Every week, Sprocket CEO and Founder Casey Cammilleri interviews an expert leading the charge on empowering security experts and practitioners with the knowledge and insights needed to excel in the future of cybersecurity.

He spoke with Megan Squire, Threat Intelligence Researcher at F-Secure Corporation, at Black Hat 2025. Here are the top takeaways from the interview.

#1: Why infostealers are exploding in popularity with cybercriminals

Megan breaks down the economics behind infostealer data, why attackers prefer browser artifacts over traditional malware payloads, and how identity-driven intrusions now dominate the threat landscape.

#2: What terabytes of stolen logs say about victims

From gaming mod downloads to risky autofill habits, you’ll hear surprising — and sometimes alarming — patterns in how real users get infected and how their digital behaviors expose organizations.

#3: The hidden risk of screenshots, autofills, and “harmless” browser data

Infostealer logs often contain far more than passwords: corporate workflows, moderation dashboards, wallet seed phrases, internal systems, and even sensitive documents pulled straight from user machines.

#4: How attackers resell, bundle, and weaponize stolen logs

Megan outlines the multi-layered marketplace where logs are bought, scraped, sliced, and re-sold — each layer extracting different forms of value.

#5: How red teams can (safely and ethically) leverage infostealer artifacts

Casey and Megan discuss where these logs can strengthen offensive operations, how to identify fake or duplicated logs, and what signals matter when planning an engagement.

#6: Why BYOD and “crossing the streams” is quietly killing organizations

A massive percentage of infections occur on personal devices that users mix with corporate access — creating exposure most organizations never account for.

#7: What synthetic infostealer logs can teach defenders

Megan walks through her process for generating synthetic datasets for DEF CON workshops and why the industry needs safe training material for understanding log structure.

Why this episode matters

Infostealers represent a major blind spot. Security teams continue focusing on malware detection, while adversaries pivot to credential and session theft at unprecedented scale. This episode cuts through the noise and gives listeners a clear, research-backed view into how the threat is evolving — and what to do about it.

If your organization relies on identity, browsers, SaaS, or users (so… everyone), this conversation is worth your time.