エピソード

  • S3 Ep48: Familiar Moves, Novel Grooves

    S3 Ep48: Familiar Moves, Novel Grooves
    2025/11/05
    *[LIVE] Out of the Woods: The Threat Hunting Podcast – Guess Who Edition
    November 19, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://www.intel471.com/resources/podcasts/guess-who-the-adversary-edition-2

    ----------

    Top Headlines:
    • Secure Annex | SleepyDuck malware invades Cursor through Open VSX: https://secureannex.com/blog/sleepyduck-malware/
    • Arctic Wolf | UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities: https://arcticwolf.com/resources/blog/unc6384-weaponizes-zdi-can-25373-vulnerability-to-deploy-plugx/
    • Unit 42 | Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild: https://unit42.paloaltonetworks.com/microsoft-cve-2025-59287/
    • Unit 42 | Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack: https://unit42.paloaltonetworks.com/new-windows-based-malware-family-airstalk/

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    41 分
  • S3 Ep47: Common, but Deadly

    S3 Ep47: Common, but Deadly
    2025/10/22
    *Threat Hunting Management Workshop: The Business Value of Threat Hunting
    October 29, 2025 | 12:00 - 12:30 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting

    *[LIVE] Out of the Woods: The Threat Hunting Podcast – Guess Who Edition
    November 19, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://www.intel471.com/resources/podcasts/guess-who-the-adversary-edition-2

    ----------

    Top Headlines:
    • Koi | GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace: https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace
    • Cisco Talos Blog | BeaverTail and OtterCookie Evolve with a New Javascript Module: https://blog.talosintelligence.com/beavertail-and-ottercookie/
    • Synacktiv | LinkPro: eBPF Rootkit Analysis: https://www.synacktiv.com/en/publications/linkpro-ebpf-rootkit-analysis
    • BleepingComputer | American Airlines Subsidiary Envoy Confirms Oracle Data Theft Attack: https://www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 2 分
  • S3 Ep46: Here We Go Again...

    S3 Ep46: Here We Go Again...
    2025/10/14
    *Threat Hunting Management Workshop: The Business Value of Threat Hunting
    October 29, 2025 | 12:00 - 12:30 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting

    ----------

    Top Headlines:
    • Cisco Talos | Velociraptor Leveraged in Ransomware Attacks: https://blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
    • GBHackers Security | Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware: https://gbhackers.com/info-stealer-malware/?web_view=true
    • FortiGuard Labs | New Stealit Campaign Abuses Node.js Single Executable Application: https://www.fortinet.com/blog/threat-research/stealit-campaign-abuses-nodejs-single-executable-application
    • eSecurity Planet | AI Chatbots Used as Backdoors in New Cyberattacks: https://www.esecurityplanet.com/news/ai-exploited-prompt-injection/?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    41 分
  • S3 Ep45: Think, McFly, Think

    S3 Ep45: Think, McFly, Think
    2025/10/03
    *Threat Hunting Management Workshop: The Business Value of Threat Hunting
    October 29, 2025 | 12:00 - 12:30 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting

    ----------

    Top Headlines:
    • LastPass | Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware: https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages
    • Cisco Talos BlogCisco Talos Blog | How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/?&web_view=true
    • Trend MicroTrend Micro | AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks: https://www.trendmicro.com/en_us/research/25/i/ai-powered-app-exposes-user-data.html?&web_view=true
    • SentinelOne | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware: https://www.sentinelone.com/labs/prompts-as-code-embedded-keys-the-hunt-for-llm-enabled-malware/

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    42 分
  • S3 Ep44: If You Build It... Backdoors Will Open

    S3 Ep44: If You Build It... Backdoors Will Open
    2025/09/25
    Top Headlines:
    • LastPass Labs | Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware: https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages
    • Cisco Talos Blog | How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/?&web_view=true
    • SentinelOne | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware: https://www.sentinelone.com/labs/prompts-as-code-embedded-keys-the-hunt-for-llm-enabled-malware/
    • Trend MicroTrend Micro | AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks: https://www.trendmicro.com/en_us/research/25/i/ai-powered-app-exposes-user-data.html?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    58 分
  • S3 Ep43: Invasion of the Modular Malware

