Episode 159: The Scariest Malware of 2025

 

 

In episode 159 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf, Sr. Cyber Threat Intelligence Analyst at the Center for Internet Security^® (CIS^®), and Randy Rose, Vice President of Security Operations & Intelligence at CIS. Together, they dive into the scariest malware of 2025 in this special Halloween edition.

The conversation explores what makes today’s malware truly terrifying, from stealthy threats that hide in plain sight to modular malware that evolves faster than defenses can adapt. The trio also discusses the corporatization of cybercrime, the rise of Malware as a Service, and how generative artificial intelligence (GenAI) is lowering the barrier to entry for cybercriminals.

Here are some highlights from our episode:

• 00:42. Introductions to Josh and Randy
• 02:21. What makes the scariest malware of 2025 truly "scary"
• 05:42. Evolution of malware: people, process, and technology
• 09:33. How the corporatization of malware helps to democratize cybercrime
• 11:25. The most "terrifying" malware strains of 2025
• 15:49. Malware reincarnation: Old threats with new masks
• 17:20. GenAI as the great equalizer for cybercriminals, especially social engineers
• 23:32. Defense-in-depth and threat-informed strategies
• 24:45. Why incident response playbooks must evolve and become living documents
• 27:02. What incident response looks like for cloud assets in the Fourth Industrial Revolution
• 29:27. Naming malware after horror movie icons

Resources

• Multi-State Information Sharing and Analysis Center^®
• Episode 144: Carrying on the MS-ISAC's Character and Culture
• Episode 126: A Day in the Life of a CTI Analyst
• A Short Guide for Spotting Phishing Attempts
• The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity
• Episode 157: How a Modern, Mission-Driven CIRT Operates
• Living Off the Land: Scheduled Tasks
• Cyber defenders sound the alarm as F5 hack exposes broad risks
• Episode 134: How GenAI Lowers Bar for Cyber Threat Actors
• Active Lumma Stealer Campaign Impacting U.S. SLTTs
• ClickFix: An Adaptive Social Engineering Technique
• Top 10 Malware Q1 2025
• CTAs Leveraging Fake Browser Updates in Malware Campaigns
• Italian police freeze cash from AI-voice scam that targeted business leaders
• CornCon Cybersecurity Conference

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].