DISCARDED: Tales From the Threat Research Trenches
DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more about the threat behaviors and attack patterns. Each episode you’ll hear real world insights from our researchers about the latest trends in malware, threat actors, TTPs, and more.
Welcome to DISCARDED
Welcome to DISCARDED
DISCARDED: Tales From the Threat Research Trenches
Under Siege: How Hackers Exploit Cloud Vulnerabilities
•
Proofpoint
Hello to all our Cyber Ghosts! Join host Selena Larson as she chats with Eilon Bendet– Cloud Threat Researcher from Proofpoint. From account takeovers to state-sponsored hacks, they uncover how cybercriminals are outsmarting traditional defenses – and why even multi-factor authentication might not be enough to keep them out.
Together, they discuss the complexities of cloud threat detection, including the role of User and Entity Behavior Analytics (UEBA) in identifying suspicious activities and preventing account takeovers (ATO). Eilon breaks down two primary ATO threat vectors—credential-based brute force attacks and precision-targeted phishing campaigns.
Also discussed:
Resources mentioned:
MACT or malicious applications blog: https://www.proofpoint.com/us/blog/cloud-security/revisiting-mact-malicious-applications-credible-cloud-tenants
For more information about Proofpoint, check out our website.
Subscribe & Follow:
Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.
Together, they discuss the complexities of cloud threat detection, including the role of User and Entity Behavior Analytics (UEBA) in identifying suspicious activities and preventing account takeovers (ATO). Eilon breaks down two primary ATO threat vectors—credential-based brute force attacks and precision-targeted phishing campaigns.
Also discussed:
- how these groups exploit cloud environments
- concerning trends such as the rise of reverse proxy-based toolkits and MFA bypass techniques
- the importance of identity-focused defense strategies and how threat actors customize tools to infiltrate cloud systems, steal data, and monetize compromised accounts
Resources mentioned:
MACT or malicious applications blog: https://www.proofpoint.com/us/blog/cloud-security/revisiting-mact-malicious-applications-credible-cloud-tenants
For more information about Proofpoint, check out our website.
Subscribe & Follow:
Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.