps://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241ahttps://unit42.paloaltonetworks.com/north-korean-threat-group-play-ransomware/https://therecord.media/chamelgang-china-apt-ransomware-distractionhttps://urldefense.com/v3/__https://www.recordedfuture.com/research/outmaneuvering-rhysida-advanced-threat-intelligence-shields-critical-infrastructure-ransomware__;!!ORgEfCBsr282Fw!pYnNQZUQJLJTFlj5w7PcWRjyr6rh-logFnqo03_Mz19RUrK4rftQU1qbTj_iql3KNjn4Ub7a5LsDLpCJgdJQSA$For more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  57:06
• Stealth, Scale, and Strategy: Exploring China’s Covert Network Tactics

  Hello to all our Cyber Frogs! Join host Selena Larson and guest host, Sarah Sabotka, explore the evolving tactics of China-based nation-state threat actors with guest Mark Kelly, Staff Threat Researcher at Proofpoint. They focus on TA415 (APT41 or Brass Typhoon), examining its combination of cybercrime and state-sponsored espionage. From the Voldemort malware campaign to targeting critical infrastructure, Mark sheds light on how these actors leverage tools like Google Sheets for command and control, exploit vulnerabilities, and adapt to evade detection.The discussion also highlights:the strategic importance of edge devices, pre-positioning for geopolitical escalations, and the intersection of espionage, gaming, and cybercrime Operational Relay Boxes (ORBs), covert networks used by Chinese Advanced Persistent Threat (APT) groups to mask cyber activities exploitation of non-traditional systems and vulnerabilitiesthe impact of compromised consumer devices on global cybersecurityResources mentioned:https://www.nytimes.com/2024/10/26/us/politics/salt-typhoon-hack-what-we-know.htmlhttps://cyberscoop.com/salt-typhoon-us-telecom-hack-earth-estries-trend-micro-report/https://www.proofpoint.com/us/blog/threat-insight/malware-must-not-be-named-suspected-espionage-campaign-delivers-voldemorthttps://www.bleepingcomputer.com/news/security/state-hackers-turn-to-massive-orb-proxy-networks-to-evade-detection/For more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  49:28
• Scams, Smishing, and Safety Nets: How Emerging Threats Catches Phish

  Hello to all our Cyber Pals! Join host Selena Larson and guest, Genina Po, Threat Researcher at Emerging Threats at Proofpoint. She shares how she tackles emerging cyber threats, breaking down the process of turning data into detection signatures. Using tools like Suricata to create detections for malicious activity, she maps out her approach to writing rules that identify and block these threats.The goal? Equip companies to stay secure, and encourage listeners with the skills to spot and prevent scams on their own. Genina shares her journey tracking pig butchering scams through thousands of domains and URLs. She reveals patterns—certain headers and markers—that help identify these sites amid a flood of data, and she describes the challenges in detection, as scammers increasingly vary their setups to evade filters. Also discussed:proactive measures against phishing and fraud sites, with Proofpoint using "takedown" services to remove malicious domains, disrupting scams before they impact usersthe importance of questioning biases, particularly in cyber threat intelligence where assumptions can shape classifications and responsescollaboration with Chainalysis to connect various scams through cryptocurrency wallets, showing cross-over between different fraud typesResources mentioned:Book: Why Fish Don’t Exist by Lulu MillerFor more information about Proofpoint, check out our website.Subscribe & Follow:Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.

  --------  

  51:07

Więcej Technologia podcastów

Trendy w podcaście Technologia

O DISCARDED: Tales From the Threat Research Trenches

DISCARDED: Tales From the Threat Research Trenches: Podcasty w grupie