エピソード

  • S3 Ep42: [LIVE] AI for Security Teams: Scaling Impact Without Losing Control

    S3 Ep42: [LIVE] AI for Security Teams: Scaling Impact Without Losing Control
    2025/09/15
    In this episode of Out of the Woods, we explored how AI is reshaping security operations beyond threat hunting. We highlighted real progress in insider threat detection, faster triage, and incident response while underscoring the ongoing need for human judgment. We also addressed integration challenges, tool sprawl, skill gaps, and risks such as hallucinations, bias, and deepfakes, before closing with what to expect as regulations tighten and attackers continue to weaponize AI.

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 31 分
  • S3 Ep41: The Silence of the Carves

    S3 Ep41: The Silence of the Carves
    2025/09/03
    *[LIVE] Out of the Woods: The Threat Hunting Podcast - AI for Security Teams: Scaling Impact Without Losing Control
    September 11, 2025 | 12:00 - 1:30 PM ET​​​​‌
    Sign Up: https://www.intel471.com/resources/podcasts/ai-for-security-teams-scaling-impact-without-losing-control ‌ ​‍‌‍‍‌‌‍‌ ‌‍‍‌‌‍ ‍​‍​‍​ ‍‍​‍​‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌‍‍‌‌‍ ​‍​‍​‍ ​​‍​‍‌‍‍​‌ ​‍‌‍‌‌‌‍‌‍​‍​‍​ ‍‍​‍​‍‌‍‍​‌ ‌​‌ ‌​‌ ​​‌ ​ ​ ‍‍​‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ​​ ‌​​ ‌ ​ ​‌​‍ ‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌ ​ ‌ ‌​‌ ‌‌‌‍‌​‌‍‍‌‌‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ‍‌ ‌​​‍ ‌‍‌‌‌‍‌​‌‍‍‌‌ ‌​​‍ ‌‍ ‌‌‍ ‌‍‌​‌‍‌‌​ ‌‌ ​​‌ ​‍‌‍‌‌‌ ​ ‌‍‌‌‌‍ ‍‌ ‌​‌‍​‌‌ ‌​‌‍‍‌‌‍ ‌‍ ‍​ ‍ ‌‍‍‌‌‍‌​​ ‌‌‍‌‍‌‍​‌‌‍‌​​ ​‍​ ‌‍‌‍‌​​ ​ ​ ‍​​‍ ‌​ ‌ ​ ‌‍​ ​‌​ ‌​​‍ ‌​ ‌​‌‍‌‍‌‍‌‌​ ‌‌​‍ ‌‌‍​‌‌‍​‍​ ‌‌‌‍​‍​‍ ‌​​‍​‍‌‌​ ‌‌‌
    *Threat Hunting Workshop: Hunting for Persistence - Level 2
    September 24, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-workshop-16-hunting-for-persistence-level-2

    ----------

    Top Headlines:
    • Microsoft Security Blog | Storm-0501’s evolving techniques lead to cloud-based ransomware: https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/
    • Seqrite | Blogs on Information Technology, Network & Cybersecurity: https://www.seqrite.com/blog/operation-hankook-phantom-north-korean-apt37-targeting-south-korea/
    • Group-IB | ShadowSilk: A Cross-Border Binary Union for Data Exfiltration: https://www.group-ib.com/blog/shadowsilk/
    • Check Point Research | ZipLine Phishing Campaign Targets U.S. Manufacturing: https://research.checkpoint.com/2025/zipline-phishing-campaign/

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    43 分
  • S3 Ep40: Named Pipes and Usual Suspects

