Network-based detections, such as those developed by threat detection engineers using tools like suricata and snort signatures, play a crucial role in identifying and mitigating cyber threats by scrutinizing and analyzing network traffic for malicious patterns and activities.

Today’s guest is Isaac Shaughnessy, a Threat Detection Engineer at Proofpoint. Isaac shares his insights into the challenges of detecting and mitigating malware, especially those using social platforms for command and control. He emphasizes the team's engagement with the InfoSec community, highlighting the value of platforms like Twitter and Mastodon for sharing and receiving information.

We also dive into:

• the unique challenges of crafting effective signatures
• the specifics of malware, focusing on Vidar stealer and highlighting the dynamic nature of Vidar's command and control infrastructure
• the distribution methods of these malware strains, from email campaigns to unconventional tactics like using video game platforms and social media for luring victims

Resources mentioned:

Intro to Traffic Analysis w/ Issac Shaughnessy
Emerging Threats Mastodon: https://infosec.exchange/@emergingthreats
Threat Insight Mastodon: https://infosec.exchange/@threatinsight
Vidar Stealer Picks Up Steam!

For more information, check out our website.