I just published Hunting APT29 Part 3: I Traced the Process Tree Back to the Beginning systemweakness.com/hunting-apt2...
#Cybersecurity #Substack #APT #ThreatHunting #DetectionEngineering #Splunk #Analysis
1
0
0
0
#detectionengineering
Latest posts tagged with #detectionengineering on Bluesky
Posts tagged #detectionengineering
New article soon 👀🐱🐭 Cat and mouse, but make it cyber. Security chases what it can see. The attacker slips underneath it all with the laptop.
#Cybersecurity #DFIR #BlueTeam #RedTeam #VMware #vSphere #ThreatHunting #DetectionEngineering #InfoSec #IncidentResponse
0
0
0
0
BSides Luxembourg talk announcement!
🐧🚨 𝗡𝗢𝗧 𝗦𝗢 𝗛𝗔𝗥𝗠𝗟𝗘𝗦𝗦: 𝗧𝗛𝗘 𝗛𝗜𝗗𝗗𝗘𝗡 𝗪𝗢𝗥𝗟𝗗 𝗢𝗙 𝗟𝗜𝗡𝗨𝗫 𝗣𝗔𝗖𝗞𝗘𝗥𝗦 𝗔𝗡𝗗 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗢𝗡 𝗖𝗛𝗔𝗟𝗟𝗘𝗡𝗚𝗘𝗦 - 𝗠𝗔𝗦𝗦𝗜𝗠𝗢 𝗕𝗘𝗥𝗧𝗢𝗖𝗖𝗛𝗜 🛡️🔍
Linux packers and loaders are a sneaky blind spot in cybersecurity. They hide code with encryption and obfuscation […]
[Original post on infosec.exchange]
0
1
0
0
~Elastic~
Elastic shares how Higher-Order Rules correlate alerts across endpoint, network, and observability data to reduce noise and prioritize triage.
-
IOCs: (None identified)
-
#DetectionEngineering #SIEM #ThreatIntel
0
0
0
0
PART 2 is LIVE: open.substack.com/pub/manishra...
#Substack #Bluesky #Sysmon #Splunk #Cybersecurity #ThreatHunting #DetectionEngineering #APT29
1
0
0
0
~Elastic~
Elastic introduces Defend for Containers (D4C) in v9.3.0, offering runtime visibility and pre-built detection rules for Kubernetes workloads.
-
IOCs: (None identified)
-
#CloudSecurity #DetectionEngineering #ThreatIntel
0
0
0
0
Recently something interesting happened.
My research on DLL hijacking detection was referenced in work from the National Cyber Security Centre (Cyber Defence Analysis).
www.linkedin.com/posts/manish...
#sysmon #cybersecurity #threathunting #detectionengineering #medium #substack #infosec #events
1
1
0
0
@vickyjo @verovaleros Hi @verovaleros, are you a #detectionengineering specialist operating at the cutting edge of whats possible here today?
Or doing something with Agentic SOC?
If yes, then we're trying to build panels on these topics at BSidesLuxembourg.
#BSidesLuxembourg2026 […]
0
0
1
0
~Elastic~
Elastic's new ES|QL COMPLETION command embeds LLM reasoning directly into detection queries to automate alert triage and reduce false positives.
-
IOCs: (None identified)
-
#AI #DetectionEngineering #Elastic #ThreatIntel
0
0
0
0
ReversingLabs' Ashlee Benge shares how to use YARA retrohunting for detection engineering by leverageing RL's dynamic analysis of "pkr_mtsi" for defense in Spectra Analyze.
👉 hubs.ly/Q043qJY-0
#yararules #detectionengineering #malwareanalysis
0
0
0
0
~Elastic~
Elastic introduces using LLMs directly in ES|QL queries to reason about and triage correlated security alerts, reducing false positives.
-
IOCs: (None identified)
-
#AI #DetectionEngineering #Elastic #ThreatIntel
0
0
0
0
🔍 Up first: Steve Cooper on owning your detection coverage and turning uncertainty into confidence. Detection engineering made simple, practical, and powerful.
