Champagne Attack Chains on a Kool-Aid Budget
Download and listen anywhere
Download your favorite episodes and enjoy them, wherever you are! Sign up or log in now to access offline listening.
Description
Hello to all our Pumpkin Spice cyber friends! Join host https://proofpoint.com and today’s co-host, Tim Kromphardt, as they chat with Joe Wise, Senior Threat Researcher and Kyle Cucci, Staff Threat...
show moreTogether, they unpack recent campaigns involving the abuse of legitimate services, particularly focusing on the clever tactics used by cybercriminals to evade detection.Joe and Kyle discuss a fascinating trend where attackers are leveraging Cloudflare’s temporary tunnels, bundling Python packages, and deploying a range of malware like Xworm and Venom Rat. They explore the increasing abuse of legitimate services like Google Drive, Adobe Acrobat, and Dropbox, which allow attackers to blend in with regular business traffic. The conversation also touches on a range of threat clusters, including Exormactor and Voldemort malware, and TA2541, who have consistently leveraged Google Drive URLs to spread malicious content.
Also discussed:
- the challenge of detecting and mitigating these types of threats and the importance of staying ahead of the evolving attack strategies
- the motivations behind these campaigns
- why traditional defense mechanisms may fall short
Resources mentioned:
https://www.proofpoint.com/us/blog/threat-insight/malware-must-not-be-named-suspected-espionage-campaign-delivers-voldemort
https://www.proofpoint.com/us/blog/threat-insight/scammer-abuses-microsoft-365-tenants-relaying-through-proofpoint-servers-deliver
For more information about Proofpoint, check out our website.
Subscribe & Follow:
Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.
Information
Author | Proofpoint |
Organization | Mindy |
Website | - |
Tags |
-
|
Copyright 2024 - Spreaker Inc. an iHeartMedia Company
Comments