    S3 Ep43: Invasion of the Modular Malware
    2025/09/18
    *Threat Hunting Workshop: Hunting for Persistence - Level 2
    September 24, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-workshop-16-hunting-for-persistence-level-2

    ----------

    Top Headlines:
    • Jamf Threat Labs | Learn about ChillyHell, a modular Mac backdoor: https://www.jamf.com/blog/chillyhell-a-modular-macos-backdoor/
    • SecureList | Malicious MCP servers used in supply chain attacks: https://securelist.com/model-context-protocol-for-ai-integration-abused-in-supply-chain-attacks/117473/?web_view=true
    • Bitdefender Blog | EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company: https://www.bitdefender.com/en-us/blog/businessinsights/eggstreme-fileless-malware-cyberattack-apac
    • welivesecurity | Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass: https://www.welivesecurity.com/en/eset-research/introducing-hybridpetya-petya-notpetya-copycat-uefi-secure-boot-bypass/

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    57 分
  • S3 Ep42: [LIVE] AI for Security Teams: Scaling Impact Without Losing Control

    S3 Ep42: [LIVE] AI for Security Teams: Scaling Impact Without Losing Control
    2025/09/15
    In this episode of Out of the Woods, we explored how AI is reshaping security operations beyond threat hunting. We highlighted real progress in insider threat detection, faster triage, and incident response while underscoring the ongoing need for human judgment. We also addressed integration challenges, tool sprawl, skill gaps, and risks such as hallucinations, bias, and deepfakes, before closing with what to expect as regulations tighten and attackers continue to weaponize AI.

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 31 分
  • S3 Ep41: The Silence of the Carves

    S3 Ep41: The Silence of the Carves
    2025/09/03
    *[LIVE] Out of the Woods: The Threat Hunting Podcast - AI for Security Teams: Scaling Impact Without Losing Control
    September 11, 2025 | 12:00 - 1:30 PM ET​​​​‌
    Sign Up: https://www.intel471.com/resources/podcasts/ai-for-security-teams-scaling-impact-without-losing-control ‌ ​‍‌‍‍‌‌‍‌ ‌‍‍‌‌‍ ‍​‍​‍​ ‍‍​‍​‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌‍‍‌‌‍ ​‍​‍​‍ ​​‍​‍‌‍‍​‌ ​‍‌‍‌‌‌‍‌‍​‍​‍​ ‍‍​‍​‍‌‍‍​‌ ‌​‌ ‌​‌ ​​‌ ​ ​ ‍‍​‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ​​ ‌​​ ‌ ​ ​‌​‍ ‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌ ​ ‌ ‌​‌ ‌‌‌‍‌​‌‍‍‌‌‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ‍‌ ‌​​‍ ‌‍‌‌‌‍‌​‌‍‍‌‌ ‌​​‍ ‌‍ ‌‌‍ ‌‍‌​‌‍‌‌​ ‌‌ ​​‌ ​‍‌‍‌‌‌ ​ ‌‍‌‌‌‍ ‍‌ ‌​‌‍​‌‌ ‌​‌‍‍‌‌‍ ‌‍ ‍​ ‍ ‌‍‍‌‌‍‌​​ ‌‌‍‌‍‌‍​‌‌‍‌​​ ​‍​ ‌‍‌‍‌​​ ​ ​ ‍​​‍ ‌​ ‌ ​ ‌‍​ ​‌​ ‌​​‍ ‌​ ‌​‌‍‌‍‌‍‌‌​ ‌‌​‍ ‌‌‍​‌‌‍​‍​ ‌‌‌‍​‍​‍ ‌​​‍​‍‌‌​ ‌‌‌
    *Threat Hunting Workshop: Hunting for Persistence - Level 2
    September 24, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-workshop-16-hunting-for-persistence-level-2

    ----------

    Top Headlines:
    • Microsoft Security Blog | Storm-0501’s evolving techniques lead to cloud-based ransomware: https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/
    • Seqrite | Blogs on Information Technology, Network & Cybersecurity: https://www.seqrite.com/blog/operation-hankook-phantom-north-korean-apt37-targeting-south-korea/
    • Group-IB | ShadowSilk: A Cross-Border Binary Union for Data Exfiltration: https://www.group-ib.com/blog/shadowsilk/
    • Check Point Research | ZipLine Phishing Campaign Targets U.S. Manufacturing: https://research.checkpoint.com/2025/zipline-phishing-campaign/

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    43 分