Red Canary Office Hours: Episode 4 – Saffron Starling
Keith and Dave are joined by Brian Donohue (Principal Information Security Researcher) to discuss Saffron Starling, a rising threat featured in our February Intelligence Insights.
Resources mentioned in today’s episode:
- Blog: Intelligence Insights: February 2025
- Blog: Open with Notepad: Protecting users from malicious JavaScript
- Gist mentioned: Possible file extensions to open with notepad.exe to reduce the risk of ransomware executing
- Blog: What is normal? Profiling System32 binaries to detect DLL Search Order Hijacking
- Red Canary Blog
- Red Canary YouTube Channel
Join us every Tuesday at 1PM ET for fresh insights from the front lines and unfiltered takes on the biggest cybersecurity news and trends. Sign up now.
Timestamps:
- 00:05 – Welcome to Red Canary Office Hours
- 01:50 – Ops insight & discussion: Saffron Starling
Related Resources
Red Canary Office Hours: Episode 25 – June 2025 top threats
Red Canary Office Hours: Episode 25 – June 2025 top threats
Intelligence Insights: July 2025
Intelligence Insights: July 2025
Red Canary Office Hours: Episode 24 – ClickFix technique continues to be popular among threat actors
Red Canary Office Hours: Episode 24 – ClickFix technique continues to be popular among threat actors
Red Canary Office Hours: Episode 23 – Beyond the firewall: Inside threat hunting & mobile attack trends (AMA)
Red Canary Office Hours: Episode 23 – Beyond the firewall: Inside threat hunting & mobile attack trends (AMA)