
Who’s logging in?
From Only Malware in the Building by DISCARDED | N2K Networks
April 7, 2026 · 43 min · Season 1 · Episode 22
About this episode
The episode discusses findings from the Sophos Active Adversary Report 2026, focusing on identity-related weaknesses and the evolving tactics of cyber attackers.
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we discuss findings from the Sophos Active Adversary Report 2026 by Sophos, highlighting how identity-related weaknesses like compromised credentials and gaps in MFA continue to drive a majority of security incidents. The conversation explores how attackers are moving faster, often operating after hours, and how a growing number of threat groups is adding to the complexity.
People in this episode
Host: Selena Larson
Guests: Dave Bittner, Keith Mularski
Topics covered
- cybersecurity
- identity-related weaknesses
- security incidents
- threat groups
- MFA
- cybercrime
Keywords
- cybersecurity
- MFA
- compromised credentials
- threat groups
- security incidents
- cyber puzzle
Mentioned in this episode
Organizations: Proofpoint, Qintel, Sophos
Books & works: Sophos Active Adversary Report 2026
More episodes of Only Malware in the Building
- Trusting the wrong package. · June 2, 2026 · 47 min
- Mythbehavior under investigation. · May 5, 2026 · 45 min
- AI swarms and cyber alarms. · March 10, 2026 · 52 min
- When legit is the trick: Phishing’s sneaky new moves. · February 3, 2026 · 40 min
- Poisoned at the source. · January 6, 2026 · 45 min
- Yippee-ki-yay, cybercriminals! · December 2, 2025 · 40 min
Explore listener stats, chart rankings, contacts and more on the Only Malware in the Building podcast page.