Description

Send us fan mail!

Hello to all our Cyber Daffodils! Host Selena Larson, and guest Host, Tim Kromphardt, sit down with Stuart Del Caliz, Senior Threat Detection Engineer at Proofpoint, to unpack the stealthy world of backdoors, malware detection, and the “secret signals” threat actors use to stay hidden.

From magic packets and port knocking to sophisticated backdoors like BPFdoor, Stuart shares how attackers design covert communication methods—and how defenders work to uncover them without overwhelming security teams with noise. The conversation blends deep technical insight with real-world analogies (think speakeasy knocks and undercover “internet cops”) to make complex detection strategies easier to understand.

You’ll also hear:

• How detection engineers balance accuracy and performance when writing IDS/IPS signatures
• Why some advanced malware can remain undetected for years—and whether we’re simply not seeing it
• How historic leaks like Shadow Brokers still influence modern attack techniques
• The role of “pattern matching” in identifying evolving malware behaviors
• How file metadata and revoked certificates can reveal threats hiding in plain sight
• Why community collaboration and feedback loops are critical to stronger detections

Whether you’re a security practitioner or deep in the trenches, this episode offers a closer look at the craft of detection engineering—and the constant challenge of writing high-fidelity detections against increasingly evasive threat techniques.

Resources Mentioned:

https://community.emergingthreats.net/

https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report/

https://www.wired.com/story/nsa-hacking-tools-stolen-hackers/

https://github.com/x0rz/EQGRP

For more information about Proofpoint, check out our website.

Subscribe & Follow:

Stay ahead of emerging threats, and subscribe! Happy hunting!