Sign up to save your podcasts
Or
Share RATs in the tunnel: Uncovering the cyber underworld. [OMITB]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
RATs in the tunnel: Uncovering the cyber underworld. [OMITB]
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the abuse of legitimate services for malware delivery.
Proofpoint has seen an increase in the abuse of tools like ScreenConnect and NetSupport, as well as Cloudflare Tunnel abuse and the use of IP filtering. They have also observed a rise in financially motivated malware delivery using TryCloudflare Tunnel abuse, focusing on remote access trojans (RATs) like Xworm and AsyncRAT.
Today we look at how Cloudflare tunnels are used to evade detection and how they have evolved their tactics by incorporating obfuscation techniques, with ongoing research to identify the threat actors involved.
View all episodes
By N2K Networks
4.6
305305 ratings
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the abuse of legitimate services for malware delivery.
Proofpoint has seen an increase in the abuse of tools like ScreenConnect and NetSupport, as well as Cloudflare Tunnel abuse and the use of IP filtering. They have also observed a rise in financially motivated malware delivery using TryCloudflare Tunnel abuse, focusing on remote access trojans (RATs) like Xworm and AsyncRAT.
Today we look at how Cloudflare tunnels are used to evade detection and how they have evolved their tactics by incorporating obfuscation techniques, with ongoing research to identify the threat actors involved.
More shows like Hacking Humans
View all
Security Now (Audio)
1,968 Listeners
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
627 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
363 Listeners
Hacked
183 Listeners
CyberWire Daily
1,003 Listeners
Smashing Security
311 Listeners
Click Here
399 Listeners
Malicious Life
928 Listeners
Darknet Diaries
7,875 Listeners
Cybersecurity Today
167 Listeners
CISO Series Podcast
187 Listeners
Defense in Depth
76 Listeners
Cyber Security Headlines
129 Listeners
Hacker And The Fed
158 Listeners