Red Canary Office Hours: Episode 4 – Saffron Starling
Keith and Dave are joined by Brian Donohue (Principal Information Security Researcher) to discuss Saffron Starling, a rising threat featured in our February Intelligence Insights.
Resources mentioned in today’s episode:
- Blog: Intelligence Insights: February 2025
- Blog: Open with Notepad: Protecting users from malicious JavaScript
- Gist mentioned: Possible file extensions to open with notepad.exe to reduce the risk of ransomware executing
- Blog: What is normal? Profiling System32 binaries to detect DLL Search Order Hijacking
- Red Canary Blog
- Red Canary YouTube Channel
Join us every Tuesday at 1PM ET for fresh insights from the front lines and unfiltered takes on the biggest cybersecurity news and trends. Sign up now.
Timestamps:
- 00:05 – Welcome to Red Canary Office Hours
- 01:50 – Ops insight & discussion: Saffron Starling
Related Resources
Red Canary Office Hours: Episode 30 – Top threats in July – Patterns, precursors and evolving malware tools
Red Canary Office Hours: Episode 30 – Top threats in July – Patterns, precursors and evolving malware tools
Red Canary Office Hours: Episode 29 – Uncovering OAuth threats: Detecting malicious Azure phishing campaigns
Red Canary Office Hours: Episode 29 – Uncovering OAuth threats: Detecting malicious Azure phishing campaigns
Intelligence Insights: August 2025
Intelligence Insights: August 2025
Patching for persistence: How DripDropper Linux malware moves through the cloud
Patching for persistence: How DripDropper Linux malware moves through the cloud