Podcast appearances and mentions of selena larson

  • 20PODCASTS
  • 87EPISODES
  • 26mAVG DURATION
  • 1EPISODE EVERY OTHER WEEK
  • Jun 3, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about selena larson

Latest podcast episodes about selena larson

Hacking Humans
The great CoGUI caper. [OMITB]

Hacking Humans

Play Episode Listen Later Jun 3, 2025 36:20


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts ⁠⁠N2K Networks⁠⁠ ⁠⁠Dave Bittner⁠⁠ and ⁠Keith Mularski⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠Qintel⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Chinese-speaking threat actors are targeting Japan with a massive phishing campaign using a sneaky new kit called CoGUI, which has hit organizations with over 170 million messages in a single month. The campaign mimics trusted brands like Amazon, PayPay, and Rakuten to steal login and payment info—lining up with warnings from Japan's Financial Services Agency about attackers cashing out and buying Chinese stocks. While the CoGUI kit is slick with its evasion tricks and browser profiling, your hosts are hot on its trail with new detections to help stop the phishing frenzy.

Cyber Briefing
May 08, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later May 8, 2025 9:01


Hacking Humans
The RMM protocol: Remote, risky, and ready to strike. [OMITB]

Hacking Humans

Play Episode Listen Later May 6, 2025 41:40


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠Selena Larson⁠, ⁠Proofpoint⁠ intelligence analyst and host of their podcast ⁠DISCARDED⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by ⁠N2K Networks⁠ ⁠Dave Bittner⁠ and our newest co-host, Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Quintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss the growing trend of cybercriminals using legitimate remote monitoring and management (RMM) tools in email campaigns as a first-stage payload. They explore how these tools are being leveraged for data theft, financial fraud, and lateral movement within networks. With the decline of traditional malware delivery methods, including loaders and botnets, the shift toward RMMs marks a significant change in attack strategies. Tune in to learn more about this evolving threat landscape and how to stay ahead of these tactics.

The CyberWire
The new malware on the block. [OMITB]

The CyberWire

Play Episode Listen Later Apr 12, 2025 35:03


This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
The new malware on the block.

Research Saturday

Play Episode Listen Later Apr 12, 2025 35:03


This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Hello? Is it malware you're looking for? [OMITB]

Hacking Humans

Play Episode Listen Later Apr 1, 2025 37:37


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Telephone-Oriented Attack Delivery (TOAD), also known as callback phishing. In this type of attack, an attacker sends a seemingly benign email, often containing an invoice or payment notification, along with a phone number. When the victim calls, they speak with the attacker, who convinces them to install remote access tools, leading to malware installation, phishing, and financial theft. Tune in as we explore how this deceptive tactic works and ways to protect yourself from falling victim to it.

Only Malware in the Building
Hello? Is it malware you're looking for?

Only Malware in the Building

Play Episode Listen Later Apr 1, 2025 37:37


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Telephone-Oriented Attack Delivery (TOAD), also known as callback phishing. In this type of attack, an attacker sends a seemingly benign email, often containing an invoice or payment notification, along with a phone number. When the victim calls, they speak with the attacker, who convinces them to install remote access tools, leading to malware installation, phishing, and financial theft. Tune in as we explore how this deceptive tactic works and ways to protect yourself from falling victim to it.

The CyberWire
The end of the line for Garantex.

The CyberWire

Play Episode Listen Later Mar 7, 2025 30:17


Law enforcement shutters Garantex crypto exchange. NTT discloses breach affecting corporate customers. Malvertising campaign hits nearly a million devices. AI's role in Canada's next election. Scammers target Singapore's PM in AI fraud. Botnets exploit critical IP camera vulnerability. In our International Women's Day and Women's History Month special, join Liz Stokes as she shares the inspiring stories of women shaping the future of cybersecurity. And how did Insider threats turn a glitch into a goldmine? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In this special International Women's Day edition, we shine a spotlight on the incredible women in and around our network who are shaping the future of cybersecurity. Join Liz Stokes as we celebrate Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, Gianna Whitver, CEO & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Maria Velasquez, Chief Growth Officer & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Chris Hare, Project Management Specialist and Content Developer at N2K Networks, and host of CertByte, Ann Lang, Project Manager at N2K Networks, Jennifer Eiben, Executive Producer at N2K Networks, and Maria Varmazis, host of the T-Minus Space Daily show at N2K Networks for their achievements, resilience, and the invaluable contributions they make to keeping our digital world secure. Selected Reading Russian crypto exchange Garantex's website taken down in apparent law enforcement operation (The Record) Data breach at Japanese telecom giant NTT hits 18,000 companies (BleepingComputer) Malvertising campaign leads to info stealers hosted on GitHub (Microsoft) Canadian intelligence agency warns of threat AI poses to upcoming elections (The Record)  Deepfakes of Singapore PM Used to Sell Crypto, Residency Program (Bloomberg)  Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets (SecurityWeek) Magecart: How Akamai Protected a Global Retailer Against a Live Attack (Akamai)  Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets (BleepingComputer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
The new malware on the block. [Only Malware in the Building]

Hacking Humans

Play Episode Listen Later Mar 4, 2025 35:03


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns.

Only Malware in the Building
The new malware on the block.

Only Malware in the Building

Play Episode Listen Later Mar 4, 2025 35:03


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns.

The CyberWire
From small-time scams to billion-dollar threats. [Research Saturday]

The CyberWire

Play Episode Listen Later Feb 22, 2025 27:06


This week, we are joined by Selena Larson from Proofpoint, and co-host of the "Only Malware in the Building" podcast, as she discusses the research on "Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk." The cybersecurity industry has historically prioritized Advanced Persistent Threats (APTs) from nation-state actors over cybercrime, but this distinction is outdated as cybercriminals now employ equally sophisticated tactics. Financially motivated threat actors, especially ransomware groups, have evolved to the point where they rival state-backed hackers in technical capability and impact, disrupting businesses, infrastructure, and individuals on a massive scale. To enhance security, defenders must shift focus from an APT-centric mindset to a broader approach that equally prioritizes combating cybercrime, which poses an immediate and tangible risk to global stability. The research can be found here: Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
From small-time scams to billion-dollar threats.

Research Saturday

Play Episode Listen Later Feb 22, 2025 27:06


This week, we are joined by Selena Larson from Proofpoint, and co-host of the "Only Malware in the Building" podcast, as she discusses the research on "Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk." The cybersecurity industry has historically prioritized Advanced Persistent Threats (APTs) from nation-state actors over cybercrime, but this distinction is outdated as cybercriminals now employ equally sophisticated tactics. Financially motivated threat actors, especially ransomware groups, have evolved to the point where they rival state-backed hackers in technical capability and impact, disrupting businesses, infrastructure, and individuals on a massive scale. To enhance security, defenders must shift focus from an APT-centric mindset to a broader approach that equally prioritizes combating cybercrime, which poses an immediate and tangible risk to global stability. The research can be found here: Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Cyber Groundhog Day and romance scams. [Only Malware in the Building]

Hacking Humans

Play Episode Listen Later Feb 4, 2025 46:58


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode and since it is February (the month of love as Selena calls it), we talk about romance scams known throughout the security world as pig butchering. And, Rick's experiencing a bit of a Cyber Groundhog Day in his newly-realized retirement.

Only Malware in the Building
Cyber Groundhog Day and romance scams.

Only Malware in the Building

Play Episode Listen Later Feb 4, 2025 46:58


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode and since it is February (the month of love as Selena calls it), we talk about romance scams known throughout the security world as pig butchering. And, Rick's experiencing a bit of a Cyber Groundhog Day in his newly-realized retirement.

