DISCARDED: Tales From the Threat Research Trenches

Proofpoint
  • 4.9 (55)
  • TECHNOLOGY
  • UPDATED BIWEEKLY

DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more about the threat behaviors and attack patterns. Each episode you’ll hear real world insights from our researchers about the latest trends in malware, threat actors, TTPs, and more.Welcome to DISCARDED

  1. FEB 10

    Snowball Learning: Getting Real About Cybersecurity Training

    Send us fan mail! Hello to all our Cyber Pals! Host Selena Larson and co-host, Sarah Sabotka, chat with Dr. Bob Hausmann, Lead Cognitive Scientist of Human Risk Management at Proofpoint. They have a timely conversation on whether cybersecurity training actually works and what it takes to make it effective. They unpack why traditional annual training and phishing simulations often fall short, and how insights from cognitive psychology can help organizations design awareness programs that truly change behavior. Drawing on Dr. Bob’s recent research, the conversation explores just-in-time nudges, microlearning, and how understanding attention, memory, and emotion can make security guidance more actionable in the moments that matter most. In this episode, they cover: Why once-a-year security training shows little impact on real-world behavior How just-in-time nudges work and where they fit into security awareness programs The role of cognitive load, attention, and repetition in learning and memory How amygdala hijack and emotional manipulation factor into phishing success Why foundational knowledge is critical for nudges to be effective The difference between education-driven nudges and punitive approaches to training Practical ways organizations can design training that fits into everyday workflows This episode offers a research-backed, human-centered look at security awareness—showing why better outcomes depend less on blaming users and more on designing training that works with the brain, not against it. Resources Mentioned: https://www.proofpoint.com/us/blog/security-awareness-training/cybersecurity-nudges-cautionary-tale For more information about Proofpoint, check out our website.   Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    42 min

  2. JAN 29

    Emerging Threats in 2026: Inside Proofpoint’s Detection Playbook

    Send us fan mail! Hello to all our Cyber Pals! Host Selena Larson and co-host, Tim Kromphardt, chat with Rich Gonzalez, Director of Emerging Threats at Proofpoint, to kick off 2026 with a behind-the-scenes look at how emerging threats are detected, tracked, and turned into real-world protections for defenders. They explore what it really takes to keep pace with an always-on threat landscape, from rapid response to newly released proof-of-concepts, to why certain vulnerabilities like Log4j continue to dominate attacker activity years later. The conversation also digs into alert fatigue, the realities of SOC burnout, and where automation and AI can genuinely help versus where trust, accuracy, and human judgment still matter most. In this episode, they cover: How Proofpoint’s Emerging Threats team monitors global attacker behavior and delivers fast, high-confidence detectionsWhat happens behind the scenes when a proof-of-concept drops (especially during holidays)Why some CVEs remain “evergreen” targets and never truly go awayThe balance between speed and accuracy in rule writing without overwhelming SOC teamsWhere AI and machine learning are being used today to reduce tedious work and improve triageThe risks of over-automation, hallucinations, and untrusted intelligence in security workflowsWhat’s coming in 2026, including more frequent rule releases and more detection coverage This episode offers a candid, practitioner-driven view of modern threat detection—highlighting why adaptability, transparency, and human expertise remain essential as defenders head into 2026.

    45 min

  3. 12/31/2025

    Operation EndOfYear: New Malware, Popular Tactics, and Where AI Is Taking Us

    Send us fan mail! Hello to all our Cyber Elves! Host Selena Larson chats with Daniel Blackford, Vice President of Threat Research at Proofpoint, for an end-of-year look at how the cyber threat landscape evolved—and what defenders should be preparing for in 2026. They reflect on how the second half of 2025 brought meaningful shifts in attacker behavior, with familiar techniques becoming more professionalized and new malware emerging alongside identity-focused attacks. The conversation also explores why attribution is getting harder, how law enforcement disruptions are reshaping cybercrime ecosystems, and where AI is genuinely helping defenders versus introducing new risks. In this episode, they cover: How attacker tactics “proliferated” in 2025 rather than fully reinvented The return of new malware families alongside loaders and backdoors Why identity, social engineering, and legitimate tools (RMMs, device code phishing) remain top attack vectors The real-world impact of law enforcement takedowns like Operation Endgame How shared tooling and services are blurring attribution across threat actors Practical, no-hype perspectives on AI, machine learning, and defender workflows What organizations should focus on now to stay resilient in 2026 This episode offers a grounded, experience-driven perspective on what actually mattered in 2025—and why strong fundamentals, layered defenses, and adaptability remain the best preparation for whatever comes next. Resources Mentioned: https://www.proofpoint.com/us/blog/threat-insight/remote-access-real-cargo-cybercriminals-targeting-trucking-and-logistics https://www.proofpoint.com/us/blog/threat-insight/operation-endgame-quakes-rhadamanthys https://www.proofpoint.com/us/blog/threat-insight/security-brief-venomrat-defanged https://assets.recordedfuture.com/insikt-report-pdfs/2025/cta-ru-2025-1022.pdf https://www.microsoft.com/en-us/research/wp-content/uploads/2025/01/lee_2025_ai_critical_thinking_survey.pdf For more information about Proofpoint, check out our website.   Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    57 min

