SHOW NOTES

In this episode of SecOps Weekly, Zscaler Senior Intelligence Analyst Stef Rand details the Intelligence Insights for June and dives deep into “Paste and Run”—a social engineering technique used by 70% of the top 10 threats. From ClickFix lures to obfuscated PowerShell commands, attackers are shifting away from traditional file downloads and tricking users into executing malware manually.

We break down the latest data on Clearfake, the rise of Kali 365, and why device code phishing is becoming a massive headache for M365 environments.

TIMESTAMPS

• 00:00 – Introduction
• 01:13 – Welcome to SecOps Weekly!
• 02:26 – Top 10 threats
• 06:37 – Return of HijackLoader & TeamPCP
• 09:40 – Tracking adversary groups
• 12:19 – “Paste & run” deep dive
• 16:33 – Kali365 in the news
• 25:00 – Preventing device code abuse
• 30:46 – Next week’s preview