Hacking Humans
Malware metamorphosis: 2024 reflections and 2025 predictions. [Only Malware in the building]

Hacking Humans

Play Episode Listen Later Jan 7, 2025 54:56


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the year's most impactful cyber trends and incidents—from the Snowflake hack and Operation Endgame to the rise of multi-channel scams and explosive growth in web inject attacks. Ransomware continued to wreak havoc, especially in healthcare, while callback phishing and MFA-focused credential attacks kept defenders on high alert. Join us as we reflect on these challenges and look ahead to what's next in 2025.

Only Malware in the Building
Malware metamorphosis: 2024 reflections and 2025 predictions.

Only Malware in the Building

Play Episode Listen Later Jan 7, 2025 54:56


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the year's most impactful cyber trends and incidents—from the Snowflake hack and Operation Endgame to the rise of multi-channel scams and explosive growth in web inject attacks. Ransomware continued to wreak havoc, especially in healthcare, while callback phishing and MFA-focused credential attacks kept defenders on high alert. Join us as we reflect on these challenges and look ahead to what's next in 2025.

The CyberWire
A cyber carol.

The CyberWire

Play Episode Listen Later Dec 27, 2024 51:22


Please enjoy this encore episode of Only Malware in the Building. Welcome in! You've entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our cyber ghosts delve into the past, present, and future of some of the season's most pressing threats: two-factor authentication (2FA), social engineering scams, and the return to consumer-targeted attacks. Together, Rick, Dave, and Selena deliver a ghostly—but insightful—message about the state of cybersecurity, past, present, and future. Can their advice save your holiday season from digital disaster? Tune in and find out. May your holidays be merry, bright, and free of cyber fright! Learn more about your ad choices. Visit megaphone.fm/adchoices

Risky Business News
Sponsored: Proofpoint on the rise of ClickFix attacks

Risky Business News

Play Episode Listen Later Dec 8, 2024 13:16


In this Risky Business News sponsor interview, Catalin Cimpanu talks with Proofpoint senior threat intelligence analyst Selena Larson about the rise of Attacker-in-the-Middle phishing and ClickFix social engineering campaigns. Show notes Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape

Hacking Humans
A cyber carol. [Only Malware in the Building]

Hacking Humans

Play Episode Listen Later Dec 3, 2024 51:22


Welcome in! You've entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our cyber ghosts delve into the past, present, and future of some of the season's most pressing threats: two-factor authentication (2FA), social engineering scams, and the return to consumer-targeted attacks. Together, Rick, Dave, and Selena deliver a ghostly—but insightful—message about the state of cybersecurity, past, present, and future. Can their advice save your holiday season from digital disaster? Tune in and find out. May your holidays be merry, bright, and free of cyber fright!

Only Malware in the Building

Welcome in! You've entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our cyber ghosts delve into the past, present, and future of some of the season's most pressing threats: two-factor authentication (2FA), social engineering scams, and the return to consumer-targeted attacks. Together, Rick, Dave, and Selena deliver a ghostly—but insightful—message about the state of cybersecurity, past, present, and future. Can their advice save your holiday season from digital disaster? Tune in and find out. May your holidays be merry, bright, and free of cyber fright!

Hacking Humans
Whispers in the wires: A closer look at the new age of intrusion. [OMITB]

Hacking Humans

Play Episode Listen Later Nov 5, 2024 40:10


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about how threat actors are shifting tactics across the landscape, focusing more on advanced social engineering and refined initial access strategies than on sophisticated malware. We'll dive into Proofpoint's latest blog detailing a transport sector breach that, while involving relatively standard malware, showcases this growing trend of nuanced techniques and toolsets.

Only Malware in the Building
Whispers in the wires: A closer look at the new age of intrusion.

Only Malware in the Building

Play Episode Listen Later Nov 5, 2024 40:10


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about how threat actors are shifting tactics across the landscape, focusing more on advanced social engineering and refined initial access strategies than on sophisticated malware. We'll dive into Proofpoint's latest blog detailing a transport sector breach that, while involving relatively standard malware, showcases this growing trend of nuanced techniques and toolsets.

Cyber Briefing
October 04, 2024 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Oct 4, 2024 9:40


Hacking Humans
The Dark Arts of cyber. [Only Malware in the Building]

Hacking Humans

Play Episode Listen Later Oct 1, 2024 32:46


Welcome, witches, wizards, and cybersecurity sleuths! You've entered, Only Malware in the Building. Join us each month to brew potions of knowledge and crack the curses of today's most intriguing cyber mysteries. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we dive into how Proofpoint researchers uncovered an espionage campaign casting custom malware known as "Voldemort" in August 2024. The Dark Arts practitioner behind this campaign targeted global organizations, disguising themselves as mundane tax authorities and weaving clever enchantments like using Google Sheets for command and control (C2). While their ultimate motive remains as shadowy as a cursed Horcrux, this malware is built for intelligence gathering and is primed to unleash additional attacks — likely summoning something even darker, like Cobalt Strike. Prepare your wands, and let's dive into this tale of digital sorcery!

Only Malware in the Building
The Dark Arts of cyber.

Only Malware in the Building

Play Episode Listen Later Oct 1, 2024 32:46


Welcome, witches, wizards, and cybersecurity sleuths! You've entered, Only Malware in the Building. Join us each month to brew potions of knowledge and crack the curses of today's most intriguing cyber mysteries. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we dive into how Proofpoint researchers uncovered an espionage campaign casting custom malware known as "Voldemort" in August 2024. The Dark Arts practitioner behind this campaign targeted global organizations, disguising themselves as mundane tax authorities and weaving clever enchantments like using Google Sheets for command and control (C2). While their ultimate motive remains as shadowy as a cursed Horcrux, this malware is built for intelligence gathering and is primed to unleash additional attacks — likely summoning something even darker, like Cobalt Strike. Prepare your wands, and let's dive into this tale of digital sorcery!

Marketplace All-in-One
How online scammers hijack your brain

Marketplace All-in-One

Play Episode Listen Later Sep 27, 2024 10:39


Scammers are good at manipulating teens. Join host Yanely Espinal and Proofpoint's Selena Larson to learn how to stay ahead of the scammers.  Think you're financially inclined? Dig deeper into the world of cybersecurity: This article in Vox talks about the prevalence of scams amongst Gen Z Learn about common types of scams 4 online scams teens are falling for and how to avoid them Are you in an educational setting? Here's a handy listening guide. Thanks for listening to this episode of “Financially Inclined”! We'd love to hear what you learned from it or any questions you'd like us to answer in a future episode. You can shoot us an email at financiallyinclined@marketplace.org or tell us using this online form. This podcast is presented in partnership with Greenlight: the money app for teens — with investing. For a limited time, our listeners can earn $10 when they sign up today for a Greenlight account.

Financially Inclined
How online scammers hijack your brain

Financially Inclined

Play Episode Listen Later Sep 27, 2024 10:39


Scammers are good at manipulating teens. Join host Yanely Espinal and Proofpoint's Selena Larson to learn how to stay ahead of the scammers.  Think you're financially inclined? Dig deeper into the world of cybersecurity: This article in Vox talks about the prevalence of scams amongst Gen Z Learn about common types of scams 4 online scams teens are falling for and how to avoid them Are you in an educational setting? Here's a handy listening guide. Thanks for listening to this episode of “Financially Inclined”! We'd love to hear what you learned from it or any questions you'd like us to answer in a future episode. You can shoot us an email at financiallyinclined@marketplace.org or tell us using this online form. This podcast is presented in partnership with Greenlight: the money app for teens — with investing. For a limited time, our listeners can earn $10 when they sign up today for a Greenlight account.

