Devious Packets:

How to Detect Malicious Domain Fronting

Wednesday February 23, 2022 

1-2pm EST 

How can a business secure against cyberattacks and data breaches? 

Threat actors are increasingly turning to more stealthy methods of network communication between their Command and Control (C2) servers and the malware implants, such as Cobalt Strike beacon, running on their victims’ endpoints.  It’s important to understand these methods and ways to counteract them in order to keep your business secure. 


Join Randy Pargman, VP of Counterintelligence and Threat Hunting, and Donald “Mac” McCarthy, Director of Field Operations for Open Source Context, for a webinar where they’ll cover:

  • How domain fronting is used to disguise malicious connections as legitimate connections to trusted services 
  • How threat hunters in your security team can use network monitoring data and a SIEM with advanced query functionality such as Microsoft Sentinel or Splunk to hunt down devious network traffic 


Attend our webinar for a chance to win one of five prizes, including our grand prize. Runners up will receive a gift package containing a t-shirt from each presenting company. 

Attend our webinar on February 23, 2022, for a chance to win the following items

Register today!

About the Presenters

Randy Pargman 


Randy Pargman is the Senior Director of Threat Hunting and Counterintelligence at Binary Defense.  In this role, he leads the teams responsible for advanced analysis of malware, development of technology to detect threat actor activity, threat intelligence research of criminal forums, and monitoring of Darknet, Clearnet and Social Media platforms for threat indicators.  Randy previously worked for the FBI, where he served for 15 years, most recently as a Senior Computer Scientist on the Cyber Task Force in Seattle. 



Donald ‘Mac’ McCarthy 

Mac has been involved in the IT industry for more than 20 years. He currently serves as the Director for Field Operations for Open Source Context. A primary focus for Mac is working with customers to use Passive DNS data to automate and enrich traditional SOC data sources and tasks. He is regularly sought out to provide training for organizations to help reduce analyst workload, increase decision speed, and streamline processes. He also participates in multiple communities to provide support for counter-cybercrime and botnet takedown operations. 

Mac previously served as the Vice President of Operations for myNetWatchman where he and his team were successful in stopping billions of dollars of fraud and cybercrime against some of the world’s most recognized brands.