Threat Hunting

From Headlines to Hardened Defenses: The Agentic AI Approach to Actionable Threat Intelligence

Blue-Team

From Headlines to Hardened Defenses: The Agentic AI Approach to Actionable Threat Intelligence

The constant stream of cybersecurity headlines presents a dual challenge for security teams: identifying which threats are...

Investigating Qilin Ransomware Through Limited Endpoint Visibility

Blue-Team

Investigating Qilin Ransomware Through Limited Endpoint Visibility

When Huntress analysts investigated a Qilin ransomware attack with limited post-infection visibility, they demonstrated how meticulous forensic...

Native Sysmon Integration in Windows 11 and Server 2025: A New Era for Endpoint Visibility

Blue-Team

Native Sysmon Integration in Windows 11 and Server 2025: A New Era for Endpoint Visibility

Microsoft has announced a significant shift in its security strategy by integrating the System Monitor (Sysmon) tool...

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

APT-News

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

In a significant enforcement action, the U.S. Department of Justice announced that five individuals have pleaded guilty...

The Dual Role of Artificial Intelligence in Modern Cybersecurity

News

The Dual Role of Artificial Intelligence in Modern Cybersecurity

Artificial Intelligence is fundamentally reshaping the cybersecurity domain, serving as both a powerful weapon for attackers and...

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

Threat Intelligence

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

In a significant blow to transnational cybercrime, a five-month international operation led by Interpol has resulted in...

Analysis of the Purgatory Swatting Campaign: Tactics, Infrastructure, and Response

Threat Intelligence

Analysis of the Purgatory Swatting Campaign: Tactics, Infrastructure, and Response

A coordinated wave of swatting attacks has disrupted college campuses across the United States at the start...

Amazon Disrupts APT29’s Sophisticated Microsoft 365 Watering Hole Campaign

APT-News

Amazon Disrupts APT29’s Sophisticated Microsoft 365 Watering Hole Campaign

Amazon’s threat intelligence team has successfully identified and disrupted a sophisticated watering hole campaign in June 2025,...

APT36 Expands Linux Targeting with Malicious .desktop Files and ClickFix Social Engineering

APT-News

APT36 Expands Linux Targeting with Malicious .desktop Files and ClickFix Social Engineering

The Pakistan-linked threat actor APT36 (also known as Transparent Tribe or Mythic Leopard) has significantly evolved its...

Microsoft AI CEO Warns of Emerging ‘AI Psychosis’ and ‘Seemingly Conscious AI’ Risks

News

Microsoft AI CEO Warns of Emerging ‘AI Psychosis’ and ‘Seemingly Conscious AI’ Risks

Mustafa Suleyman, CEO of Microsoft AI, has publicly expressed significant concern regarding a new class of psychological...

Why Email Security Needs an EDR-Style Evolution for Modern Threats

Blue-Team

Why Email Security Needs an EDR-Style Evolution for Modern Threats

The current state of email security is analogous to the endpoint protection landscape a decade ago, relying...

Okta Open-Sources Auth0 Threat Detection Rules for Proactive Security

Blue-Team

Okta Open-Sources Auth0 Threat Detection Rules for Proactive Security

On August 19, 2025, Okta announced the open-source release of a catalog of pre-built Sigma detection rules...

Proactive Threat Hunting with Talos IR: A Framework for Staying Ahead of Emerging Threats

Threat Intelligence

Proactive Threat Hunting with Talos IR: A Framework for Staying Ahead of Emerging Threats

In an era where cyber threats evolve rapidly, proactive threat hunting has become a necessity for organizations...

Black Hat Asia 2025: SOC Innovations and Threat Hunting Insights

Threat Intelligence

Black Hat Asia 2025: SOC Innovations and Threat Hunting Insights

Black Hat Asia 2025 showcased cutting-edge security operations center (SOC) technologies and threat-hunting methodologies, with Cisco returning...

Online Grooming Gangs Exploit Platforms to Target Minors: Technical Analysis and Mitigation

Threat Intelligence

Online Grooming Gangs Exploit Platforms to Target Minors: Technical Analysis and Mitigation

The National Crime Agency (NCA) has issued a stark warning about organized online groups grooming girls as...

Online Gangs Exploiting Young Girls: Technical Analysis of NCA Findings

Threat Intelligence

Online Gangs Exploiting Young Girls: Technical Analysis of NCA Findings

The National Crime Agency (NCA) has released a report detailing the alarming rise of online gangs exploiting...

Black Hat Asia 2025: SOC Innovations and Threat Hunting Insights

Blue-Team

Black Hat Asia 2025: SOC Innovations and Threat Hunting Insights

The Black Hat Asia 2025 conference, held at Marina Bay Sands in Singapore from April 1–4, showcased...

Online Grooming Gangs Exploiting Young Girls: A Technical Analysis of NCA Findings

Threat Intelligence

Online Grooming Gangs Exploiting Young Girls: A Technical Analysis of NCA Findings

The National Crime Agency (NCA) has identified a disturbing trend of online grooming gangs targeting girls as...

The Hidden Infrastructure Behind Cyber Big Game Hunting: TAG-124 and Malicious TDS

Threat Intelligence

The Hidden Infrastructure Behind Cyber Big Game Hunting: TAG-124 and Malicious TDS

Cybercriminals are increasingly using sophisticated Traffic Distribution Systems (TDS) like TAG-124 to deliver ransomware and malware to...

Phishing-as-a-Service Platform Morphing Meerkat Exploits DNS MX Records to Spoof 100+ Brands

Threat Intelligence

Phishing-as-a-Service Platform Morphing Meerkat Exploits DNS MX Records to Spoof 100+ Brands

A newly uncovered phishing-as-a-service (PhaaS) platform, named “Morphing Meerkat,” has been leveraging DNS mail exchange (MX) records...

Posts pagination

1 2 Next

Threat Hunting

From Headlines to Hardened Defenses: The Agentic AI Approach to Actionable Threat Intelligence

Investigating Qilin Ransomware Through Limited Endpoint Visibility

Native Sysmon Integration in Windows 11 and Server 2025: A New Era for Endpoint Visibility

The Dual Role of Artificial Intelligence in Modern Cybersecurity

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

Analysis of the Purgatory Swatting Campaign: Tactics, Infrastructure, and Response

APT36 Expands Linux Targeting with Malicious .desktop Files and ClickFix Social Engineering

Microsoft AI CEO Warns of Emerging ‘AI Psychosis’ and ‘Seemingly Conscious AI’ Risks

Proactive Threat Hunting with Talos IR: A Framework for Staying Ahead of Emerging Threats

Black Hat Asia 2025: SOC Innovations and Threat Hunting Insights

Black Hat Asia 2025: SOC Innovations and Threat Hunting Insights

The Hidden Infrastructure Behind Cyber Big Game Hunting: TAG-124 and Malicious TDS

Phishing-as-a-Service Platform Morphing Meerkat Exploits DNS MX Records to Spoof 100+ Brands

You may have missed

TikTok’s U.S. Divestiture Deal: A Security-Focused Analysis of the New Joint Venture Structure

Critical WatchGuard Firebox RCE Flaw Exploited, CISA Issues Directive

EU’s Landmark Fine Against X Tests Enforcement of Digital Regulations Amid Transatlantic Tensions

Spain’s Young Hackers: A Pattern of Escalating Cybercrime from Data Theft to Political Cyberterrorism