    S3 Ep40: Named Pipes and Usual Suspects
    2025/08/20
    *[LIVE] Out of the Woods: The Threat Hunting Podcast - AI for Security Teams: Scaling Impact Without Losing Control
    September 11, 2025 | 12:00 - 1:30 PM ET​​​​‌
    Sign Up: https://www.intel471.com/resources/podcasts/ai-for-security-teams-scaling-impact-without-losing-control ‌ ​‍‌‍‍‌‌‍‌ ‌‍‍‌‌‍ ‍​‍​‍​ ‍‍​‍​‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌‍‍‌‌‍ ​‍​‍​‍ ​​‍​‍‌‍‍​‌ ​‍‌‍‌‌‌‍‌‍​‍​‍​ ‍‍​‍​‍‌‍‍​‌ ‌​‌ ‌​‌ ​​‌ ​ ​ ‍‍​‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ​​ ‌​​ ‌ ​ ​‌​‍ ‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌ ​ ‌ ‌​‌ ‌‌‌‍‌​‌‍‍‌‌‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ‍‌ ‌​​‍ ‌‍‌‌‌‍‌​‌‍‍‌‌ ‌​​‍ ‌‍ ‌‌‍ ‌‍‌​‌‍‌‌​ ‌‌ ​​‌ ​‍‌‍‌‌‌ ​ ‌‍‌‌‌‍ ‍‌ ‌​‌‍​‌‌ ‌​‌‍‍‌‌‍ ‌‍ ‍​ ‍ ‌‍‍‌‌‍‌​​ ‌‌‍‌‍‌‍​‌‌‍‌​​ ​‍​ ‌‍‌‍‌​​ ​ ​ ‍​​‍ ‌​ ‌ ​ ‌‍​ ​‌​ ‌​​‍ ‌​ ‌​‌‍‌‍‌‍‌‌​ ‌‌​‍ ‌‌‍​‌‌‍​‍​ ‌‌‌‍​‍​‍ ‌​​‍​‍‌‌​ ‌‌‌ ----------

    Top Headlines:
    • Morphisec | Noodlophile Stealer Evolves: Targeted Copyright Phishing Hits Enterprises with Social Media Footprints: https://www.morphisec.com/blog/noodlophile-stealer-evolves-targeted-copyright-phishing-hits-enterprises-with-social-media-footprints/
    • Securelist by Kaspersky | PipeMagic in 2025: How the backdoor operators’ tactics have changed: https://securelist.com/pipemagic/117270/?web_view=true
    • Cisco Talos Blog | UAT-7237 targets Taiwanese web hosting infrastructure: https://blog.talosintelligence.com/uat-7237-targets-web-hosting-infra/
    • Resucurity | 'Blue Locker' Analysis: Ransomware Targeting Oil & Gas Sector in Pakistan: https://www.resecurity.com/blog/article/blue-locker-analysis-ransomware-targeting-oil-gas-sector-in-pakistan

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    38 分
  • S3 Ep39: Think Behavior, Attribute Later

    S3 Ep39: Think Behavior, Attribute Later
    2025/08/14
    *[LIVE] Out of the Woods: The Threat Hunting Podcast - AI for Security Teams: Scaling Impact Without Losing Control
    September 11, 2025 | 12:00 - 1:30 PM ET​​​​‌
    Sign Up: https://www.intel471.com/resources/podcasts/ai-for-security-teams-scaling-impact-without-losing-control ‌ ​‍‌‍‍‌‌‍‌ ‌‍‍‌‌‍ ‍​‍​‍​ ‍‍​‍​‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌‍‍‌‌‍ ​‍​‍​‍ ​​‍​‍‌‍‍​‌ ​‍‌‍‌‌‌‍‌‍​‍​‍​ ‍‍​‍​‍‌‍‍​‌ ‌​‌ ‌​‌ ​​‌ ​ ​ ‍‍​‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ​​ ‌​​ ‌ ​ ​‌​‍ ‍‌ ​ ‌‍​‌‌‍ ‍‌‍‍‌‌ ‌​‌ ‍‌​‍ ‍‌ ​ ‌ ‌​‌ ‌‌‌‍‌​‌‍‍‌‌‍ ​‍ ‌‍‍‌‌‍ ‍‌ ‌​‌‍‌‌‌‍ ‍‌ ‌​​‍ ‌‍‌‌‌‍‌​‌‍‍‌‌ ‌​​‍ ‌‍ ‌‌‍ ‌‍‌​‌‍‌‌​ ‌‌ ​​‌ ​‍‌‍‌‌‌ ​ ‌‍‌‌‌‍ ‍‌ ‌​‌‍​‌‌ ‌​‌‍‍‌‌‍ ‌‍ ‍​ ‍ ‌‍‍‌‌‍‌​​ ‌‌‍‌‍‌‍​‌‌‍‌​​ ​‍​ ‌‍‌‍‌​​ ​ ​ ‍​​‍ ‌​ ‌ ​ ‌‍​ ​‌​ ‌​​‍ ‌​ ‌​‌‍‌‍‌‍‌‌​ ‌‌​‍ ‌‌‍​‌‌‍​‍​ ‌‌‌‍​‍​‍ ‌​​‍​‍‌‌​ ‌‌‌ ----------

