Volt Typhoon: Unpacking State Sponsored Living-Off-the-Land Attacks on Critical Infrastructure December 5, 2023 Watch »
Industrial Cybersecurity controls: From XDR to Cybersecurity Automation and Beyond October 31, 2023 Watch »
How to Tailor NSA/CISA’s ELITEWOLF Snort Signatures To Your Industrial Environment October 17, 2023 Watch »
IR Plan, Policy & Procedures Part 3: How To Write a Cybersecurity Incident Response Procedures February 21, 2023 Watch »
IR Plan, Policy & Procedures Part 2: How To Write a Cybersecurity Incident Response Policy February 14, 2023 Watch »
How to Write an Incident Response Plan: IR Plan, Policy & Procedures (Part 1) January 11, 2023 Watch »
How To Use Process Hacker to Explore Malicious Service and Network Activity During DFIR/Threat Hunts November 29, 2022 Watch »
How To Use Process Hacker to Find Intrusions During Incident Response and Threat Hunting Engagements November 22, 2022 Watch »
How To Use Window’s Advanced Network Connection Audit Logging to Detect and Hunt for Cyber Attackers November 8, 2022 Watch »
How To Detect Malicious Network Share Usage With The Windows Event Logs When Threat Hunting November 1, 2022 Watch »
How to Build a Raspberry Pi Based WiFi Pentesting and Cybersecurity Assessment Kit for Under $100 October 17, 2022 Watch »
How To Defend Yourself From Cybersecurity Threats When You Can’t Immediately Patch October 11, 2022 Watch »
How to Respond to Cybersecurity Incidents: Exploring the NIST and SANS Incident Response Models September 20, 2022 Watch »
How to Write Yara Binary Pattern Matching Rules to Enhance Threat Hunting and Cybersecurity Ops August 20, 2022 Watch »
How Hackers Hijack Applications Using Malicious DLLs: And How To Improve Cyber Defenses Against It August 16, 2022 Watch »
How to Write Sysmon Rules: Getting Fancy(Bear) With Sysmon to Find APT Level Cyber Security Threats August 9, 2022 Watch »
Why/How to Threat Hunting With Windows Process Creation/Termination (Event ID 4688/4689) Logs July 19, 2022 Watch »
How to Threat Hunt for APT33/APT38/Lazarus/Dragonfly’s Malicious Scheduled Tasks July 12, 2022 Watch »
Threat Hunting with Pyshark: Using Open Source Python Libraries to Automate Threat Hunting June 28, 2022 Watch »
Threat Hunting Is A Team Sport: How To Build and Lead Effective Threat Hunting Teams June 21, 2022 Watch »
Threat Hunting Beyond Your Boundary With Open Source Tools: Automating With Python and Shodan June 14, 2022 Watch »
Why We Switched from Reactive to Proactive Threat Hunting (And Why It Led to Finding More Threats) June 7, 2022 Watch »
How To Improve Threat Hunting Success With The “Right” Intel Using 3 Basic Questions May 31, 2022 Watch »
Beyond Blacklists: Why Behavioral Threat Hunting is Your Security Secret Weapon (And Why Indicators Still Matter) May 24, 2022 Watch »
What is Threat Hunting? The What and Why of An Essential Prevention and Detection Activity April 12, 2022 Watch »
Threat Hunting Techniques for APT34 and APT39: Identifying Network Scanning Behavior April 5, 2022 Watch »
10 Free and Effective Ways to Harden Cyber Defenses Immediately (Response to White House Advisory) March 29, 2022 Watch »
Hunt Like They Fight: How The DoD’s Joint Targeting Cycle Can Help Improve Your Threat Hunts March 22, 2022 Watch »
Going from Nation State Malware Sample to MITRE ATT&CK Techniques in Under 5 Minutes March 8, 2022 Watch »
Hunting for APT28/Hafnium NTDS.dit Domain Controller Credential Harvesting [MITRE ATT&CK T1003.003] March 1, 2022 Watch »
Using MITRE ATT&CK for Enterprise and ATT&CK for ICS in Industrial Environments February 22, 2022 Watch »
Threat Hunting for No-Key-Theft-Required Attacks in Trusted Binaries [MITRE ATT&CK T1553.002] February 15, 2022 Watch »
Put Down Your Dukes: Hunting For Hacking Group APT 29/APT 37/APT 40’s Covert Data Exfiltration February 8, 2022 Watch »
Going From Threat Intel to Threat Hunt: Threat Hunting for Nation State Actors February 5, 2022 Watch »
