Episode Details

Send us fan mail!

Hello to all our Cyber Frogs! Join host Selena Larson and guest host, Sarah Sabotka, explore the evolving tactics of China-based nation-state threat actors with guest Mark Kelly, Staff Threat Researcher at Proofpoint. They focus on TA415 (APT41 or Brass Typhoon), examining its combination of cybercrime and state-sponsored espionage. From the Voldemort malware campaign to targeting critical infrastructure, Mark sheds light on how these actors leverage tools like Google Sheets for command and control, exploit vulnerabilities, and adapt to evade detection.

The discussion also highlights:

• the strategic importance of edge devices, pre-positioning for geopolitical escalations, and the intersection of espionage, gaming, and cybercrime 
• Operational Relay Boxes (ORBs), covert networks used by Chinese Advanced Persistent Threat (APT) groups to mask cyber activities 
• exploitation of non-traditional systems and vulnerabilities
• the impact of compromised consumer devices on global cybersecurity

Resources mentioned:
https://www.nytimes.com/2024/10/26/us/politics/salt-typhoon-hack-what-we-know.html
https://cyberscoop.com/salt-typhoon-us-telecom-hack-earth-estries-trend-micro-report/
https://www.proofpoint.com/us/blog/threat-insight/malware-must-not-be-named-suspected-espionage-campaign-delivers-voldemort
https://www.bleepingcomputer.com/news/security/state-hackers-turn-to-massive-orb-proxy-networks-to-evade-detection/



For more information about Proofpoint, check out our website.

Subscribe & Follow:
Don't miss out on future episodes—subscribe to the Discarded Podcast on your favorite platform.