Podcast bait, malware switch.

Podcast bait, malware switch.

Joshua Miller from Proofpoint is discussing their work on “Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset.” Proofpoint identified Iranian threat actor TA453 targeting a prominent Jewish figure with a fake podcast interview invitation, using a benign email to build trust before sending a malicious link. The attack attempted to deliver new malware called BlackSmith, containing a PowerShell trojan dubbed AnvilEcho, designed for intelligence gathering and exfiltration….

Read More

RATs in the tunnel: Uncovering the cyber underworld.

RATs in the tunnel: Uncovering the cyber underworld.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is…

Read More

Operation Endgame: The ultimate troll patrol.

RATs in the tunnel: Uncovering the cyber underworld.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is…

Read More

The curious case of the missing IcedID.

RATs in the tunnel: Uncovering the cyber underworld.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is…

Read More

The return of a malware menace.

The return of a malware menace.

This week we are joined by, Selena Larson from Proofpoint, who is discussing their research, “Bumblebee Buzzes Back in Black.” Bumblebee is a sophisticated downloader used by multiple cybercriminal threat actors and was a favored payload from its first appearance in March 2022 through October 2023 before disappearing. After a four month hiatus, Proofpoint researchers found that the downloader returned. Its return aligns with a surge of cybercriminal threat activity after a notable absence of…

Read More