Tag: Threat Hunting

BianLian Ransomware
BianLian Ransomware Detection: To Pay or Not to Pay?

Adversaries behind a cross-platform BianLian ransomware target businesses in Australia, North America, and the UK, attacking multiple industries, including media and entertainment, healthcare, education, and manufacturing. The ransomware strain first surfaced in December 2021 and, according to recent reports, is currently undergoing active development. BianLian Ransomware Gang has already compromised at least 20 companies; however, […]

Read More
malware analysis picture
What is Malware Analysis?

Lots of children break things not because they are little evil creatures but because they are curious about “how it’s made.” Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.  Malware analysis is the process of studying a malware sample to understand what […]

Read More
threat hunting engineers looking at the screens
What is Cyber Threat Hunting? The Ultimate Guide

Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]

Read More
cybersecurity visualization
Threat Hunting Hypothesis Examples: Prepare For a Good Hunt!

A good threat hunting hypothesis is key to identifying weak spots in an organization’s digital infrastructure. Just learn to ask the right questions, and you will get the answers that you’re looking for. In this blog post, we review a proactive threat hunting methodology: Hypothesis-Driven Threat Hunting. Let’s dive right in! Detect & Hunt Explore […]

Read More
Threat Hunting Maturity Model
Threat Hunting Maturity Model Explained With Examples

In our series of guides on Threat Hunting Basics, we’ve already covered multiple topics, from techniques and tools threat hunting teams use to the certifications for professionals and beginners. But what makes good Cyber Hunting, and how can you evaluate it? One of the ways to measure the effectiveness of the hunting procedures is by […]

Read More
cyber network visualization
Threat Hunting Training, Certification, and Online Learning

How to become a Threat Hunter? This question is extremely popular in the cybersecurity community. The next important question is how to advance your Threat Hunting career. In both cases, obtaining professional certifications is the best answer. Whether you’re a beginner or an accomplished specialist, continuous learning is what helps you become the best version […]

Read More
Adversarial Abuse of Proxyware
Adversaries Hack Microsoft SQL Servers to Install Proxyware and Steal Bandwidth

Security analysts report an increasing number of cases of adversarial abuse of software called ‘proxyware’. Users can install proxyware (operated via the client application) and become bandwidth donors by sharing their internet connection via services like Peer2Profit and IPRoyal. The hosts, incentivized with monetary rewards, enable other users to access the web from their location […]

Read More
finger pointing at a tablet device with signs of security around
Threat Hunting Tools: Our Recommendations

A good threat hunt is unthinkable without useful pieces of software that help to navigate enormous pools of data. How can you tell the difference between good, bad, and benign? Analyzing all the intelligence, logs, history, and research data with one pair of eyes (even multiplied by many human Threat Hunters) would have taken years. […]

Read More
Threat Hunting Basics
Threat Hunting Techniques, Tactics, and Methodologies: Your Step-by-Step Introduction

We could start this article with a bold statement saying that Threat Hunting is easier than you think, and by reading our blog post, you will instantly become a pro. Unfortunately or luckily, that’s not the case. However, we understand that starting out as a Cyber Threat Hunter is tough. That’s why we are introducing […]

Read More
SOC Prime's and EchoTrail.io integration
SOC Prime Launches Integration With EchoTrail.io to Accelerate Threat Investigation

Instantly Explore the Executable Binary References Linked to Sigma Rules for More Insightful Contextual Information SOC Prime has recently released integration for its cyber threats search engine with EchoTrail.io database. Now, SOC Prime users can streamline threat investigation with the comprehensive information about executable binaries (filenames or hashes) launched on Windows, accessible right from our […]

Read More