エピソード

  • S3 Ep33: Old Tricks, New Plays

    S3 Ep33: Old Tricks, New Plays
    2025/06/30
    *[LIVE] Out of the Woods: The Threat Hunting Podcast
    The Intersection of AI and Threat Hunting: What Problems Emerge, What Problems Get Solved
    July 10, 2025 | 12:00 - 1:30 PM ET
    Sign up: https://intel471.com/resources/podcasts/the-intersection-of-ai-and-threat-hunting-what-problems-emerge-what-problems-get-solved

    *Intel-Driven Threat Hunting Workshop: Analyzing Malware Behaviors
    July 31, 2025 | 11:00 AM - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/intelligence-driven-threat-hunting-workshop-analyzing-malware-behaviors

    ----------

    Top Headlines:
    • HarfangLab | SadFuture: Mapping XDSpy latest evolution
    • BleepingComputer | New FileFix attack weaponizes Windows File Explorer for stealthy commands
    • Huntresss | Inside the BlueNoroff Web3 macOS Intrusion Analysis
    • GBHackers Security | Notepad++ Vulnerability Allows Full System Takeover — PoC Released

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    44 分
  • S3 Ep32: Security Is a Mindset, Not a Product

    S3 Ep32: Security Is a Mindset, Not a Product
    2025/06/18
    *[LIVE] Out of the Woods: The Threat Hunting Podcast
    The Intersection of AI and Threat Hunting: What Problems Emerge, What Problems Get Solved
    July 10, 2025 | 12:00 - 1:30 PM ET
    Sign up: https://intel471.com/resources/podcasts/the-intersection-of-ai-and-threat-hunting-what-problems-emerge-what-problems-get-solved

    *Threat Hunting Management Workshop: Structuring Collaboration Across Teams
    On-Demand: https://intel471.com/resources/webinars/threat-hunting-management-workshop-structuring-collaboration-across-teams

    ----------

    Top Headlines:
    • Check Point Research | The Discord Invite Loop Hole Hijacked for Attacks
    • SecurityWeek | New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches
    • Aim Labs | Echoleak M365
    • SecurityWeek | Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    49 分
  • S3 Ep31: Hack the Gibson

    S3 Ep31: Hack the Gibson
    2025/05/28
    Threat Hunting Management Workshop: Structuring Collaboration Across Teams
    June 18, 2025 | 12:00 - 12:45 PM ET
    Sign up: https://intel471.com/resources/webinars/threat-hunting-management-workshop-structuring-collaboration-across-teams

    ----------

    Top Headlines:
    • Trend Micro | TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead
    • Seqrite | Operation Sindoor: Anatomy of a High-Stakes Cyber Siege | Seqrite
    • DTI | Inside a VenomRAT Malware Campaign - DomainTools Investigations
    • Seqrite | Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    42 分
  • S3 Ep30: Attack like a Tact-ti-cian

    S3 Ep30: Attack like a Tact-ti-cian
    2025/05/22
    Top Headlines:
    • Qualys | Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT
    • WIRED | How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
    • WeLiveSecurity | ESET APT Activity Report Q4 2024–Q1 2025
    • BleepingComputer | New 'Defendnot' tool tricks Windows into disabling Microsoft Defender
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    53 分
  • S3 Ep29: ClickFix, So Easy Even a Nation State Can Do It

    S3 Ep29: ClickFix, So Easy Even a Nation State Can Do It
    2025/05/16
    Top Headlines:
    • Proofpoint | TA406 Pivots to the Front
    • hunt.io | APT36-Linked ClickFix Campaign Spoofs Indian Ministry of Defence, Targets Windows & Linux Users
    • Google Cloud Blog | COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs
    • genians.co.kr | Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    39 分
  • S3 Ep28: [LIVE] Guess Who: The Adversary Edition

    S3 Ep28: [LIVE] Guess Who: The Adversary Edition
    2025/05/12
    Clue by Clue: Can You Name the Threat Actor?

    Out of the Woods: The Threat Hunting Podcast returns with a special edition live episode built to sharpen how threat hunters think about adversary behavior. Our hosts will walk through a real-world threat actor’s activity one phase at a time, revealing tradecraft clues as the investigation unfolds. Listeners will have the chance to analyze the behavior and submit their best guess before the final reveal.

    This live, interactive session is grounded in real tradecraft and practical threat hunting techniques. You’ll see how MITRE ATT&CK techniques map to observed activity, how vertical-specific targeting shapes decisions, and how behavioral patterns can point to attribution faster.

    What We’ll Cover:

    • Real adversary behavior – A phase-by-phase walkthrough of a known threat actor’s campaign
    • MITRE ATT&CK in context – How techniques are applied in real incidents
    • Recognizing tradecraft patterns – What links certain behaviors across threat actors
    • Sector-specific targeting – How industry focus shapes attacker decisions
    • Interactive analysis – Submit your guess before the threat actor is revealed live

    Engage with the Community!

    Join our Discord server during the episode to follow the clues, connect with other hunters, and share your thoughts in real time.

    Don't miss this chance to train your instincts and challenge your threat hunting perspective. Join the discussion here: https://discord.gg/DR4mcW4zBr

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 30 分
  • S3 Ep27: Eyes Got Data

    S3 Ep27: Eyes Got Data
    2025/05/05
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Threat Hunting Workshop: Hunting for Execution - Level 2
    May 14, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-workshop-15-hunting-for-execution-level-2

    ----------

    Top Headlines:

    • Netcraft | Darcula-Suite Adds AI: Phishing Kits Now More Accessible
    • CYFIRMA | Technical Malware Analysis Report: Python-based RAT Malware
    • Google Cloud Blog | Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis | Google Cloud Blog
    • The Cloudflare Blog | Targeted by 20.5 million DDoS attacks, up 358% year-over-year: Cloudflare’s 2025 Q1 DDoS Threat Report

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    44 分
  • S3 Ep26: Inception Point: Informed Defense

    S3 Ep26: Inception Point: Informed Defense
    2025/04/25
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Threat Hunting Workshop: Hunting for Execution - Level 2
    May 14, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-workshop-15-hunting-for-execution-level-2

    ----------

    Top Headlines:

    • Check Point Research | Renewed APT29 Phishing Campaign Against European Diplomats: https://research.checkpoint.com/2025/apt29-phishing-campaign/
    • JPCERT/CC EYES | DslogdRAT Malware Installed in Ivanti Connect Secure: https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html?&web_view=true
    • Tenable | ConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP Composer: https://www.tenable.com/blog/confusedcomposer-a-privilege-escalation-vulnerability-impacting-gcp-composer
    • Confense | Decoding Fake US ESTA Emails: Scam or Real Deal?: https://cofense.com/blog/decoding-fake-us-esta-emails-scam-or-real-deal?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    57 分