Red Canary Office Hours: Episode 19 – Beware! Paste and Run (ClickFix) & CleanUpLoader Malvertising Attacks
This week on Red Canary Office Hours, Keith covers two late-breaking ops insights.
First, he provides a brief update on “paste and run” (aka ClickFix and fakeCAPTCHA), followed by insight into a recent malvertising campaign delivering the CleanUpLoader backdoor.
Resources referenced in this episode:
- Threat Detection Report: Threat Index
- Example watering hole
- Rapid7 blog: Malvertising Campaign Leads to Execution of Oyster Backdoor
Requests? Questions? Send us an email: officehours@redcanary.com
Join us every Tuesday at 1PM ET for fresh insights from the front lines and unfiltered takes on the biggest cybersecurity news and trends. Sign up now.
Related Resources
Red Canary Office Hours: Episode 30 – Top threats in July – Patterns, precursors and evolving malware tools
Red Canary Office Hours: Episode 30 – Top threats in July – Patterns, precursors and evolving malware tools
Red Canary Office Hours: Episode 29 – Uncovering OAuth threats: Detecting malicious Azure phishing campaigns
Red Canary Office Hours: Episode 29 – Uncovering OAuth threats: Detecting malicious Azure phishing campaigns
Intelligence Insights: August 2025
Intelligence Insights: August 2025
Patching for persistence: How DripDropper Linux malware moves through the cloud
Patching for persistence: How DripDropper Linux malware moves through the cloud