Red Canary Office Hours: Episode 4 – Saffron Starling
Keith and Dave are joined by Brian Donohue (Principal Information Security Researcher) to discuss Saffron Starling, a rising threat featured in our February Intelligence Insights.
Resources mentioned in today’s episode:
- Blog: Intelligence Insights: February 2025
- Blog: Open with Notepad: Protecting users from malicious JavaScript
- Gist mentioned: Possible file extensions to open with notepad.exe to reduce the risk of ransomware executing
- Blog: What is normal? Profiling System32 binaries to detect DLL Search Order Hijacking
- Red Canary Blog
- Red Canary YouTube Channel
Join us every Tuesday at 1PM ET for fresh insights from the front lines and unfiltered takes on the biggest cybersecurity news and trends. Sign up now.
Timestamps:
- 00:05 – Welcome to Red Canary Office Hours
- 01:50 – Ops insight & discussion: Saffron Starling
Related Resources
Red Canary Office Hours: Episode 7 – Exclusive First Look at the 2025 Threat Detection Report
Red Canary Office Hours: Episode 7 – Exclusive First Look at the 2025 Threat Detection Report
Red Canary Office Hours: Episode 6 – OCSF, ClickFix Threats and Detecting Paste and Run
Red Canary Office Hours: Episode 6 – OCSF, ClickFix Threats and Detecting Paste and Run
Red Canary Office Hours: Episode 5 – Mail bag: How do you handle IOCs?
Red Canary Office Hours: Episode 5 – Mail bag: How do you handle IOCs?
Red Canary Office Hours: Episode 3 – Phishing attacks leveraging M365 Device Code Authentication and How often do bad things happen?
Red Canary Office Hours: Episode 3 – Phishing attacks leveraging M365 Device Code Authentication and How often do bad things happen?