Threat Hunt Deep Dives: User Account Control Bypass via Registry Modification
DEEP DIVE EPISODE 7 User Account Control (UAC) Bypass is a clever method that can be used for privilege escalation either manually or via scripts and can be exploited using various methods. This video covers the Registry Key Modification method, one that abuses registry keys by creating or modifying values ... Read More
Exception vs. Reality: Debunking 5 (More) Myths About Threat Hunting
If you’ve been paying attention to the cyber security industry, you’ve probably noticed the term “threat hunting” or “threat hunters” coming up an awful lot. The question you should ask yourself is: “why?” The answer, like most things in the cyber security industry, depends. Some organizations are interested in maturing ... Read More
The Threat Hunting Conundrum: Challenges Security Teams Face
It’s pretty undeniable that threat hunting, as a topic, has captured the imagination of cyber security (and marketing) professionals all around the globe. And why wouldn’t it? Proactive hunting has the opportunity to help uplift and mature security operations, while causing an unbelievable amount of grief to cyber adversaries all ... Read More
Expectation vs Reality: Debunking 5 (More) Myths About Threat Hunting
If you’ve been paying attention to the cyber security industry, you’ve probably noticed the term “threat hunting” or “threat hunters” coming up an awful lot. The question you should ask yourself is: “why?” The answer, like most things in the cyber security industry, depends. Some organizations are interested in maturing ... Read More
From a Global Man Hunt to a Cyber Threat Hunt
The scene is a compound in the remote hills of Pakistan, cut off from phones and Internet, carefully designed to conceal its inhabitants not just from prying eyes, but drones and spy satellites as well. The walls of the compound not only ensure privacy for the occupants, but also self-sufficiency ... Read More
Logs & You: Explaining Threat Hunting to Non-Threat Hunters
I have a story to tell you: it is set in a backyard BBQ on the fourth of July, or a family gathering, or the break room at the office. Regardless of the setting, the characters are all (mostly) the same: an enthusiastic cyber security professional (let’s called them “CSP” ... Read More
Lock ‘N’ Load: A New LockBit Campaign
Well, it seems like it is that time of the week, again. Sigh… Yet another ransomware group has (re)commenced operations. Their modus operandi is unchanged from every other group: steal whatever data they can get their hands on, encrypt it, and leave organizations holding the bill. Fail to pay that ... Read More
Cyber Threat Hunting: 3 MORE Videos to Help You Become an Expert
One of the most common questions we hear in the industry asking is “how do I become a threat hunter?” This is because, unlike most other fields, there are few courses, certifications, or classes to teach true threat hunting. Instead, threat hunting is practice that often requires individuals to put ... Read More
Threat Content Platforms: Why We Need Them More Than Ever Before
The SecOps world is a funny place. For those who’ve been in it for a while, it is amazing to see the strides we’ve made in technology. We started with mostly roll-your-own tools, and we now have the capability to remotely examine, in real time, filesystem changes and memory on ... Read More
Proactive Threat Hunting Shouldn’t Just be a Buzzword
If you’ve been paying attention to the media for the last few months, you’ve probably noticed that cybersecurity has re-emerged as a topic of interest. What has changed, however, is that the discussion being had isn’t happening in technical discussion forums or industry publications. Nor is it happening in security ... Read More