Hacking Humans
RATs in the tunnel: Uncovering the cyber underworld. [OMITB]

Hacking Humans

Play Episode Listen Later Sep 3, 2024 38:05


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the abuse of legitimate services for malware delivery. Proofpoint has seen an increase in the abuse of tools like ScreenConnect and NetSupport, as well as Cloudflare Tunnel abuse and the use of IP filtering. They have also observed a rise in financially motivated malware delivery using TryCloudflare Tunnel abuse, focusing on remote access trojans (RATs) like Xworm and AsyncRAT. Today we look at how Cloudflare tunnels are used to evade detection and how they have evolved their tactics by incorporating obfuscation techniques, with ongoing research to identify the threat actors involved.

Only Malware in the Building
RATs in the tunnel: Uncovering the cyber underworld.

Only Malware in the Building

Play Episode Listen Later Sep 3, 2024 38:05


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the abuse of legitimate services for malware delivery. Proofpoint has seen an increase in the abuse of tools like ScreenConnect and NetSupport, as well as Cloudflare Tunnel abuse and the use of IP filtering. They have also observed a rise in financially motivated malware delivery using TryCloudflare Tunnel abuse, focusing on remote access trojans (RATs) like Xworm and AsyncRAT. Today we look at how Cloudflare tunnels are used to evade detection and how they have evolved their tactics by incorporating obfuscation techniques, with ongoing research to identify the threat actors involved.

Hacking Humans
AI: The new partner in cybercrime? [OMITB]

Hacking Humans

Play Episode Listen Later Aug 6, 2024 38:50


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the use of AI in cyberattacks Proofpoint recently released two articles on two cyber campaigns: one by the group UNK_SweetSpecter targeting U.S. organizations involved in AI with the SugarGh0st RAT, and another by TA547 targeting German organizations with Rhadamanthys malware. Today we look at what the focus of threat actor objectives are and what that means for defenders.

Only Malware in the Building
AI: The new partner in cybercrime?

Only Malware in the Building

Play Episode Listen Later Aug 6, 2024 38:50


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the use of AI in cyberattacks Proofpoint recently released two articles on two cyber campaigns: one by the group UNK_SweetSpecter targeting U.S. organizations involved in AI with the SugarGh0st RAT, and another by TA547 targeting German organizations with Rhadamanthys malware. Today we look at what the focus of threat actor objectives are and what that means for defenders. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Olympic scammers go for gold. [Research Saturday]

The CyberWire

Play Episode Listen Later Jul 20, 2024 23:30


This week, we are joined by Selena Larson, Staff Threat Researcher, Lead Intelligence Analysis and Strategy at Proofpoint, as well as host of the "Only Malware in the Building" podcast, as she is discussing their research on "Scammers Create Fraudulent Olympics Ticketing Websites." Proofpoint recently identified a fraudulent website selling fake tickets to the Paris 2024 Summer Olympics and quickly suspended the domain. This site was among many identified by the French Gendarmerie Nationale and Olympics partners, who have shut down 51 of 338 fraudulent websites, with 140 receiving formal notices from law enforcement. The research can be found here: Security Brief: Scammers Create Fraudulent Olympics Ticketing Websites Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
Olympic scammers go for gold.

Research Saturday

Play Episode Listen Later Jul 20, 2024 23:30


This week, we are joined by Selena Larson, Staff Threat Researcher, Lead Intelligence Analysis and Strategy at Proofpoint, as well as host of the "Only Malware in the Building" podcast, as she is discussing their research on "Scammers Create Fraudulent Olympics Ticketing Websites." Proofpoint recently identified a fraudulent website selling fake tickets to the Paris 2024 Summer Olympics and quickly suspended the domain. This site was among many identified by the French Gendarmerie Nationale and Olympics partners, who have shut down 51 of 338 fraudulent websites, with 140 receiving formal notices from law enforcement. The research can be found here: Security Brief: Scammers Create Fraudulent Olympics Ticketing Websites Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Encore: The curious case of the missing IcedID. [Only Malware in the Building]

The CyberWire

Play Episode Listen Later Jul 4, 2024 21:58


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "The curious case of the missing IcedID." IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023. Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off. Today we look back at what happened to the once prominent payload, and what its successor's spinning web of activity means for the overall landscape. And be sure to check out the latest episode of Only Malware in the Building here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Operation Endgame: The ultimate troll patrol. [Only Malware in the Building]

Hacking Humans

Play Episode Listen Later Jul 2, 2024 28:34


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "Operation Endgame." Operation Endgame is a strategy by Western law enforcement to counter Russian cybercriminals through psychological tactics. This involves creating distrust among hackers, exposing their internal communications, and dismantling their anonymity to hinder their operations. You can find more information on Operation Endgame here. Today we look at the new tactics used to disrupt these criminals by eroding trust among them and undermining their anonymity.

Only Malware in the Building
Operation Endgame: The ultimate troll patrol.

Only Malware in the Building

Play Episode Listen Later Jul 2, 2024 30:34


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "Operation Endgame." Operation Endgame is a strategy by Western law enforcement to counter Russian cybercriminals through psychological tactics. This involves creating distrust among hackers, exposing their internal communications, and dismantling their anonymity to hinder their operations. You can find more information on Operation Endgame here. Today we look at the new tactics used to disrupt these criminals by eroding trust among them and undermining their anonymity. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Ransomware hit causes pathology paralysis.

The CyberWire

Play Episode Listen Later Jun 4, 2024 33:43


Ransomware disrupts London hospitals. Researchers discover serious vulnerabilities in Progress' Telerik Report Server and Atlassian Confluence Data Center and Server. Over three million people are affected by a breach at a debt collection agency. A report finds Rural hospitals vulnerable to ransomware. An Australian mining firm finds some of its data on the Dark Web. Google patches 37 Android vulnerabilities. Russian threat actors target the Summer Olympics in Paris. On our Industry Voices segment, we are joined by Sandy Bird, CTO at Sonrai. Sandy discusses the risks of unused identity infrastructure. The Amazon rainforest goes online. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Sandy Bird, CTO at Sonrai. Sandy discusses the risks of unused identity infrastructure. You can learn more about Sonrai's work in this area by reviewing their Quantifying Cloud Access Risk: Overprivileged Identities and Zombie Identities report. Selected Reading Critical incident declared as ransomware attack disrupts multiple London hospitals (The Record) CVE-2024-4358, CVE-2024-1800: Exploit Code Available for Critical Exploit Chain in Progress Telerik Report Server (Tenable) Atlassian's Confluence hit with critical remote code execution bugs (CSO Online) Debt collection agency FBCS leaks information of 3 million US citizens (Malwarebytes) Rural hospitals are particularly vulnerable to ransomware, report finds (CyberScoop) Australian rare earths miner hit by cybersecurity breach (Mining Weekly) 37 Vulnerabilities Patched in Android (SecurityWeek) Russia used fake AI Tom Cruise in Olympic disinformation campaign (Computer Weekly) The Internet's Final Frontier: Remote Amazon Tribes (New York Times) Listen to our newest podcast, “Only Malware in the Building.” N2K and Proofpoint have teamed up to launch “Only Malware in the Building,” the newest podcast on the N2K CyberWire network. Each month our hosts Selena Larson, Proofpoint's staff threat researcher, and N2K's Rick Howard and Dave Bittner, explore the mysteries around today's most intriguing cyber threats. Listen to the first episode and subscribe now. Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Hacking Humans
The curious case of the missing IcedID. [Only Malware in the Building]

Hacking Humans

Play Episode Listen Later Jun 4, 2024 21:58


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "The curious case of the missing IcedID." IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023. Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off. Today we look back at what happened to the once prominent payload, and what its successor's spinning web of activity means for the overall landscape.

Only Malware in the Building
The curious case of the missing IcedID.

