Articles by Tag #threathunting

Browse our collection of articles on various topics related to IT technologies. Dive in and explore something new!

The Threat Intelligence Ouroboros: Why the Ancient Symbol Fits Modern Security
Narnaiezzsshaa Truong
Narnaiezzsshaa Truong

The Threat Intelligence Ouroboros: Why the Ancient Symbol Fits Modern Security

TL;DR: Traditional security thinks linearly (detect → respond → done). Effective security operates in...

Learn More 5 2Nov 21 '25
Introducing osquery_hunter — Lightweight Windows Triage Tool for DFIR & Threat Hunting
itsmegsg
itsmegsg

Introducing osquery_hunter — Lightweight Windows Triage Tool for DFIR & Threat Hunting

osquery_hunter helps security professionals quickly triage Windows systems using osquery. Ideal for DFIR and incident response when full EDR isn't available.

Learn More 3 4Oct 18 '25
🚀 ElasticSecOpsCoPilot — Autonomous IOC Enrichment for Elastic Security
Shresth Paul
Shresth Paul

🚀 ElasticSecOpsCoPilot — Autonomous IOC Enrichment for Elastic Security

I just released ElasticSecOpsCoPilot, a Python-powered continuous enrichment engine. 🔥 What It...

Learn More 0 0Nov 19 '25
Rise of the Digital Parasite: Why Ransomware Groups Stopped Encrypting Your Files in 2026
DeepSeaX
DeepSeaX

Rise of the Digital Parasite: Why Ransomware Groups Stopped Encrypting Your Files in 2026

The 38% Drop Nobody Expected Ransomware encryption is dying. Not because defenders won —...

Learn More 1 0Feb 27
Stop Waiting for the Alarm: Why You Need to Go Hunting for Hackers Yourself
Stephano Kambeta
Stephano Kambeta

Stop Waiting for the Alarm: Why You Need to Go Hunting for Hackers Yourself

In the old days of cybersecurity, the system was simple: You installed a firewall and antivirus,...

Learn More 0 0Oct 22 '25
Advanced Threat Hunting Techniques: Part 1
Emanuele Balsamo
Emanuele Balsamo

Advanced Threat Hunting Techniques: Part 1

Originally published at Cyberpath Threat hunting is no longer a luxury reserved for large...

Learn More 0 0Jan 2
Advanced Threat Hunting Techniques: Part 2
Emanuele Balsamo
Emanuele Balsamo

Advanced Threat Hunting Techniques: Part 2

Originally published at Cyberpath In Part 1 of this series, we explored anomaly detection and...

Learn More 0 0Jan 2
The Dracula Trilogy: Encoding AI-Assisted Attack Lifecycles as Vampire Mythology
Narnaiezzsshaa Truong
Narnaiezzsshaa Truong

The Dracula Trilogy: Encoding AI-Assisted Attack Lifecycles as Vampire Mythology

How Nosferatu, Carmilla, and Vlad map to Infiltration, Masquerade, and Persistence in modern cyber...

Learn More 2 0Oct 27 '25
What is Detection as Code?
Shivam Chamoli
Shivam Chamoli

What is Detection as Code?

What is Detection as Code? Detection as Code (DaC) is a modern cybersecurity practice...

Learn More 1 0Nov 17 '25
A Technical Deep Dive: Investigating Exchange Exploits and Lateral Movement in Splunk
Samuel Adeduntan
Samuel Adeduntan

A Technical Deep Dive: Investigating Exchange Exploits and Lateral Movement in Splunk

Introduction I recently conducted a thorough study of a sophisticated assault campaign...

Learn More 1 2Aug 29 '25
The Rise of Offensive AI: How Adversaries are Weaponizing Machine Learning
Giorgi Akhobadze
Giorgi Akhobadze

The Rise of Offensive AI: How Adversaries are Weaponizing Machine Learning

For decades, the archetype of the cyber adversary has been the shadowy hacker in a dark room, a lone...

Learn More 0 0Sep 28 '25
#DAY 4: The Field Agent
Samuel Adeduntan
Samuel Adeduntan

#DAY 4: The Field Agent

Deploying the Universal Forwarder & Establishing a Secure Connection Intoduction Day 4...