    Top Headlines:
    • Silent Push | Unmasking SocGholish: Silent Push Untangles the Malware Web Behind the “Pioneer of Fake Updates” and Its Operator, TA569: https://www.silentpush.com/blog/socgholish/
    • welivesecurity.com | Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability: https://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability/
    • ReliaQuest | ShinyHunters Targets Salesforce Amid Clues of Scattered Spider Collaboration: https://reliaquest.com/blog/threat-spotlight-shinyhunters-data-breach-targets-salesforce-amid-scattered-spider-collaboration/
    • Talos Intelligence | Malvertising campaign leads to PS1Bot, a multi-stage malware framework: https://blog.talosintelligence.com/ps1bot-malvertising-campaign/?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    36 分
  • S3 Ep38: Testimonial from the Trenches

    S3 Ep38: Testimonial from the Trenches
    2025/07/31
    Scott Poley and Tom Kostura are joined by Ben McGavin, Threat Hunting Team Lead at RSM Defense, and Justin Dolgos, Senior Threat Hunter at RSM Defense, for a conversation on what it takes to build and run a threat hunting program inside an MSSP.

    They walk through how their team prioritizes hunts, manages detection logic across multi-tenant environments, and scales their approach through SoC collaboration and hypothesis-driven routines. Ben shares how the program was built from scratch, and Justin breaks down the lessons learned moving from alert triage into full-time threat hunting. They also cover tooling gaps, visibility challenges, and how custom detections have become a key success metric for their team.

    This episode offers practical insight from two hunters operating at the heart of a fast-moving MSSP environment.

    Watch this podcast on YouTube here: https://youtu.be/YQtmMomoUbU

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    47 分
  • S3 Ep37: Be Effective, Not Just Subjective

    S3 Ep37: Be Effective, Not Just Subjective
    2025/07/23
    *Intel-Driven Threat Hunting Workshop: Analyzing Malware Behaviors
    July 31, 2025 | 11:00 AM - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/intelligence-driven-threat-hunting-workshop-analyzing-malware-behaviors

    *Meet with Intel 471 at Black Hat 2025 at Booth #5742
    More info & events: https://intel471.com/lp/black-hat-usa-2025

    ----------

    Top Headlines:
    • Microsoft Security Blog | Disrupting active exploitation of on-premises SharePoint vulnerabilities
    • HackMag | Malware LameHug Utilizes LLM to Generate Commands on Infected Machines
    • Catalyst | LARVA-208’s New Campaign Targets Web3 Developers
    • TechCrunch | A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    54 分
  • S3 Ep36: Paste and Persist

    S3 Ep36: Paste and Persist
    2025/07/16
    *Intel-Driven Threat Hunting Workshop: Analyzing Malware Behaviors
    July 31, 2025 | 11:00 AM - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/intelligence-driven-threat-hunting-workshop-analyzing-malware-behaviors

    *Meet with Intel 471 at Black Hat 2025 at Booth #5742
    More info & events: https://intel471.com/lp/black-hat-usa-2025

    ----------

    Top Headlines:
    • The DFIR Report | KongTuke FileFix Leads to New Interlock RAT Variant
    • BleepingComputer | Google Gemini flaw hijacks email summaries for phishing
    • CISA | CISA Adds One Known Exploited Vulnerability to Catalog
    • Unit 42 | Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    40 分
  • S3 Ep35: [LIVE] The Intersection of AI and Threat Hunting: What Problems Emerge, What Problems Get Solved

    S3 Ep35: [LIVE] The Intersection of AI and Threat Hunting: What Problems Emerge, What Problems Get Solved
    2025/07/15
    In this episode of Out of the Woods: The Threat Hunting Podcast, we explored how AI is being used in threat hunting, from generating hypotheses to enriching data and shaping detection logic. We talked through some of the challenges teams are facing, including false positives and tool limitations, and discussed where human expertise is still essential. The conversation included practical examples and audience input on how AI is being tested and adopted in real-world environments.

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 31 分