Only Malware in the Building

Play Episode Listen Later Jun 4, 2024 21:58


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.  Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "The curious case of the missing IcedID." IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023. Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off. Today we look back at what happened to the once prominent payload, and what its successor's spinning web of activity means for the overall landscape. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Briefing
May 30, 2024 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later May 30, 2024 8:13


Risky Business News
Sponsored: Proofpoint on the current threat actor landscape

Risky Business News

Play Episode Listen Later May 19, 2024 19:18


In this Risky Business News sponsor interview, Catalin Cimpanu talks with Proofpoint senior threat intelligence analyst Selena Larson about the latest changes in the threat actor landscape in the aftermath of several law enforcement takedowns and Microsoft tech stack changes. Show notes DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more about the threat behaviors and attack patterns.

Marketplace Tech
How scammers hijack their victims' brains

Marketplace Tech

Play Episode Listen Later May 9, 2024 18:00


Today's episode of Marketplace Tech is all about financial scams: how they work, what kinds of technology scammers use, and how to spot a scam before you fall victim to one. We're passing the microphone to victims of scams to tell their stories and then breaking down how the scammers pulled it off with Marketplace's Lily Jamali and Selena Larson, staff threat researcher at Proofpoint. Support our nonprofit newsroom today and pick up a fun thank-you gift like our new Shrinkflation mini tote bag or the fan favorite KaiPA pint glass!

Marketplace All-in-One
How scammers hijack their victims' brains

Marketplace All-in-One

Play Episode Listen Later May 9, 2024 18:00


Today's episode of Marketplace Tech is all about financial scams: how they work, what kinds of technology scammers use, and how to spot a scam before you fall victim to one. We're passing the microphone to victims of scams to tell their stories and then breaking down how the scammers pulled it off with Marketplace's Lily Jamali and Selena Larson, staff threat researcher at Proofpoint. Support our nonprofit newsroom today and pick up a fun thank-you gift like our new Shrinkflation mini tote bag or the fan favorite KaiPA pint glass!

Cyber Briefing
April 11, 2024 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Apr 11, 2024 9:00


The CyberWire
Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst] [Career Notes]

The CyberWire

Play Episode Listen Later Apr 7, 2024 7:40


Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us. 

Career Notes
Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst]

Career Notes

Play Episode Listen Later Apr 7, 2024 7:40


Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
The return of a malware menace. [Research Saturday]

The CyberWire

Play Episode Listen Later Mar 2, 2024 21:08


This week we are joined by, Selena Larson from Proofpoint, who is discussing their research, "Bumblebee Buzzes Back in Black." Bumblebee is a sophisticated downloader used by multiple cybercriminal threat actors and was a favored payload from its first appearance in March 2022 through October 2023 before disappearing. After a four month hiatus, Proofpoint researchers found that the downloader returned. Its return aligns with a surge of cybercriminal threat activity after a notable absence of many threat actors and malware. The research can be found here: Bumblebee Buzzes Back in Black  Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
The return of a malware menace.

Research Saturday

Play Episode Listen Later Mar 2, 2024 21:08


This week we are joined by, Selena Larson from Proofpoint, who is discussing their research, "Bumblebee Buzzes Back in Black." Bumblebee is a sophisticated downloader used by multiple cybercriminal threat actors and was a favored payload from its first appearance in March 2022 through October 2023 before disappearing. After a four month hiatus, Proofpoint researchers found that the downloader returned. Its return aligns with a surge of cybercriminal threat activity after a notable absence of many threat actors and malware. The research can be found here: Bumblebee Buzzes Back in Black  Learn more about your ad choices. Visit megaphone.fm/adchoices

Risky Business News
Risky Biz Sponsor Interview: The e-crime ecosystem is changing

Risky Business News

Play Episode Listen Later Oct 1, 2023


In this Risky Business News sponsor interview Tom Uren talks to Selena Larson, Senior Threat Intelligence Analyst at Proofpoint, about the state of play in the cybercrime ecosystem. People and organisations are getting better at protecting themselves from scams and compromises, but criminals will use every possible avenue to reach people and scam them.

crime ecosystem risky proofpoint selena larson tom uren
Hacking Humans
Hunting the hackers.

Hacking Humans

Play Episode Listen Later Aug 24, 2023 50:06


Selena Larson and Tim Utzig discussing "Twitter Scammers Stole $1,000 From My Friend—So I Hunted Them Down." Joe and Dave share a bit of follow up this week, they discuss Hawaii fire scams, and listener Steve writes in regarding some comments about the recent scammer quiz Joe and Dave took, lastly listener John writes in and shares his thoughts on a discussion a couple weeks ago regarding Google Maps. Joe has two stories this week, one is regarding how Joe was close to being scammed by a fake website, the second story is from listener George who wrote in this week sharing about the Bank of Ireland and the latest banking scam causing a technical issue tricking people into thinking they had money, when they really didn't. Dave's story is from the FBI, on a new scam where people are being tricked through mobile beta-testing applications. Our catch of the day comes from listener Richard, who writes in with a "a new tip on Crypto." Links to stories: Bank of Ireland glitch let customers withdraw money they didn't have Cyber Criminals Targeting Victims through Mobile Beta-Testing Applications Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

WE'RE IN!
Selena Larson on Cyber Intelligence, "Evil" Threat Actors and TOAD Attacks

WE'RE IN!

Play Episode Listen Later Jan 19, 2023 41:24


In the latest episode of WE'RE IN!, Selena Larson shares insights into malicious hackers and scammers she's tracking as senior threat intelligence analyst for Proofpoint. Business email compromise, ransomware, sextortion, multi-factor authentication bypass techniques – dealing with the onslaught of modern cyberthreats “is very much like playing whack-a-mole,” she said. By unpacking attackers' motivations and psychological profiles, defenders can train themselves and their teams to avoid falling into common traps. -------More reasons you should listen: * Hear Selena discuss what makes threat intelligence actionable, versus extra noise for a SOC* Find out about an alarming cyber espionage campaign that recently targeted journalists* Learn why Selena despises evil TOADs – “telephone-oriented attack delivery” attacks

DISCARDED: Tales From the Threat Research Trenches
Confidence, confusion, cashout: How pig butchering is blindsiding victims

DISCARDED: Tales From the Threat Research Trenches

Play Episode Listen Later Jan 10, 2023 43:37


Threat actors are disarming their victims with a new approach: The long game. Instead of asking for money or gift cards upfront, they build a connection and confidence until they cash in on the big payout. In this episode of Discarded, Selena Larson and Crista Giering are joined by Proofpoint team members: Tim Kromphardt, Email Fraud Researcher, and Genina Po, Threat Analyst, to discuss socially engineered attacks and how victims are tricked. Join us as we discuss:Understanding what pig butchering isHow the scam blindsides victimsThe evolution of the fraud from China to other countries in AsiaResources mentioned: https://www.rappler.com/business/chinese-mafia-trafficking-filipinos-lure-lonely-professionals-cryptocurrency-scam/https://finance.yahoo.com/news/chinese-mafia-forcing-filipinos-crypto-034555327.htmlhttps://www.youtube.com/watch?v=720qUBQZJZ0https://www.proofpoint.com/us/blog/threat-insight/broken-dreams-and-piggy-banks-pig-butchering-crypto-fraud-growing-onlinehttps://www.vice.com/en/article/n7zb5d/pig-butchering-scam-cambodia-traffickingKeep up with the latest tales from the threat research trenches by subscribing to DISCARDED in Apple Podcasts, Spotify, or wherever you get podcasts. Thanks for listening!