Learn More 3 0Sep 10 '25
CVE-2026-22769: Dell RecoverPoint Zero-Day Exploited by China Since 2024 — CVSS 10.0
DeepSeaX
DeepSeaX

CVE-2026-22769: Dell RecoverPoint Zero-Day Exploited by China Since 2024 — CVSS 10.0

A Hardcoded Password. Root Access. Two Years Undetected. Dell shipped a backup product...

Learn More 0 0Feb 27
UNC2814 GridTide: How China-Linked Hackers Used Google Sheets as C2 Across 42 Countries
DeepSeaX
DeepSeaX

UNC2814 GridTide: How China-Linked Hackers Used Google Sheets as C2 Across 42 Countries

A Spreadsheet Was the Weapon Google just disrupted one of the most sophisticated...

Learn More 0 0Feb 27
Dohdoor Malware: New Backdoor Targets U.S. Education & Healthcare (UAT-10027)
DeepSeaX
DeepSeaX

Dohdoor Malware: New Backdoor Targets U.S. Education & Healthcare (UAT-10027)

Executive Summary Threat Actor: UAT-10027 (low-confidence North Korea nexus, overlaps...

Learn More 0 0Feb 26
What is Memory Forensics?
Shivam Chamoli
Shivam Chamoli

What is Memory Forensics?

What is Memory Forensics? Memory forensics, or RAM forensics, involves analyzing a...

Learn More 1 0Apr 11 '25
Advanced Persistent Threats (APT): Threat Hunting Methodologies
Rafal
Rafal

Advanced Persistent Threats (APT): Threat Hunting Methodologies

Advanced Persistent Threats (APT): Threat Hunting Methodologies Executive...

Learn More 1 0Aug 10 '25
Fix It Before They Break It: The True Role of Vulnerability Management
SHUBHENDU SHUBHAM
SHUBHENDU SHUBHAM

Fix It Before They Break It: The True Role of Vulnerability Management

Before we start let's understand a few keywords Vulnerability: Vulnerability is always defined by...

Learn More 0 0Mar 11 '25
Threat Hunting With ZoomEye 2025
aiia
aiia

Threat Hunting With ZoomEye 2025

In the ever-evolving landscape of cybersecurity, threat hunting has become a cornerstone of proactive...

Learn More 0 0Sep 24 '25
Network Security Monitoring - Advanced Detection and Response
Rafal
Rafal

Network Security Monitoring - Advanced Detection and Response

# Network Security Monitoring: Advanced Detection and Response ## Introduction Network Security Monitoring (NSM) provides comprehensive visibility i...

Learn More 1 0Aug 11 '25
Level Up Your Blue Team Skills with SOCLabs 🚀
biu xi
biu xi

Level Up Your Blue Team Skills with SOCLabs 🚀

Cybersecurity is not just about building firewalls or patching systems. For blue team...

Learn More 0 0Aug 22 '25
Can Hybrid SOC Services stop advanced threats?
Emily Smith
Emily Smith

Can Hybrid SOC Services stop advanced threats?

Hybrid SOC services combine the capabilities of in-house security teams with the expertise and...

Learn More 1 0Aug 5 '25
Hunting for malicious OpenClaw AI in the modern enterprise
Mark0
Mark0

Hunting for malicious OpenClaw AI in the modern enterprise

This article explores the security risks associated with OpenClaw, an open-source framework for...

Learn More 1 0Mar 6
Rethinking the ‘Human Layer’ in Security for 2026: Employee Training vs. Security Team Capacity
DeepSeaX
DeepSeaX

Rethinking the ‘Human Layer’ in Security for 2026: Employee Training vs. Security Team Capacity

Delve into the limitations of relying on employees as the last line of defense and the critical role of security teams in mitigating threats.

Learn More 0 0Feb 26
Shadow Agents: How SentinelOne Secures the AI Tools That Act Like Users
Mark0
Mark0

Shadow Agents: How SentinelOne Secures the AI Tools That Act Like Users

The rapid integration of Large Language Models (LLMs) and agentic AI assistants like OpenClaw (also...

Learn More 0 0Feb 18
Speeding APT Attack Confirmation with Attack Discovery, Workflows, and Agent Builder
Mark0
Mark0

Speeding APT Attack Confirmation with Attack Discovery, Workflows, and Agent Builder

This article explores the defense against the Chrysalis backdoor, a sophisticated malware utilized by...

Learn More 0 0Feb 19