Podcast
Only Malware in the Building
Hosted by DISCARDED | N2K Networks · EN
"Only Malware in the Building” is a monthly podcast crafted through a collaboration between N2K CyberWire and the Proofpoint DISCARDED podcast. Join hosts Selena Larson, Threat Researcher at Proofpoint, Dave Bittner—host of the CyberWire Daily podcast—and Keith Mularski, former FBI Cyber Division Unit Chief and now Chief Global Ambassador at Qintel, as this trio of cyber-savvy partners-in-crime team up to uncover the secrets behind some of the most notorious cyberattacks. This segment focuses on the most impactful and intriguing malware stories. Its aim is to distill complex cybersecurity information into digestible, insightful episodes for tech professionals, providing security executives a clear and engaging “so what” that is actionable."
12episodes
Episodes
Newest firstAll episodes
Mythbehavior under investigation.
2w ago00:44:56Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode of Mythb…oops, we mean Only Malware in the Building, our hosts take on some cyber myths. Dave busts the idea that small organizations aren’t targets, Selena digs into whether AI is really making attackers smarter, and Keith breaks down why identifying a hacker doesn’t mean law enforcement can just go make an arrest. Three myths, one truth: in cybersecurity, nothing is ever that simple.
Transcribe →Who’s logging in?
Apr 700:42:39Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we discuss findings from the Sophos Active Adversary Report 2026 by Sophos, highlighting how identity-related weaknesses like compromised credentials and gaps in MFA continue to drive a majority of security incidents. The conversation explores how attackers are moving faster, often operating after hours, and how a growing number of threat groups is adding to the complexity.
Transcribe →AI swarms and cyber alarms.
Mar 1000:51:31Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts start with a deep dive into artificial intelligence and its impact on cybersecurity. They explore AI-driven malware, accelerated attack chains like the Fortinet case, and how defenses are adapting—but emphasize that good security hygiene still works. They also debate AI’s effects on creativity and society, highlighting the importance of guardrails and responsible use.
Transcribe →When legit is the trick: Phishing’s sneaky new moves.
Feb 300:39:55Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss how attackers are increasingly abusing legitimate, trusted Microsoft workflows to make phishing campaigns more convincing and harder to spot. In device code phishing, victims are socially engineered into completing a real Microsoft OAuth login flow, inadvertently granting attackers valid access tokens without ever sharing a password. They also examined abuse of Microsoft 365 Direct Send, which allows threat actors to send phishing emails that appear to originate from inside an organization, reinforcing a broader shift toward weaponizing built-in cloud services rather than relying on obviously malicious infrastructure.
Transcribe →Poisoned at the source.
Jan 600:44:45Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we dive into supply chain attacks through the lens of a massive Android malware campaign that infects devices before they ever reach users, embedding itself in firmware and reseller-installed system images. We connect the dots to other high-impact supply chain incidents—from SolarWinds to the recent F5 breach—and share new intelligence on Android devices compromised during manufacturing and distribution in China. Together, these cases highlight how attacks at the source can quietly scale, persist, and evade traditional defenses.
Transcribe →Yippee-ki-yay, cybercriminals!
Dec 200:40:18Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Wrap yourself in a warm blanket, pour your favorite mug of tea, and join us each month as we unwrap the season’s juiciest cyber mysteries. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore Remote access, real cargo: cybercriminals targeting trucking and logistics. From clever schemes to protect shipments to the tools cybercriminals use, our guests discuss how organizations can safeguard physical goods in an increasingly connected world—because even during the season of hustle and bustle, the threats don’t take a holiday.
Transcribe →Pass the intel, please.
Nov 400:38:06Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore what makes information sharing actually work. From public-private partnerships to actionable intelligence, our guests discuss how organizations can prioritize, process, and operationalize shared cyber threat data to stay ahead of emerging risks. Plus, catch Dave, Selena, and Keith on their road trip adventure in our video on YouTube — full of laughs, unexpected detours, and plenty of sleuthing!
Transcribe →
When malware goes bump in the night.
Oct 700:49:38Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this spooky special episode, our hosts ponder which threat actor, malware, or campaign name would be the most terrifying — from the spectral stealth of GhostRAT silently haunting your systems, to the deceptively sweet lure of ILoveYou that once spread chaos across the globe. Along the way, they share some of their favorite “ghost stories” from the cyber underworld — legendary incidents and infamous operations that still haunt defenders today — and explore why these names and their real-world impacts have left such lasting scars on the digital landscape. Plus, we’ve cooked up a fun, mystery-solving video to accompany this episode — complete with spooky clues, masked sleuths, and a few laugh-out-loud moments that fans of classic cartoon detectives will appreciate. Check it out on YouTube and see if you can unmask the culprit!
Transcribe →
Hot sauce and hot takes: An Only Malware in the Building special.
Sep 200:36:37Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building — but this time, it’s not just another episode. This is a special edition you won’t want to miss. For the first time, our hosts are together in-studio — and they’re turning up the heat. Literally. Join Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED, along with N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you’ve seen them tackle malware mysteries before? Wait until you see them sweat. This one’s too good for audio alone — you’ll want to watch the full video edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.
Transcribe →Work from home, malware included.
Aug 500:32:14Tap to summarizeWelcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks. You can find the links to the stories here: Lazarus Group Infostealer Malwares Attacking Developers In New Campaign Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware North Korean State Sponsored Supply Chain Attack on Tech Innovation Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
Transcribe →