DISCARDED: Tales From the Threat Research Trenches
AMA Answers From the Threat Research Trenches

DISCARDED: Tales From the Threat Research Trenches

Play Episode Listen Later Dec 13, 2022 51:26


In this highly entertaining episode of DISCARDED, Selena Larson and Crista Giering host a wild round of “Ask Me Anything,” with Sherrod DeGrippo, VP of Threat Research and Detection, and Daniel Blackford, Threat Researcher at Proofpoint. Featuring insightful questions from listeners and former guests, these industry experts cover a wide range of topics, from silly to serious.Join us as we discuss:The most boring malware and common threat actor mistakesNew developments in Ukraine and the Global SouthA proliferation of mobile malware and sports-related attacksKeep up with the latest tales from the threat research trenches by subscribing to DISCARDED in Apple Podcasts, Spotify, or wherever you get podcasts. Thanks for listening!

Protecting People
Five Minute Forecast for the week of 10/10/2022

Protecting People

Play Episode Listen Later Oct 10, 2022


Five Minute Forecast for the week of October 10th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Pro-Russia attackers ground several U.S. airport websites 1.2 million credit cards given away in dark web marketing promotion Crypto thieves strike it big after a breach at Binance  And senior threat intelligence analyst Selena Larson shares key insights from a comprehensive review of pandemic-related social engineering.

Protecting People
Five Minute Forecast for the week of 8/8/2022

Protecting People

Play Episode Listen Later Aug 8, 2022 5:44 Transcription Available


Five Minute Forecast for the week of August 8th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. U.S. and Australian cybersecurity agencies reveal last year's most prolific malware Cloud software giant Twilio hit with a sophisticated SMS phishing attack Security flaws could allow attackers to send fake messages through the Emergency Alert System And senior threat intelligence analyst Selena Larson joins us to discuss a new malware campaign targeting cryptocurrency and decentralized finance.

Protecting People
Five Minute Forecast for the week of 8/1/2022

Protecting People

Play Episode Listen Later Aug 1, 2022 5:59 Transcription Available


Five Minute Forecast for the week of August 1st. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. The FCC says SMS phishing attacks are on the rise and targeting U.S. consumers A new phishing-as-a-service platform targets big name banks New data shows a second quarter decline in average ransomware payments And senior threat intelligence analyst Selena Larson joins us to discuss how Microsoft's macro blocking policy is affecting the threat landscape.

Protecting People
Five Minute Forecast for the week of 06/27/2022

Protecting People

Play Episode Listen Later Jun 27, 2022 5:55 Transcription Available


Five Minute Forecast for the week of June 27th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. FTC advises LGBTQ+ dating app users to beware of cyber extortion Lockbit ransomware gets into the bug bounty game UK delivery services Yodel is hit by cyber attack Joining us is Selena Larson from the Proofpoint Threat Research team, to discuss the latest news on social engineering strategies.

DISCARDED: Tales From the Threat Research Trenches
Discussing RTF Template Injection: A Malicious Phishing Attempt

DISCARDED: Tales From the Threat Research Trenches

Play Episode Listen Later Mar 2, 2022 25:51 Transcription Available


If you asked for M&M's and received Skittles, you might pop a few in your mouth, but it won't take long to realize something's off. This is exactly what's happening with RTF files: Instead of the intended attachment, unaware companies are delivering these files and realizing later that they were actually malicious. On this episode of Protecting People, hosts Selena Larson and Crista Giering chat with Michael Raggi, Senior Threat Research Engineer at Proofpoint, about RTF files, template injection, and campaigns using the technique in an effort to make sure customers aren't being surprised with “Skittles.” Join us as we discuss: The importance of template injection Campaigns using the technique Widespread adoption of the RTF injection Mitigating and monitoring the technique Resource mentioned: https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

Protecting People
#ThreatDigest: A Comprehensive Guide to Phish Kits

Protecting People

Play Episode Listen Later Jan 18, 2022 22:55 Transcription Available


You can buy a phish kit online for 10 bucks. But beware, since it'll probably come back to bite you in ways you might not expect. In this episode, hosts Selena Larson and Crista Giering chat with Jared Peck, Senior Threat Researcher at Proofpoint, about the pros and cons of phish kits — and why there's no honor among thieves. Join us as we discuss: What a phish kit is and how it works Ways a phish kit relates to MFA tokens and other authorizations Monetization, credentials for initial access, and the attack chain How organizations and people can defend against phishing attacks Resource mentioned: Have Money for a Latte? Then You Too Can Buy a Phish Kit | Proofpoint US For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

Protecting People
#ThreatDigest: Discussing RTF Template Injection: A Malicious New Technique

Protecting People

Play Episode Listen Later Dec 14, 2021 25:44 Transcription Available


If you asked for M&M's and received Skittles, you might pop a few in your mouth, but it won't take long to realize something's off. This is exactly what's happening with RTF files: Instead of the intended attachment, unaware companies are delivering these files and realizing later that they were actually malicious. On this episode of Protecting People, hosts Selena Larson and Crista Giering chat with Michael Raggi, Senior Threat Research Engineer at Proofpoint, about RTF files, template injection, and campaigns using the technique in an effort to make sure customers aren't being surprised with “Skittles.” Join us as we discuss: The importance of template injection Campaigns using the technique Widespread adoption of the RTF injection Mitigating and monitoring the technique   Resource mentioned: https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread   https://www.youtube.com/watch?v=bqyOtkibGro&feature=youtu.be https://twitter.com/sansforensics/status/1470901574717382663 For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

Protecting People
Five Minute Forecast for the week of 12/06/2021

Protecting People

Play Episode Listen Later Dec 9, 2021 5:00 Transcription Available


Five Minute Forecast for the week of December 6th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Hundreds of thousands of patient records stolen from Planned Parenthood Thieves make off with a $200 million haul in the latest crypto heist Labor activists communicate with service industry workers through hacked point-of-sale printers Joining us is Proofpoint Senior Threat Intelligence Analyst, Selena Larson, for an update on pandemic-themed cyber attacks.

Protecting People
#ThreatDigest: How to Bait a TOAD: Avoiding and Reporting Phone Threats

Protecting People

Play Episode Listen Later Nov 23, 2021 20:15 Transcription Available


Have you ever been bitten by a TOAD? No, we're not talking about the marsh-dwelling amphibian. We're discussing telephone oriented attack deliveries (TOADs) in which scammers use real phone numbers to gain access to information and accounts. TOADS represent an atypical — but very poisonous — online threat especially to men in the 20-50 age range. Featuring believable fake invoices and U.S.-based phone numbers, these scammers can hop off with hundreds or thousands of your dollars. On this episode of Protecting People, hosts Selena Larson and Crista Giering chat with Tim Kromphardt, Email Threat Researcher at Proofpoint, about TOADS, how to avoid them, bait them, or report them. Join us as we discuss: The two kinds of TOAD threats How investigators locate and shut down TOAD scammers What the scambaiting community does Where and how to report a TOAD attack   Resources mentioned: Caught Beneath the Landline: A 411 on Telephone Oriented Attack Delivery   For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

Protecting People
Five Minute Forecast for the week of 11/22/2021

Protecting People

Play Episode Listen Later Nov 22, 2021 5:43 Transcription Available


Five Minute Forecast for the week of November 22nd. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Emotet back from the dead almost a year after shutdown Six million routers left at risk in the U.K. GoDaddy breach exposes data of 1.2 million customers Joining us is Selena Larson, Proofpoint Senior Threat Intelligence Analyst, for an update on North Korea-aligned threat activity.

Protecting People
Five Minute Forecast for the week of 11/1/2021

Protecting People

Play Episode Listen Later Nov 1, 2021 5:40 Transcription Available


Five Minute Forecast for the week of November 1st. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Israeli businesses hit by attacks from state-sponsored cyber criminals German police set their sights on an REvil kingpin HelloKitty ransomware sharpens its claws Joining us is Selena Larson, Proofpoint Senior Threat Intelligence Analyst, to talk about a new threat actor impersonating government departments in the Philippines.