  4. 12/09/2025

    Ho-Ho-Hold Up—Is That Message Real? Bad Santas Are Sending Seasonal Scams

    Send us fan mail! Happy Holidays to all our Cyber Pals! Host Selena Larson, and co-guest ho-ho-ho hosts, Tim Kromphardt & Sarah Sabotka unwrap the surprising (and sometimes clever) ways cybercriminals use seasonal themes to trick both consumers and enterprises. From fake party invites and too-good-to-be-true discounts to holiday-flavored malware and RMM delivery, the team breaks down how threat actors capitalize on increased spending, lower vigilance, and year-end business pressure. They share real examples—like “free Christmas tree” scams, fake travel itineraries, smishing campaigns, and even malware hidden behind a Christmas caroling invitation. You’ll also hear: 🎁 Why holiday-themed lures work so well 🎁 How scammers tailor their tactics to shifting consumer behavior  🎁 The rise of SMS scams, malvertising, and SEO-poisoned shopping searches  🎁 What enterprises should watch for as employees mix work and personal activity  🎁 Why energy drinks are (shockingly) a hot commodity in cargo theft schemes  🎁 Practical tips to stay safe—whether you’re holiday shopping or closing year-end invoices Before you head off for vacation, join us for a fun, insightful, and very festive breakdown of the seasonal threats that might be landing under your digital tree this year. For more information about Proofpoint, check out our website. Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    34 min

  5. 11/18/2025

    From Toasters to Botnets: Securing Everyday IoT

    Send us fan mail! Hello to all our Cyber Squirrels! Host Selena Larson, and guest host, Tim Kromphardt sit down with Tony Robinson — Senior Security Research Engineer and “rule magician” from Proofpoint’s Emerging Threats team. Tony shares the story behind IoT Hunter, an open-source tool he created to automate writing detection rules for Internet of Things (IoT) vulnerabilities. From routers and smart cameras to industrial control systems, Tony breaks down how IoT Hunter helps researchers and defenders cover hundreds of CVEs — from long-forgotten exploits to newly discovered zero-days. The trio dives into: Why IoT devices remain a major attack vector for threat actors and botnets What kinds of vulnerabilities IoT Hunter detects (and how it’s not AI) The surprising persistence of outdated frameworks like Boa HTTPd Real-world examples of IoT exploitation — from ransomware via smart cameras to botnets made of toasters Practical steps anyone can take to secure home and small business devices This episode uncovers the risks and realities behind our increasingly connected world — and how automation and community collaboration are helping defenders keep up. Resources Mentioned: community.emergingthreats.net https://community.emergingthreats.net/t/iot-hunter-public-release/3024 https://community.emergingthreats.net/t/cybersecurity-awareness-month-iot-and-soho-devices/3095 For more information about Proofpoint, check out our website.   Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    38 min

  6. 11/04/2025

    Elect More Hackers: Tech Skills for Real-World Change

    Send us fan mail! Hello to all our Cyber Squirrels! Can hackers make great public servants?  Host Selena Larson, and co-guest hosts, Sarah Sabotka and Tim Kromphardt sit down with Andrew Brandt, Founder and Executive Director of Elect More Hackers — a nonprofit on a mission to get more cybersecurity and tech-minded thinkers into elected office. Together, they explore how hackers and technologists can bring their problem-solving mindset into civic life — from teaching digital safety at local libraries to advising lawmakers on cyber hygiene, data privacy, and AI policy. Andrew unpacks why infosec professionals are uniquely equipped to tackle systemic issues like the “enshittification” of online platforms, the right-to-repair movement, and the privacy nightmare of “smart” cars. The conversation dives into the surprising cybersecurity gaps in government, how social engineering and lobbying overlap, and why civic engagement shouldn’t stop at voting. You’ll also hear how even small acts — like community outreach or helping shape local school tech policies — can lead to smarter, safer public systems. Whether you’re a hacker or a policy nerd this episode will inspire you to plug in locally, build trust, and maybe even run for office yourself. 🎙️ Tune in to learn: Why hackers and technologists make great problem-solvers in politics How policies like right-to-repair and data privacy affect everyone Practical ways cybersecurity professionals can engage civically — even without running for office Think civic engagement isn’t for you? Think again — this conversation shows how even small actions from tech-minded thinkers can create big change. Resources Mentioned: 🔗 Learn more: electmorehackers.com For more information about Proofpoint, check out our website.   Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    55 min

