エピソード

  • S3 Ep31: Hack the Gibson

    S3 Ep31: Hack the Gibson
    2025/05/28
    Threat Hunting Management Workshop: Structuring Collaboration Across Teams
    June 18, 2025 | 12:00 - 12:45 PM ET
    Sign up: https://intel471.com/resources/webinars/threat-hunting-management-workshop-structuring-collaboration-across-teams

    ----------

    Top Headlines:
    • Trend Micro | TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead
    • Seqrite | Operation Sindoor: Anatomy of a High-Stakes Cyber Siege | Seqrite
    • DTI | Inside a VenomRAT Malware Campaign - DomainTools Investigations
    • Seqrite | Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    42 分
  • S3 Ep30: Attack like a Tact-ti-cian

    S3 Ep30: Attack like a Tact-ti-cian
    2025/05/22
    Top Headlines:
    • Qualys | Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT
    • WIRED | How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
    • WeLiveSecurity | ESET APT Activity Report Q4 2024–Q1 2025
    • BleepingComputer | New 'Defendnot' tool tricks Windows into disabling Microsoft Defender
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    53 分
  • S3 Ep29: ClickFix, So Easy Even a Nation State Can Do It

    S3 Ep29: ClickFix, So Easy Even a Nation State Can Do It
    2025/05/16
    Top Headlines:
    • Proofpoint | TA406 Pivots to the Front
    • hunt.io | APT36-Linked ClickFix Campaign Spoofs Indian Ministry of Defence, Targets Windows & Linux Users
    • Google Cloud Blog | COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs
    • genians.co.kr | Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    39 分
  • S3 Ep28: [LIVE] Guess Who: The Adversary Edition

    S3 Ep28: [LIVE] Guess Who: The Adversary Edition
    2025/05/12
    Clue by Clue: Can You Name the Threat Actor?

    Out of the Woods: The Threat Hunting Podcast returns with a special edition live episode built to sharpen how threat hunters think about adversary behavior. Our hosts will walk through a real-world threat actor’s activity one phase at a time, revealing tradecraft clues as the investigation unfolds. Listeners will have the chance to analyze the behavior and submit their best guess before the final reveal.

    This live, interactive session is grounded in real tradecraft and practical threat hunting techniques. You’ll see how MITRE ATT&CK techniques map to observed activity, how vertical-specific targeting shapes decisions, and how behavioral patterns can point to attribution faster.

    What We’ll Cover:

    • Real adversary behavior – A phase-by-phase walkthrough of a known threat actor’s campaign
    • MITRE ATT&CK in context – How techniques are applied in real incidents
    • Recognizing tradecraft patterns – What links certain behaviors across threat actors
    • Sector-specific targeting – How industry focus shapes attacker decisions
    • Interactive analysis – Submit your guess before the threat actor is revealed live

    Engage with the Community!

    Join our Discord server during the episode to follow the clues, connect with other hunters, and share your thoughts in real time.

    Don't miss this chance to train your instincts and challenge your threat hunting perspective. Join the discussion here: https://discord.gg/DR4mcW4zBr

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 30 分
  • S3 Ep27: Eyes Got Data

    S3 Ep27: Eyes Got Data
    2025/05/05
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Threat Hunting Workshop: Hunting for Execution - Level 2
    May 14, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-workshop-15-hunting-for-execution-level-2

    ----------

    Top Headlines:

    • Netcraft | Darcula-Suite Adds AI: Phishing Kits Now More Accessible
    • CYFIRMA | Technical Malware Analysis Report: Python-based RAT Malware
    • Google Cloud Blog | Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis | Google Cloud Blog
    • The Cloudflare Blog | Targeted by 20.5 million DDoS attacks, up 358% year-over-year: Cloudflare’s 2025 Q1 DDoS Threat Report

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    44 分
  • S3 Ep26: Inception Point: Informed Defense

    S3 Ep26: Inception Point: Informed Defense
    2025/04/25
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Threat Hunting Workshop: Hunting for Execution - Level 2
    May 14, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-workshop-15-hunting-for-execution-level-2

    ----------

    Top Headlines:

    • Check Point Research | Renewed APT29 Phishing Campaign Against European Diplomats: https://research.checkpoint.com/2025/apt29-phishing-campaign/
    • JPCERT/CC EYES | DslogdRAT Malware Installed in Ivanti Connect Secure: https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html?&web_view=true
    • Tenable | ConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP Composer: https://www.tenable.com/blog/confusedcomposer-a-privilege-escalation-vulnerability-impacting-gcp-composer
    • Confense | Decoding Fake US ESTA Emails: Scam or Real Deal?: https://cofense.com/blog/decoding-fake-us-esta-emails-scam-or-real-deal?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    57 分
  • S3 Ep25: 00UserAgent: Complexity Never Sleeps

    S3 Ep25: 00UserAgent: Complexity Never Sleeps
    2025/04/21
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Top Headlines:

    • Symantec | Shuckworm Targets Foreign Military Mission Based in Ukraine: https://www.security.com/threat-intelligence/shuckworm-ukraine-gammasteel
    • BI.ZONE | Sapphire Werewolf Refines Amethyst Stealer to Attack Energy Companies: https://bi.zone/eng/expertise/blog/kamen-ogranennyy-sapphire-werewolf-ispolzuet-novuyu-versiyu-amethyst-stealer-dlya-atak-na-tek/
    • SentinelOne | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale: https://www.sentinelone.com/labs/akirabot-ai-powered-bot-bypasses-captchas-spams-websites-at-scale/
    • SecureList | GOFFEE Continues to Attack Organizations in Russia: https://securelist.com/goffee-apt-new-attacks/116139/?web_view=true
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    52 分
  • S3 Ep24: ShortCut to the Fast and the Obfuscated

    S3 Ep24: ShortCut to the Fast and the Obfuscated
    2025/04/03
    Top Headlines:

    • Elastic | Outlaw Linux Malware: Persistent, Unsophisticated, and Surprisingly Effective: https://www.elastic.co/security-labs/outlaw-linux-malware
    • G Data | Smoked out - Emmenhtal spreads SmokeLoader malware: https://www.gdatasoftware.com/blog/2025/03/38160-emmenhtal-smokeloader-malware
    • CISA | #StopRansomware: Medusa Ransomware: https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-071a
    • Esentire | The Long and Short(cut) of It: KoiLoader Analysis: https://www.esentire.com/blog/the-long-and-shortcut-of-it-koiloader-analysis

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    34 分