Only Malware in the Building

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss how attackers are increasingly abusing legitimate, trusted Microsoft workflows to make phishing campaigns more convincing and harder to spot. In device code phishing, victims are socially engineered into completing a real Microsoft OAuth login flow, inadvertently granting attackers valid access tokens without ever sharing a password. They also examined abuse of Microsoft 365 Direct Send, which allows threat actors to send phishing emails that appear to originate from inside an organization, reinforcing a broader shift toward weaponizing built-in cloud services rather than relying on obviously malicious infrastructure.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠Qintel⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we dive into supply chain attacks through the lens of a massive Android malware campaign that infects devices before they ever reach users, embedding itself in firmware and reseller-installed system images. We connect the dots to other high-impact supply chain incidents—from SolarWinds to the recent F5 breach—and share new intelligence on Android devices compromised during manufacturing and distribution in China. Together, these cases highlight how attacks at the source can quietly scale, persist, and evade traditional defenses.

Welcome in! You’ve entered, Only Malware in the Building. Wrap yourself in a warm blanket, pour your favorite mug of tea, and join us each month as we unwrap the season’s juiciest cyber mysteries. Your host is ⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠Qintel⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore Remote access, real cargo: cybercriminals targeting trucking and logistics. From clever schemes to protect shipments to the tools cybercriminals use, our guests discuss how organizations can safeguard physical goods in an increasingly connected world—because even during the season of hustle and bustle, the threats don’t take a holiday.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ and ⁠⁠⁠Keith Mularski⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠Qintel⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore what makes information sharing actually work. From public-private partnerships to actionable intelligence, our guests discuss how organizations can prioritize, process, and operationalize shared cyber threat data to stay ahead of emerging risks.

Plus, catch Dave, Selena, and Keith on their road trip adventure in our video on ⁠YouTube⁠ — full of laughs, unexpected detours, and plenty of sleuthing!

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ and ⁠⁠⁠Keith Mularski⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠Qintel⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this spooky special episode, our hosts ponder which threat actor, malware, or campaign name would be the most terrifying — from the spectral stealth of GhostRAT silently haunting your systems, to the deceptively sweet lure of ILoveYou that once spread chaos across the globe. Along the way, they share some of their favorite “ghost stories” from the cyber underworld — legendary incidents and infamous operations that still haunt defenders today — and explore why these names and their real-world impacts have left such lasting scars on the digital landscape.

Plus, we’ve cooked up a fun, mystery-solving video to accompany this episode — complete with spooky clues, masked sleuths, and a few laugh-out-loud moments that fans of classic cartoon detectives will appreciate. Check it out on YouTube and see if you can unmask the culprit!