Cyborg Security, Now Part of Intel 471

📣 Attention cyber defenders! In case you missed it, Cyborg Security was acquired by Intel 471 in May 2024. But don't worry, our commitment to delivering top-notch threat hunting content is stronger than ever! Make sure to follow Intel 471 to stay updated on all things threat hunting. As part of the Intel 471 LinkedIn community, you’ll get content like: ⭐️ How-to videos on threat hunting techniques: Practical guides to help you identify and mitigate threats more effectively. ⭐️ Monthly cyber threat update reports from the HUNTER Platform: Stay informed with the latest threat data and analysis on emerging risks. ⭐️ Threat hunting blogs, case studies, and white papers: Dive deep into expert insights, real-world case studies, and in-depth research on advanced threat hunting topics. ⭐️ Updates on upcoming Threat Hunting Workshops: Invitations to hands-on sessions that will enhance your threat hunting capabilities. ⭐️ Insights on the latest emerging threats: Stay ahead with timely information on new and evolving threats. Join us at Intel 471 and be part of the community that's driving the future of intelligence-led threat hunting. See you there, hunters! 🤓 https://hubs.la/Q02PnRqF0 #threathunting #cybersecurity #threatintelligence #informationsecurity #cybersecurityprofessionals #securityoperationscenter

Join us tomorrow, October 2, 2024, from 12:00 - 1:00 PM ET for an interactive, hands-on workshop focused on the MITRE ATT&CK Tactic of Collection. You’ll actively participate in live threat hunts, using real-world data within an enterprise-grade environment to identify collection-based threats. Guided by Intel 471’s experts, you’ll learn how to operationalize threat intelligence and enhance your threat hunting capabilities. Gain valuable skills you can immediately apply to protect your organization. Secure your spot now: https://hubs.la/Q02RxC5g0 #ThreatHunting #ThreatIntelligence #Cybersecurity #MITREATTACK

AsyncRAT is a versatile remote access tool (RAT) often used in malicious campaigns, offering features like keylogging and remote desktop control, making it a common choice for cybercriminals. In this episode of "Happy Hunting", Lee Archinal breaks down the behaviors of AsyncRAT and shows how threat hunters can identify patterns—such as batch file executions in temp directories. Watch now to learn how you can track these techniques using the Execution Bat Script to Unpack Payload Hunt Package on the 471HUNTER Platform. Get your free 471HUNTER Community Account to access this hunt package and more: https://hubs.ly/Q02R5NYK0 Already have a Community Account? Jump straight to the hunt package: https://hubs.ly/Q02R5QrY0 #AsyncRAT #ThreatHunting #CyberSecurity #Malware #ThreatIntel #SecurityOperationsCenter #ThreatIntelligence

Join us for a LIVE episode of Out of the Woods: The Threat Hunting Podcast as we kick off season 2 with a special Halloween-themed discussion! In “Blood, Sweat, and Threats: Carving the Perfect Threat Hunter,” we’ll dive into the journey of a threat hunter, exploring everything from early skills and focus areas to maintaining efficiency and aligning with security teams. Whether you're just starting out or a seasoned pro, this episode is packed with actionable insights to elevate your threat hunting strategy. 📅 Date: October 24, 2024 ⏱️ Time: 7:00 - 8:30 PM ET Don’t just listen, join the conversation! During the live broadcast, jump into our Discord server to chat with the hosts and fellow threat hunters, share your thoughts, and exchange ideas in real time: https://lnkd.in/g-bw7Q8J Sign up today! #threathunting #cybersecurity #threatintelligence #outofthewoodspodcast

Join us on October 2, 2024, from 12:00 - 1:00 PM ET for an interactive, live workshop focused on the MITRE ATT&CK Tactic of Collection. We’ll begin by exploring advanced threat intelligence to help you uncover adversarial tactics, then guide you through a step-by-step threat hunting session using real-world data in an enterprise-grade hunting environment. Led by Intel 471’s expert hunters, this session will show you how to operationalize threat intelligence to detect and mitigate collection-based threats, equipping you with practical skills you can immediately apply to protect your organization. Secure your spot today: https://hubs.la/Q02P_kL80 #threathunting #threatintelligence #cybersecurity #mitreattack