Protecting People
#ThreatDigest: Trends Among Iranian Espionage Threat Actors

Protecting People

Play Episode Listen Later Oct 29, 2021 24:49 Transcription Available


APT stands for advanced persistent threat and refers to threat actors who are acting in the interests of other political states. In other words, espionage. In this episode of our #ThreatDigest series, hosts Selena Larson and Crista Giering, Senior Threat Intelligence Analysts at Proofpoint, interview Joshua Miller, Senior Threat Researcher at Proofpoint, about the advanced persistent threat landscape in Iran. Join us as we discuss: Determining whether malware is motivated for finances or for espionage How Iranian threat actors have shifted their strategy since COVID What we can infer about Iranian government priorities from threat actors Why Iranian threat actors are taking more risks Where to start in tracking APTs in the world of cyber threat intelligence  Check out the resources we mentioned during the podcast: Operation SpoofedScholars: A Conversation with TA453  BadBlood: TA453 Targets US and Israeli Medical Research Personnel  I Knew You Were Trouble: TA456 Targets Defense Contractor  Media Coverage Doesn't Deter Actor From Threatening Democratic Voters  DHS blames Iran for threatening emails sent to Democratic voters  A Cyber Threat Intelligence Self-Study Plan: Part 1  STAR Webcast: Dissecting BadBlood: an Iranian APT Campaign  Better Than Binary - Elevating State-Sponsored Attribution via Spectrum of State Responsibility   For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player. Listening on a desktop & can't see the links? Just search for Protecting People in your favorite podcast player.

Protecting People
Five Minute Forecast for the week of 10/25/2021

Protecting People

Play Episode Listen Later Oct 26, 2021 5:58 Transcription Available


Five Minute Forecast for the week of October 25th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Russia launches new cyber attacks in defiance of U.S. sanctions A cyber criminal gang recruits unwitting security professionals to carry out attacks Evil Corp launches a new strain of ransomware Joining us is Selena Larson, Proofpoint Senior Threat Intelligence Analyst, to talk about a legitimate “red team” security tool being used by cyber criminals.

Protecting People
Five Minute Forecast for the week of 10/4/2021

Protecting People

Play Episode Listen Later Oct 4, 2021 5:26 Transcription Available


Five Minute Forecast for the week of October 4th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. The U.K. makes plans to strike back against future cyber attacks President Biden rallies international support in the fight against ransomware Six thousand Coinbase customers fall victim to an account recovery vulnerability Joining us is Selena Larson, Proofpoint Senior Threat Analyst, to talk about a series of campaigns by prolific threat actor, TA544.

Protecting People
#ThreatDigest: Stop Making These Initial Access Mistakes

Protecting People

Play Episode Listen Later Sep 22, 2021 28:20 Transcription Available


Gone are the days of 2016 when we saw 12 million ransomware attachments randomly blasted out per day. It's 2021 now, when threat actors selectively deploy ransomware against high value targets across the victim organization's entire network in order to secure initial access. Why is initial access so often overlooked in protecting against the multiplicity of ransomware threats? In the inaugural episode of our Threat Digest series, series hosts Selena Larson and Crista Giering, Senior Threat Intelligence Analysts at Proofpoint, interview Daniel Blackford, Senior Threat Researcher at Proofpoint, about initial access and what can happen afterwards. Join us as we discuss: The evolution of ecrime in the past five years Initial access, dwell time, and the prevalence of Cobalt Strike activity What white glove ransomware treatment is like Tips for protecting your org against multiple malign actors at various stages of an attack Check out the report we mentioned during the podcast: -The First Step: Initial Access Leads to Ransomware For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player. Listening on a desktop & can't see the links? Just search for Protecting People in your favorite podcast player.

Protecting People
Five Minute Forecast for the week of 8/30/2021

Protecting People

Play Episode Listen Later Aug 30, 2021 5:04 Transcription Available


Five Minute Forecast for the week of August 30th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Tech's biggest hitters join the fight against cyber attacks Samsung reveals a secret ‘kill switch' hidden in its televisions Attackers are still profiting from fear and doubt over the pandemic  Joining us is Selena Larson, Proofpoint Senior Threat Intelligence Analyst, to discuss how cyber criminals are continuing to use the pandemic in their attacks.

Protecting People
Five Minute Forecast for the week of 8/23/2021

Protecting People

Play Episode Listen Later Aug 23, 2021 5:07 Transcription Available


Five Minute Forecast for the week of August 23rd. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Anonymous sources confirm a potentially serious breach at the State Department Data theft puts telecom giants in the spotlight A ransomware gang seeks insider help Joining us is Selena Larson, Proofpoint Senior Threat Intelligence Analyst, to talk the insider threat of ransomware.

Moscow Mules and NOP Slides
Episode 32 with Selena Larson

Moscow Mules and NOP Slides

Play Episode Listen Later Feb 8, 2021 83:52


This week on Moscow Mules and NOP Slides, we have we Selena Larson. This is our first podcast of 2021! We are BACK! Selena sips on a Hamburg Hard Cider.  We cover a bunch of topics...too many to mention. But here are just a few: running, Selena's journey into threat intelligence, changing the narrative of "soft skills", COMMUNICATION, certifications, STONKS, Vegan food, Emotet takedown, and ransomware.  Dave drinks on an Imperial 3 Scoops from The Answer Brewpub out of our Version 1 podcast glass. Kyle sips on a Pounce from Dancing Gnome out of a Pour Character Wu-Tang glass.  Thank you to Selena for being a guest and the great conversation! We hope you enjoy. Please don't forget to subscribe! Disclaimer: The views and expressions of the guests and hosts are their own and not of their employers.

Career Notes
Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst] (Career Notes]

Career Notes

Play Episode Listen Later Dec 27, 2020 7:10


Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us. 

The CyberWire
Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst] (Career Notes]

The CyberWire

Play Episode Listen Later Dec 27, 2020 7:10


Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us. 

Security Conversations
Selena Larson, Intelligence Analyst, Dragos

Security Conversations

Play Episode Listen Later Sep 16, 2020 52:17


Journalist-turned-intel analyst Selena Larson joins the podcast to discuss the nuances of cybersecurity journalism, making the shift to analyzing intelligence and writing for a private audience, the ransomware epidemic, and the state of critical infrastructure security. Disclosure: Ryan Naraine is a security strategist at Intel Corp. Ryan produces this podcast in his personal capacity and the views and opinions expressed in these recordings do not necessarily reflect the positions and views of Intel Corp. or any of its subsidiaries.

The CyberWire
The Green Goldfish and cyber threat intelligence.

The CyberWire

Play Episode Listen Later Aug 9, 2020 7:10


Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us. 

Career Notes
Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst]

Career Notes

Play Episode Listen Later Aug 9, 2020 7:10


Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us. 

@BEERISAC: CPS/ICS Security Podcast Playlist
Know Thine Enemy - Identifying North American Cyber Threats - Research Saturday

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Jan 26, 2020 26:34


Podcast: The CyberWireEpisode: Know Thine Enemy - Identifying North American Cyber Threats - Research SaturdayPub date: 2020-01-25The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases. Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective. The report can be found here: North American Electric Cyber Threat Perspective The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.The podcast and artwork embedded on this page are from The CyberWire, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The CyberWire
Know Thine Enemy - Identifying North American Cyber Threats - Research Saturday

The CyberWire

Play Episode Listen Later Jan 25, 2020 26:34


The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases. Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective. The report can be found here: North American Electric Cyber Threat Perspective The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Research Saturday
Know Thine Enemy - Identifying North American Cyber Threats.

Research Saturday

Play Episode Listen Later Jan 25, 2020 29:57


The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases. Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective. The report can be found here: North American Electric Cyber Threat Perspective

@BEERISAC: CPS/ICS Security Podcast Playlist
How Scary Is Critical Infrastructure Hacking?