  7. 10/21/2025

    From Web Injects to Info Stealers: How Cybercriminals Stay Ahead

    Send us fan mail! Hello to all our Cyber Sleuths! Host Selena Larson, and guest host, Sarah Sabotka take you behind the scenes of the ever-changing world of cybercrime—where attackers innovate, scams evolve, and staying one step ahead is a constant challenge. From remote monitoring and management (RMM) abuse to adversary-in-the-middle (AiTM) phishing, web injects, flashy malware lures, and the latest wave of information stealers, we unpack the tactics, techniques, and procedures shaping today’s threat landscape. We talk about: Why attackers are leaning on RMM tools and what you can do to defend yourself or your organization.How MFA-aware phishing kits are evolving and ways to stay secure.New information stealers emerging in the wake of law enforcement disruptions.The role Reddit can play in helping spot real-world scams.The human side of cyber crime, from fraud and job scams to societal pressures driving people into schemes.The exponential growth of web injects and unique social engineeringThe cunning tactics of threat actors like TA582 Along the way, we share practical tips for staying safe online—closing suspicious tabs, using MFA, blocking unsolicited links, and even taking mindful breaks from the digital world.  This episode helps you understand the chaos of the digital underworld and stay one step ahead—without throwing your phone into the woods. Resources Mentioned: https://www.proofpoint.com/us/blog/threat-insight/remote-monitoring-and-management-rmm-tooling-increasingly-attackers-first-choice https://www.proofpoint.com/us/blog/threat-insight/when-monster-bytes-tracking-ta585-and-its-arsenal https://www.proofpoint.com/us/blog/threat-insight/amatera-stealer-rebranded-acr-stealer-improved-evasion-sophistication https://www.ftc.gov/system/files/ftc_gov/pdf/csn-annual-data-book-2024.pdf For more information about Proofpoint, check out our website.   Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    1h 1m

  8. 10/08/2025

    When Being Aware of Cybersecurity Means Knowing You're Human

    Send us fan mail! Hello to all our Pumpkin Spice Cyber Friends! It’s Cybersecurity Awareness Month — and what better way to kick it off than with a deep dive into the human side of cyber threats? In this episode host Selena Larson welcomes back guest and part-time co-host Sarah Sabotka, our “Cybersecurity Awareness Month Queen” and Staff Threat Researcher at Proofpoint. She joins us to break down why social engineering is at the heart of so many attacks. We take a closer look at how scams and social engineering tactics are growing more sophisticated—and how the real battleground isn’t just your inbox, it’s your brain. Our guest explains “amygdala hijacking,” the psychological manipulation behind scams, and why recognizing your emotional responses during suspicious interactions can be just as important as spotting technical red flags.  We also focus on protecting some of the most vulnerable—seniors and young digital natives—highlighting community education programs, interactive teen cybersecurity trainings, and strategies for safe social media use, password hygiene, and multi-factor authentication. We also talk about: Why Awareness Month feels different this year and how communicators are packaging complex threat research for real people. The neuroscience behind social engineering (shoutout to Dr. Bob, Proofpoint’s lead cognitive scientist) and a simple, powerful takeaway: trust your gut. Concrete examples: ClickFix scams, deepfakes used against small businesses, LLM-enabled phishing, benign-conversation lures (smishing & job scams), and multi-step attacks that prime victims over time. Practical steps to protect yourself and your org — safe words, pause-and-check habits, and why peer stories beat scary slides. Tune in and learn how to build better cyber awareness for everyone in your life—because cybersecurity isn’t just for IT teams, it’s for all of us. Resources Mentioned: https://www.proofpoint.com/us/resources/threat-reports/human-factor-social-engineering https://www.proofpoint.com/us/blog/security-awareness-training https://www.proofpoint.com/us/blog/threat-insight/best-laid-plans-ta453-targets-religious-figure-fake-podcast-invite-delivering https://www.clickorlando.com/news/local/2025/02/19/central-florida-wildlife-rescue-falls-victim-to-podcast-scam-warns-others/ https://abc7.com/post/scam-texts-targeting-people-looking-jobs-are-rise-ftc-warns/17838427/ https://www.cbc.ca/news/marketplace/sextortion-teen-boys-canada-1.7648267 https://www.consumerreports.org/media-room/press-releases/2025/10/consumer-reports-study-finds-surge-in-texting-and-messaging-scams For more information about Proofpoint, check out our website.   Subscribe & Follow: Stay ahead of emerging threats, and subscribe! Happy hunting!

    48 min
See All (97)

4.9
out of 5
55 Ratings

About

DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more about the threat behaviors and attack patterns. Each episode you’ll hear real world insights from our researchers about the latest trends in malware, threat actors, TTPs, and more.Welcome to DISCARDED

Information

You Might Also Like