APT38, known for stealing millions in high-profile financial attacks like the $81M Bangladesh Bank heist, is no ordinary adversary. This state-sponsored group excels at using zero-days and firewall evasion techniques to bypass detection and target financial institutions worldwide. In the latest "Happy Hunting" episode, Lee Archinal explores APT38’s sophisticated methods and explains why threat intelligence is critical to staying ahead of these attackers. Learn how to hunt for their tactics using the Windows Firewall Rule Added via CMD/PowerShell Hunt Package on the 471HUNTER Platform. Get a free 471HUNTER Community Account to access this hunt package and more: https://hubs.la/Q02Pcyq90 Already have a Community Account? Jump straight to the Windows Firewall Rule Added via CMD/PowerShell - Potential Malware Defense Evasion Hunt Package: https://hubs.la/Q02PcTgW0 #APT38 #ThreatGroup #ThreatHunting #CyberSecurity #SecurityOperationsCenter #ThreatIntelligence #ThreatIntel

The rise of ransomware operators like RansomHub and their use of advanced tools like EDRKillShifter highlights the critical need for proactive defense strategies. Threat actors are no longer just evading detection; they’re disabling it entirely. In this blog, we explore how RansomHub and other ransomware groups leverage "EDR killers" to bypass defenses and the steps threat hunters can take to detect these behaviors before ransomware is deployed: https://hubs.la/Q02PcTgS0

🚨 EMERGING THREAT ALERT: INC RANSOMWARE 🚨 INC Ransomware, first observed in July/August 2023, has caused major disruptions, primarily in North America and Europe. In August 2024, it was tied to a significant attack on McLaren Health Care, impacting IT infrastructure and phone systems. The financially motivated INC Ransom group employs a double-extortion tactic—encrypting systems and exfiltrating data, with the threat of public release if demands aren't met. Their techniques mirror other ransomware strains, utilizing initial access, reconnaissance, lateral movement, and system encryption. In July 2024, Lynx ransomware was identified as a potential fork of INC Ransomware. This strain remains highly active today, posing an immediate and critical risk that organizations must be prepared to address. **Immediate action is necessary. We have released a Hunt Collection to help organizations identify and mitigate this threat. Access the collection here: https://hubs.la/Q02NTSW-0 Don't have an account yet? Join the HUNTER Community today and get free access to behavioral hunting content: https://hubs.la/Q02NTLPQ0 🔗 Full Report: https://hubs.la/Q02NTRQS0 Find the related Hunt Packages in the comments 👇 #emergingthreat #threathunting #cybersecurity #infosec #threatupdate #threatintel #INCRansomware #ransomware

🚨 Workshop Alert! Enhance your threat hunting skills with our upcoming interactive workshop focused on the Collection tactic (MITRE ATT&CK Tactic: TA0009). This session is divided into two parts, offering a deep dive into threat intelligence and its application in proactive behavioral threat hunting. In the first part, we’ll explore how to leverage threat intelligence to anticipate and counter data collection tactics. The second part transitions into a hands-on, guided threat hunt, where you'll apply your knowledge using advanced tools in real-time. Join us virtually on October 2, 2024, from 12-1 PM ET, and enjoy complimentary access to premier hunting tools. Plus, earn the "Threat Hunting – Collection (Level I)" certification to boost your professional credentials. This isn’t just another webinar, it’s your chance to engage with experts, witness live demonstrations, and operationalize threat intelligence into effective threat hunting. Register today! #collection #threathunting #threatintel #cybersecurity #threathuntingworkshop #threatintelligence #securityprofessionals #mitreattack

Explore the tactics of Volt Typhoon, a sophisticated Chinese state-sponsored threat actor known for targeting critical infrastructure across sectors like communications, energy, and transportation. This group is notorious for its long-term persistence and stealth, often remaining undetected for years by exploiting vulnerabilities in firewalls, routers, and VPNs. This case study dives deep into practical threat hunting methods designed to expose Volt Typhoon’s covert activities. Learn how to detect their use of living-off-the-land techniques that blend into normal network operations. By leveraging Intel 471’s HUNTER platform and its pre-written threat hunt packages, you can uncover and counteract this elusive threat. From spotting PowerShell anomalies to identifying unusual WMIC activity, this study provides actionable insights to strengthen your threat detection efforts. 🔗 https://hubs.la/Q02MP23N0 #cybersecurity #threathunting #APT #volttyphoon #cyberdefense #infosec #mitre #informationsecurity #securityprofessionals #threatintelligence