Selena Larson

Selena Larson, a Threat Researcher at Proofpoint and co-host of Only Malware in the Building, dives deep into the world of Amatera Stealer, a sophisticated rebranding of ACR Stealer. She reveals its advanced evasion techniques, including stealthy C2 communication and powerful PowerShell loaders. The discussion uncovers how Amatera employs creative social engineering and blockchain hosting to steal sensitive data, posing serious threats amid changing cybersecurity landscapes. Larson emphasizes the importance of heightened awareness and evolving defenses against such malware threats.

Selena Larson, a threat researcher and lead for intelligence analysis at Proofpoint, dives into the evolving landscape of cybercrime. She highlights how ransomware groups now rival state-sponsored threats in sophistication and impact. Larson argues for a shift away from an APT-centric view towards one that equally addresses cybercrime risks. The discussion also emphasizes the urgent need for enhanced cybersecurity protections for individuals and the critical implications of cyberattacks on services like healthcare.

Selena Larson, a staff threat researcher at Proofpoint, dives into the alarming world of MFA phishing. She outlines how threat actors impersonate legitimate services like Adobe using fake Microsoft OAuth apps, successfully stealing credentials through realistic phishing kits. Larson explains the mechanics of these attacks, including the methods used to bypass MFA and capture sensitive data. She concludes with recommendations for individuals and organizations to bolster security measures and stay vigilant against these evolving threats.

Selena Larson, co-host of Only Malware in the Building and a Lead Threat Researcher at Proofpoint, dives into the alarming rise of Microsoft OAuth app impersonation campaigns. These sophisticated attacks target users by mimicking trusted services like Adobe and SharePoint, leading to MFA phishing. Larson explains how cybercriminals capture sensitive information through fake login pages, highlighting the importance of user education and vigilance. She also discusses Microsoft’s impending security updates to combat these threats, making cybersecurity awareness paramount.

Exploring the disappearance and return of the Bumblebee malware, its role as a downloader for cybercriminals, unique malware campaigns utilizing fake voicemail links, evolving tactics of cybercriminals, and the importance of user education in reducing cyber threats.