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Nov 15, 2019 35:52


Podcast: CYBEREpisode: How Scary Is Critical Infrastructure Hacking?Pub date: 2019-11-14Notes from @BEERISAC: CPS/ICS Security Podcast Playlist:Anton Shipulin: "Kudos to Rob Verseijden (@elborro) for a tip on the episode"Some of the most fascinating hacks are the types that don’t just pwn a shady malware company, the trade secrets of America or embarass the Democratic National Committee, but the kinds that target water systems, nuclear power plants and the oil and gas sector.Critical infrastructure hacking was brought into the public psyche by former Secretary of State and CIA director, Leon Panetta, in a much taunted 2012 speech where he warns of a coming “Cyber Pearl Harbour.” On this week’s CYBER we have Selena Larson, a former CNN reporter and cyber threat intelligence analyst working over at Dragos which is a leading cybersecurity company that specializes in critical infrastructure security, to tell us what we should be realistically worried about and if she believes Panetta’s speech has any merit in 2019. See acast.com/privacy for privacy and opt-out information.The podcast and artwork embedded on this page are from VICE, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Cyber Casts
How Scary Is Critical Infrastructure Hacking?

Cyber Casts

Play Episode Listen Later Nov 14, 2019 35:52


Some of the most fascinating hacks are the types that don't just pwn a shady malware company, the trade secrets of America or embarass the Democratic National Committee, but the kinds that target water systems, nuclear power plants and the oil and gas sector.Critical infrastructure hacking was brought into the public psyche by former Secretary of State and CIA director, Leon Panetta, in a much taunted 2012 speech where he warns of a coming “Cyber Pearl Harbour.” On this week's CYBER we have Selena Larson, a former CNN reporter and cyber threat intelligence analyst working over at Dragos which is a leading cybersecurity company that specializes in critical infrastructure security, to tell us what we should be realistically worried about and if she believes Panetta's speech has any merit in 2019. See acast.com/privacy for privacy and opt-out information.

CYBER
How Scary Is Critical Infrastructure Hacking?

CYBER

Play Episode Listen Later Nov 14, 2019 35:52


Some of the most fascinating hacks are the types that don’t just pwn a shady malware company, the trade secrets of America or embarass the Democratic National Committee, but the kinds that target water systems, nuclear power plants and the oil and gas sector.Critical infrastructure hacking was brought into the public psyche by former Secretary of State and CIA director, Leon Panetta, in a much taunted 2012 speech where he warns of a coming “Cyber Pearl Harbour.” On this week’s CYBER we have Selena Larson, a former CNN reporter and cyber threat intelligence analyst working over at Dragos which is a leading cybersecurity company that specializes in critical infrastructure security, to tell us what we should be realistically worried about and if she believes Panetta’s speech has any merit in 2019. See acast.com/privacy for privacy and opt-out information.

WashingTECH Tech Policy Podcast with Joe Miller
Elissa Shevinsky: Intro to Cryptocurrencies (Ep. 121)

WashingTECH Tech Policy Podcast with Joe Miller

Play Episode Listen Later Jan 11, 2018 26:37


Bio Elissa Shevinsky (@ElissaBeth) is a successful serial entrepreneur, focusing on cybersecurity and cryptocurrency companies. An early employee at Geekcorps (acquired) and Everyday Health (IPO) she was most recently Head of Product at Brave. Shevinsky is also the author of "Lean Out: The Struggle for Gender Equality in Tech and Startup Culture."  Little known fact: her first job out of college was as a lobbyist in DC, working to protect the Arctic National Wildlife Refuge. Resources Lean Out: The Struggle for Gender Equality in Tech and Start-Up Culture by Elissa Shevinsky (OR Books: 2015) Mastering Bitcoin: Programming the Open BlockChain by Andreas Antonopoulos (O'Reilly Media: 2017) Mastering Ethereum by Andreas Antonopoulous (O'Reilly Media: forthcoming, 2018) News Roundup Online sex trafficking bill has 60 votes The Senate bill to combat online sex trafficking has the 60 votes it needs to prevent a filibuster. The bipartisan bill, which met initial resistance and then acceptance by large tech companies, seeks to limit an exception in the Communications Decency Act that shields web hosts from liability for illegal content, such as prostitution ads, posted by third parties. The Senate bill would eliminate the exception for websites that knowingly facilitate sex trafficking. Ben Brody has more in Bloomberg. Apple announces security flaws Apple announced last week that all Mac and iOS devices are susceptible to processing system flaws called Spectre and Meltdown. Apple said that, to avoid the possibility of hackers exploiting these vulnerabilities, consumers should avoid downloading anything from anyone other than trusted sources. Selena Larson reports for CNN. Effort to overturn FCC's repeal of net neutrality gains first Republican supporter Senator Ed Markey's effort to overturn the FCC's reversal of the 2015 open internet rules gained its first Republican supporter last week: Senator Susan Collins from Maine. Markey's resolution could now pass the Senate with just one more Republican vote. On Monday, Democrat Claire McCaskill joined the list of the bill's sponsors, bringing the total number of sponsors to 30. John Brodkin has the story in Ars Technica. CEOs urge Congress to protect DREAMERS With the Deferred Action for Childhood Arrivals (DACA) set to expire on March 5th, more than 100 American CEOs sent a joint letter to Congress urging it to pass a bill to allow Dreamers--the children of undocumented immigrants who brought them to the U.S.--to remain in the country. The CEOs, who represented companies as diverse as Google, Apple, Best Buy, Levi Strauss, Facebook, Target, Verizon, Visa and others wrote that the impending expiration of DACA is a crisis. Harper Neidig has the story in the Hill. The Internet Association will sue the FCC over net neutrality The Internet Association--the trade group that represents major tech companies such as Google, Netflix, Facebook and others--announced last week that it would be suing the Federal Communications Commission over its repeal of the 2015 net neutrality rules. Fired Google memo writer sues the company James Damore--the fired Google employee who wrote a controversial memo that played into stereotypes about women, sued Google for treating employees with conservative political views differently from the way it treated liberals working at the company. Harper Neidig reports in the Hill. Pew: Half of Women in STEM jobs experience discrimination Half of women in STEM jobs experience gender-based discrimination at work, according to a new Pew survey. Some 50 percent of women in STEM fields reported that they had been victims of discrimination, compared to 41 percent of women in non-STEM jobs. Cary Funk and Kim Parker wrote the report for Pew. VTech settles with FTC for $650,000 Children's electronic toy maker VTech settled with the Federal Trade Commission for $650,000 on Monday. The FTC alleged that the company had collected kids' private information without the consent of their parents, and then failed to secure the information against hackers. White House sent Car nomination to Congress The White House has nominated Brendan Carr to a five-year term as a Federal Communications Commission Commissioner. Carr's current term expires in June.                

