Holger Schulze’s Post

HUNTING MISBEHAVING POWERSHELLS: EXAMINING NETWORK PATTERNS https://lnkd.in/eX9zdJJQ This post was originally published here by  Matthew Hosburgh. Introduction By now the world has learned about the massive breach that Equifax reported in early September. The Cyber Kill Chain would classify the final stages of this attack as the actions on objective. Unfortunately, Equifax did not detect this activity in time to contain or prevent the data loss. No organization is above the law, especially in terms of a breach; however, failing to learn from this example only paves the way for the next catastrophic breach to occur. With the b-word fresh on everyone’s mind, the following two-part post will dive into hunting […]

HUNTING MISBEHAVING POWERSHELLS: EXAMINING NETWORK PATTERNS https://lnkd.in/ebD4R_jG This post was originally published here by  Matthew Hosburgh. Introduction By now the world has learned about the massive breach that Equifax reported in early September. The Cyber Kill Chain would classify the final stages of this attack as the actions on objective. Unfortunately, Equifax did not detect this activity in time to contain or prevent the data loss. No organization is above the law, especially in terms of a breach; however, failing to learn from this example only paves the way for the next catastrophic breach to occur. With the b-word fresh on everyone’s mind, the following two-part post will dive into hunting […]

HUNTING MISBEHAVING POWERSHELLS: EXAMINING NETWORK PATTERNS https://lnkd.in/ebD4R_jG This post was originally published here by  Matthew Hosburgh. Introduction By now the world has learned about the massive breach that Equifax reported in early September. The Cyber Kill Chain would classify the final stages of this attack as the actions on objective. Unfortunately, Equifax did not detect this activity in time to contain or prevent the data loss. No organization is above the law, especially in terms of a breach; however, failing to learn from this example only paves the way for the next catastrophic breach to occur. With the b-word fresh on everyone’s mind, the following two-part post will dive into hunting […]

Usually it's not the sexy finds (zero days and hostile state actors) that are most impactful - proactively hunting for misconfigurations in OT networks helps you identify possible security risks, as well as gaining operational benefits - or at least gives you peace of mind that you're humming! Check out the blog, or reach out to the Dragos, Inc. team behind the OT-native platform built for practitioners. #OTcybersecurity #industrialcybersecurity #OT

Significant reduction in threat detection time, a more exhaustive threat search, and the ability to incorporate new emerging threats agilely.   These are some advantages of the Continuous Threat Hunting model concerning Campaign-based Threat Hunting.   Alberto T., Cyber Threat Hunter at BlackArrow (Tarlogic), unpacks the differences between the two models.   #threathunting #cybersecurity #cyberthreats #cyberattacks #ttp #continuous #threathunting #threathuntingproactive https://lnkd.in/dhs4GgHR

In the latest installment of "The Hunt" blog series, explore how proactive threat hunting can uncover misconfigurations in OT environments. Gregory Pollmann and John Burns highlight how identifying and rectifying these misconfigurations enhances security and operational efficiency. Read more → https://hubs.ly/Q02zxjc90 #icscybersecurity #otcybersecurity #industrialcybersecurity #ThreatHunting #DragosPlatform #OTWatch

Check out the latest edition of The Hunt where Greg and I talk about finding misconfigurations with threat hunting.

Prepare to put Threat Hunting back into your security portfolio in a much more efficient way https://lnkd.in/gTqHwHpy #CopilotforSecurity #SecurityCopilot #Cybersecurity #MicrosoftSecurity #Security #GenerativeAI

In this room by TryHackMe, we'll discover how to apply threat hunting techniques to identify malicious actions carried out during the "Actions on Objectives" stage of the "Cyber Kill Chain." Room Link: https://lnkd.in/gVrmA-iu #thm #tryhackme #threathunting #socanalyst #writeup #blog #cybersecurity

EXECUTIVE SUMMARY: Over 90 percent of organizations consider threat hunting a challenge. More specifically, seventy-one percent say that both prioritizing alerts to investigate and gathering enough data to evaluate a signal’s maliciousness can be quite difficult. Threat hunting is necessary simply because no cyber security protections are always 100% effective. An active defense is needed, as opposed to dependence on ‘set it and forget it’ types of security tools. But, despite active threat hunting, many persistent threats often remain undiscovered — until it’s too late. Or at least, that used to be the case. Artificial intelligence is changing the game. Threat hunting is a task “…that c ...