Threat Hunting
Qevlar Raises $14M to Lead the Agentic AI Revolution
Qevlar leads the agentic AI revolution and raises $14 million in total funding, including a fresh $10 million round led by EQT Ventures and Forgepoint Capital International ...
Threat Research Report: Web Browsers as an Overlooked Risk in Cybersecurity
Web browsers have evolved from passive document viewers into complex platforms essential for cloud-based work. But this transformation has also made them a prime target for cyber threats, leaving enterprises and government ...
How I’m fighting cybercrime with Spamhaus (and how you can too!)
Meet Jeroen Gui - student, founder of JustGuard, and a top contributor to Spamhaus' Threat Intel Community Portal. Passionate about making the internet a safer place, Jeroen submits thousands of malicious domains, ...
Detection Engineer’s Guide to Powershell Remoting
Powershell Remoting is a powerful feature in Windows that enables IT administrators to remotely execute commands, manage configurations, and automate tasks across multiple systems in a network. Utilizing Windows Remote Management (WinRM), ...
Misconfiguration Manager: Detection Updates
TL;DR: The Misconfiguration Manager DETECT section has been updated with relevant guidance to help defensive operators identify the most prolific attack techniques from the Misconfiguration Manager project.BackgroundIf you have been following SpecterOps’s offensive ...
Blinded by Silence
Blinded by Silence: How Attackers Disable EDROverviewEndpoint Detection and Response systems (EDRs) are an essential part of modern cybersecurity strategies. EDR solutions gather and analyze data from endpoints to identify suspicious activities and ...
Linux Persistence Mechanisms and How to Find Them
Linux persistence mechanisms are used by an attacker to maintain access to a compromised system, even after reboots or system updates. These allow attackers to regain control of a system without re-exploiting ...
Unlocking the Power of AI in Threat Hunting
TechSpective Podcast Episode 139 In the latest TechSpective Podcast, I had the pleasure of speaking with Wilson Tang, a Machine Learning Engineer on Adobe’s threat hunting team. Our conversation delved into ...
Hunting Specula C2 Framework and XLL Execution
Specula is a framework that allows for interactive operations of an implant that runs purely in the context of Outlook. It works by setting a custom Outlook homepage via registry keys that ...
Detection Rules & MITRE ATT&CK Techniques
We Can Do BetterAs a Detection Engineer and Threat Hunter, I love MITRE ATT&CK and I whole-heartedly believe that you should too. However, there’s something about the way that some folks leverage MTIRE ...
