How To Use Process Hacker to Find Intrusions During Incident Response and Threat Hunting Engagements
How To Use Process Hacker to Find Intrusions During Incident Response and Threat Hunting Engagements Exploring Process Hacker for Threat Hunting and Malware Detection In this week’s Tech Talk Tuesday, […]
How to Threat Hunt for APT33/APT38/Lazarus/Dragonfly’s Malicious Scheduled Tasks
APT33/APT38/Lazarus/Dragonfly and many other hacking groups have used scheduled tasks for both persistence and privilege escalation. In this edition of #techtalktuesday we review the fundamentals behind scheduled tasks and discuss how you can include looking for scheduled tasks in your threat hunting efforts.
One Windows Event Log ID To Rule Them All: Why You Should Hunt With Event 4624
Today, we’re diving deep into what might just be the most valuable event ID for your threat hunting arsenal: Windows Event ID 4624.
Threat Hunting with Pyshark: Using Open Source Python Libraries to Automate Threat Hunting
Ever feel like you’re drowning in network traffic, trying to pinpoint that one suspicious packet? Manually sifting through gigabytes of data with Wireshark is powerful, but it’s not always the most efficient way to hunt for threats, especially when you need to do it repeatedly or at scale.
Threat Hunting Is A Team Sport: How To Build and Lead Effective Threat Hunting Teams
Threat Hunting Is A Team Sport: How To Build and Lead Effective Threat Hunting Teams https://youtu.be/iNz78zlU7Rk Beyond Silos: Building a High-Performance Threat Hunting Program with the Pod Structure In the […]
Threat Hunting Beyond Your Boundary With Open Source Tools: Automating With Python and Shodan
Threat Hunting Beyond Your Boundary With Open Source Tools: Automating With Python and Shodan https://youtu.be/7FvQ4PrVuuc Beyond Your Borders: Proactive Threat Hunting with Shodan and Open Source Intel If you’re in […]
Why We Switched from Reactive to Proactive Threat Hunting (And Why It Led to Finding More Threats)
Today, we’re moving beyond the traditional reactive approaches and delving into why a proactive threat hunting strategy is not just beneficial, but essential for uncovering more threats and staying ahead of adversaries.
How To Improve Threat Hunting Success With The “Right” Intel Using 3 Basic Questions
If you’re looking to sharpen your threat hunting game and tangibly measure your success, you’ve come to the right place. Today, we’re diving into how strategic use of threat intelligence can transform your threat hunting program from a good effort into a highly effective defense mechanism.
Beyond Blacklists: Why Behavioral Threat Hunting is Your Security Secret Weapon (And Why Indicators Still Matter)
By integrating both indicator sweeps and behavioral analysis into your threat hunting program, you move from simple pattern matching to truly understanding the adversary’s actions within your environment. You’ll hunt smarter, catch more, and build a significantly stronger defense.
Why MFA Won’t Protect You From Hackers
In this week’s Tech Talk Tuesday, we dive into where MFA starts to fall short—especially against nation-state and advanced persistent threat (APT) actors—and what additional steps you can take to strengthen your defenses.