May 10, 2024The Hacker NewsArtificial Intelligence / Threat Hunting Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, "The Future of Threat Hunting is Powered by Generative AI," where you'll explore how AI tools are shaping the future of … [Read more...] about AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)
Hunting
Why Managed Threat Hunting Should Top Every CISO’s Holiday Wish List
With the end of the year fast approaching, many of us are looking forward to a well-deserved break. However, security practitioners and security leaders worldwide are bracing themselves for what has become a peak period for novel and disruptive threats. In 2020, the holiday season was marked by the SUNBURST incident, and in 2021 the world grappled with Log4Shell. While we … [Read more...] about Why Managed Threat Hunting Should Top Every CISO’s Holiday Wish List
A Sneak Peek at the 2022 Falcon OverWatch Threat Hunting Report
Another turbulent year for cybersecurity finds itself right at home alongside global economic headwinds and geopolitical tensions. This year has been defined by rampant affiliate activity, a seemingly endless stream of new vulnerabilities and exploits, and the widespread abuse of valid credentials. These circumstances have conspired to drive a 50% increase in interactive … [Read more...] about A Sneak Peek at the 2022 Falcon OverWatch Threat Hunting Report
Introducing Sandbox Scryer: A Free Threat Hunting Tool
Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in assembling indicators of compromise (IOCs), understanding attack movement and hunting threats By allowing researchers to send thousands of samples to a … [Read more...] about Introducing Sandbox Scryer: A Free Threat Hunting Tool
Falcon OverWatch Elite in Action: Tailored Threat Hunting Services
The threat presented by today’s adversaries is as pervasive as it is dangerous — eCrime and state-nexus actors alike are attempting to infiltrate companies and organizations of all sizes and across all verticals. While technology is a powerful tool for performing routine or repeatable analysis, the only way to effectively hunt and contain sophisticated and determined cyber … [Read more...] about Falcon OverWatch Elite in Action: Tailored Threat Hunting Services
A comprehensive guide on threat hunting for persistence with osquery
While this might seem complex, the Elastic Osquery Manager integration supports an easy deployment across multiple endpoints and simplifies the collection of data and aggregation of data.It’s never been easier to implement osquery at scaleThe Osquery Manager integration simplifies the deployment shown in Figure 1 by adding it to the policy assigned to the agents running on your … [Read more...] about A comprehensive guide on threat hunting for persistence with osquery
Hunting pwnkit (CVE-2021-4034) in Linux
In November 2021, a vulnerability was discovered in a ubiquitous Linux module named Polkit. Developed by Red Hat, Polkit facilitates the communication between privileged and unprivileged processes on Linux endpoints. Due to a flaw in a component of Polkit — pkexec — a local privilege escalation vulnerability exists that, when exploited, will allow a standard user to elevate to … [Read more...] about Hunting pwnkit (CVE-2021-4034) in Linux
A Peek Inside the 2021 Threat Hunting Report
This time last year, the CrowdStrike Falcon OverWatch™ reported on mounting cyber threats facing organizations as they raced to adopt work-from-home practices and adapt to constraints imposed by the rapidly escalating COVID-19 crisis. Unfortunately, the 12 months that followed have offered little in the way of reprieve for defenders. The past year has been marked by some of the … [Read more...] about A Peek Inside the 2021 Threat Hunting Report
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
The eCrime ecosystem is an active and diverse economy of financially motivated threat actors engaging in a myriad of criminal activities to generate revenue. With the CrowdStrike eCrime Index (ECX), CrowdStrike’s Intelligence team maintains a composite score to track changes to this ecosystem. The ECX is composed of several key observables covering different aspects of … [Read more...] about Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
Black Kingdom Ransomware Hunting Unpatched Microsoft Exchange Servers
More than a week after Microsoft released a one-click mitigation tool to mitigate cyberattacks targeting on-premises Exchange servers, the company disclosed that patches have been applied to 92% of all internet-facing servers affected by the ProxyLogon vulnerabilities. The development, a 43% improvement from the previous week, caps off a whirlwind of espionage and malware … [Read more...] about Black Kingdom Ransomware Hunting Unpatched Microsoft Exchange Servers