WashingTECH Tech Policy Podcast with Joe Miller
How to Work with Philanthropists in Silicon Valley with Gina Dalma

WashingTECH Tech Policy Podcast with Joe Miller

Play Episode Listen Later Jul 18, 2017 19:14


   Philanthropists in Silicon Valley Want Your Ideas The provincial Silicon Valley that was loathe to step outside of Northern California is practically ancient history. An industry that once shunned Washington, D.C.'s buttoned-up bureaucrats now leads in lobbying and campaign contributions. Increasingly, philanthropists in Silicon Valley are making investments that in many ways are changing the very structure of our institutions. The New York Times is running a series on the institutional investments Silicon Valley titans are making.  For example, Netflix's Reed Hastings and Facebook's Mark Zuckerberg are making investments to enhance and experiment with innovative new educational tools and models. Other tech philanthropists have long invested billions to fight more global, humanitarian problems, such as climate change and malaria. They also offer microloans to small businesses in developing nations. The election of Donald Trump to the presidency as not caused the mass tech exodus from Washington that was initially feared. Indeed, while Big Tech and the Trump administration remain worlds apart on net neutrality, there is some common ground. Issues like cybersecurity, government efficiency, and the effect of artificial intelligence on jobs are largely bipartisan. It is now inside-the-beltway institutions that are struggling to tweak their own insular tendencies. What should policy professionals be thinking about as they develop their outreach efforts to philanthropists in Silicon Valley? How does tech sector philanthropy work? The goal of this episodes is to help answer these questions and more as you structure your efforts. Bio Gina Dalma (@ginadalma) is Special Advisor to the CEO and vice president of government relations at the Silicon Valley Community Foundation (SVCF). SVCF is the largest community foundation in the world, with more than $8 billion in assets under management. Gina is responsible for leading SVCF's ongoing lobbying efforts in Sacramento and its emerging efforts in Washington, D.C.  SVCF's California lobbying work is currently centered around education, affordable housing, immigration and economic security. In Washington, D.C., SVCF hopes to be a leading voice on topics that have the potential to advance the philanthropic sector. Gina was pivotal in the passage of the California Mathematics Placement Act of 2015, which Gov. Brown signed into law on Oct. 5, 2015. SVCF sponsored this legislation. She serves as a member of the California Department of Education's STEM Taskforce Advisory Committee. She is also a member of the National Common Core Funders Steering Committee and an Advisory Board Member of the Silicon Valley Education Foundation. Prior to her promotion to special advisor in 2015, Gina was SVCF's director of grantmaking. In that role, she led the grantmaking team in using a diverse set of tools, including strategic investments, to solve our region's most challenging problems. She also led SVCF's education grantmaking strategy, as well as the Silicon Valley Common Core Initiative. Prior to joining SVCF, Gina was director of innovation at the Silicon Valley Education Foundation. Before moving to the United States, Gina held several positions related to urban economic development and regulatory economics in the federal and state public sector in Mexico. She holds a Bachelor of Science in economics from ITAM in Mexico City, a Master of Science in economics from the University of London and a Master of Arts in international policy studies from Stanford University. Resources Silicon Valley Community Foundation (SVCF) Parting the Waters: America in the King Years 1954-1963 by Taylor Branch News Roundup FCC's Net Neutrality Initial Comment Window Closes The FCC's initial comment period regarding its proposed rules to overturn  the Obama-era net neutrality rules closed on Monday. The comments span the gamut. Some commenters favor overturning the existing rules. Other commenters advocated for new legislation that would replace the FCC's rules. Still others advocated for upholding the existing rules entirely, without new legislation. A couple of data points this week on net neutrality -- Civis Analytics released one showing 81% of Americans are against blocking, throttling, and paid prioritization of some sites over others. Interestingly, Civis Analytics counts Verizon Ventures and Alphabet Chair Eric Schmidt among its investors. Another poll, this one by INCOMPAS and the GOP-polling firm IMGE, showed 72% of Republican voters oppose throttling and blocking sites like Netflix. Further, a Morning Consult released a report showing Senators who support net neutrality enjoy high approval ratings. Massachusetts Senator Ed Markey has a 55% approval rating, and Oregon Senator Ron Wyden has an approval rating of 61%. America's Cybersecurity Issues Intensify Verizon announced that "human error" that resulted in misconfigured security settings caused the personal data of some 6 million Verizon customers to be leaked online. We're talking customer phone numbers, names, and PIN codes. Apparently, an Amazon S3 storage server's settings were set to public instead of private. Selena Larson has the full story at CNN Money. As far as Russia is concerned--President Trump keeps equivocating. One day he says he thinks maybe Russia interfered with the election. The next day, he's publicly less sure. This is all amidst an intensifying investigation that has zeroed in on Trump's son, Donald Jr. Trump senior also met with Russian President Vladimir Putin in Germany 2 weeks ago, as you know, at the G20 Summit in Hamburg.  After that meeting, Trump talked about needing to move forward with forming a cybersecurity unit with Russia. President Trump said he had questioned Putin about the hacks and that Putin had vehemently denied them. Republicans and Democrats quickly condemned the president's statements, questioning  the president's trust of Russia. Then, 3 days later, the Trump administration moved to limit federal agencies' use of Kaspersky Labs. Kaspersky Labs is the Russia-based cybersecurity firm.  Several officials believe the Kaspersky may be a Trojan Horse the Kremlin uses to hack government data. You can find coverage in the Washington Post by Phillip Rucker, as well as Politico, by Eric Geller, and Reuters' Phil Stewart.   Meanwhile, Joe Uchill reported in the Hill on a new poll conducted by the cyberscurity firm Carbon Black which shows 1 in 4 voters do not plan on voting due to cybersecurity concerns. Feds Uphold NSA's Gag Orders The gag orders the National Security Agency routinely uses when it requests identifying information from tech companies don't violate the 1st Amendment. That was the holding of a 9th Circuit Court of Appeals decision last week in a matter brought by Cloudflare and Credo Mobile. The companies wanted to notify customers when the National Security Agency obtained their information. The companies argued that notifying customers of such inquiries is their First Amendment right. But the Court disagreed. As long as certain civil liberties protections are in place, those gag orders that prevent companies from notifying customers that the NSA is investigating them are Constitutional. Joe Uchill has the story in the Hill. New Documents Suggest Backpage.com Facilitated Sex Advertising/Trafficking New evidence suggests Backpage.com did know alleged prostitution was going on on its website and that it indeed allegedly helped facilitate it,. Johnathan O'Connell and Tom Jackman report for the Washington Post. Documents show Backpage apparently did things like troll its competitors' websites for sex ads. After finding sex ad buyers, Backpage allegedly had staffers and contractors contact those buyers and offer them free advertising .  A 16-year-old girl the FBI says was being trafficked on the site was found dead in a Chicago-area garage on Christmas eve. Again, you can find long form coverage in the Washington Post. To report sex trafficking happening anywhere--you can contact the National Human Trafficking Resource Center at 1-888-373-7888. That's 1-888-373-7888. You can also text HELP or INFO to 233733. That's 233733. And those coordinates are available 24 hours a day 7 days per week. DraftKings/Fanduel Merger a No-Go DraftKings and FanDuel--the two leading fantasy sports sites--have dropped merger talks. The Federal Trade Commission was blocking the merger after finding the merged company would have controlled between 80 and 90% of the fantasy sports market. Ali Breland reports in the Hill. Musk: AI is "Biggest risk we face as a civilization" At a meeting of the National Governor's Association last week, Tesla and SpaceX CEO Elon Musk said Artificial Intelligence is "the biggest risk we face as a civilization". He called for more effective regulations. The Economist also published a report that shows China and the U.S. in head-to-head competition for dominance in the Artificial Intelligence market.  The article suggests China may account for up to half of the world's Artificial Intelligence-attributable GDP growth by 2030. By 2030, AI is expected to comprise some $16 trillion of total global GDP. Racist Airbnb host to pay Asian customer $5,000 Finally, Tami Barker, the Airbnb host who denied a UCLA law student her reservation because she is Asian will have to pay $5,000 in damages to the student, Dyne Suh, and take an Asian American studies course. "It's why we have Trump", is what Barker wrote to Suh via the Airbnb app. "I will not allow this country to be told what to do by foreigners," she said.

Smart Tech
st1624: 5 Tech Related Gifts You Should Definitely Avoid this Holiday Season

Smart Tech

Play Episode Listen Later Dec 19, 2016 8:07


Last episode I gave you my best picks for tech gifts this year. But what about what NOT to buy! Bad tech not only makes for a disappointing Christmas, it can be deadly. So I turned to Selena Larson at CNN Money for her input on tech related gifts to avoid.