This episode delivers critical battlefield stories regarding the operational reality of modern identity based threats. Selena Larson, Staff Threat Researcher and Lead, Intelligence Analysis and Strategy at Proofpoint and Host of the DISCARDED podcast and the Only Malware in the Building podcast, joins host Caleb Tolin to detail the specific mechanics of device code phishing campaigns, revealing how adversaries exploit legitimate communication structures to capture administrative and enterprise access. The discussion centers on the rapid commercialization of cybercrime, highlighting the leak of specialized kits in late 2025 that catalyzed the democratization of sophisticated technical exploits.
The conversation unpacks the behavioral patterns of specific threat groups, analyzing the intersection of business email compromise, credential harvesting, and account takeover jumping. Selena explains how opportunistic targeting allows threats to pivot horizontally through trusted external supplier networks and specific industry verticals.
Rather than focusing solely on defensive theory, the dialogue transitions into hard technical controls, challenging the long-term viability of traditional security awareness programs. Defenders are provided with direct architectural recommendations, including the precise deployment of conditional access policies and rigid device compliance frameworks designed to stop unauthorized authentication attempts before execution.
What You'll Learn
-
Core operational mechanics behind the exploitation of Microsoft OAuth authentication workflows.
-
Historical transition from early red team utility testing to commercialized phishing platforms.
-
Impact of leaked cyber criminal source code on the current volume of identity attacks.
-
Analytical methods to distinguish between intentional industry targeting and opportunistic account jumping.
-
Strategic deployment of conditional access policies to terminate unauthorized authentication capabilities.
-
Technical constraints of legacy security awareness training against modern behavioral engineering.
-
Structural integration of strict device compliance validation within identity perimeters.
Information
- Show
- FrequencyUpdated Biweekly
- PublishedJune 30, 2026 at 7:00 AM UTC
- Length28 min
- Season1
- Episode57
- RatingClean