What’s your biggest challenge in this space? We'd love to hear from you! #CyberSecurity #DetectionEngineering #CSCVol14
0
0
0
0
~Elastic~
A guide to automating live malware (CVE-2024-3094) and Active Directory attack labs with Ludus and Elastic for continuous detection validation.
-
IOCs: CVE-2024-3094
-
#DetectionEngineering #PurpleTeam #ThreatIntel
0
0
0
0
Know any good #detectionengineering who aren't white males? Please propose, wanna follow them! :)
0
0
0
0
~Elastic~
Elastic Security 9.3 now supports automatic migration of QRadar detection rules, simplifying SIEM transitions.
-
IOCs: (None identified)
-
#DetectionEngineering #Elastic #SIEM #ThreatIntel
0
0
0
0
I've released my new course:
Practical Threat Hunting for Beginners
Similar courses: $$$$
This course: $$
academy.bluraven.io/course/pract...
#ThreatHunting #DetectionEngineering
3
2
0
0
It looks like #BSidesLuxembourg will have a #detectionengineering village. If that’s something you want to contribute to, please be in touch asap as we start defining what that will be implemented as asap
#bsides
2
5
0
1
Tracked a pig butchering operation from the #Indian #Matrimony search app to a wallet drainer.
One wallet. 20 days. $350,000+ in ETH.
Here's the technical breakdown:
#ThreatIntel #CryptoFraud #PigButchering #OSINT #BlockchainAnalysis #DetectionEngineering #CyberThreatIntelligence
0
0
1
0
I’m excited to share that my new book is now available at www.amazon.ca/dp/B0G6S81YSZ : “Augmented Security Operations: AI, Automation and Guardrails for Cybersecurity Leader.”
#CyberSecurity #SOC #SecurityOperations #AI #GenAI #Automation #SOAR #DetectionEngineering #Governance #RiskManagement
1
0
0
0
If you're doing #ActionableCTI or #detectionengineering -> submit to the @BSidesLuxembourg CFP, we are brewing something really interesting for you!
0
1
0
0
APT31 isn’t breaking in. They’re blending in.
Microsoft Dev Tunnels, cloud storage, signed binaries, all abused as stealthy C2.
This is trust exploitation at scale.
🔗 blackcastle.com.au/blog/apt31-t...
#APT #ThreatIntelligence #CloudSecurity #DetectionEngineering #CyberSecurity #Maldev #offsec
1
0
0
0
FalconForce’s Agapios brings you an early Christmas present🎁: the second blog in #detectionengineering maintenance. Learn all about how data science can boost your detection maintenance … and keep you from herding sheep. Enjoy the read and happy holidays🎄
falconforce.nl/how-data-sci...
0
0
0
0
Help us build an awesome event this upcoming May!
Submit to our CFP, help us get our villages, workshop day and talk tracks over 2 days to be awesome!
Maybe a cloudsec village or cloud track?
We're seriously trying to build a #detectionengineering village or track.
How about AI security?
An […]
0
1
0
0
#threathunting #cybersecurity #thrunting #soc #blueteam #detectionengineering #incidentresponse #cyberdefense #aiinsecurity #agenticai #scada #otsecurity #purpleteam #grc #peakframework #THORcollective #dispatchdebrief
0
0
0
0
🔥 #BlackFriday discounts are live🔥
➤ 35% OFF all #KQL courses for threat hunting, detection engineering, and incident response.
#ThreatHunting #DetectionEngineering #DFIR #incidentresponse #CyberSecurity #InfoSec
👉academy.bluraven.io/blackfriday2...
1
2
0
0
#autonomousSOC #taylorsversion #cybersecurity #threathunting #SOClife #detectionengineering #automation #THORcollective #infosec #securityoperations
1
0
0
0
💡FalconForce has invested its offensive security knowledge and applied R&D into creating high-fidelity detection content; to detect threats that are in the blind spots of many organizations.
👉 Try it for yourself on GitHub: github.com/FalconForceT...
#SOC #kusto #detectionengineering #falconfriday
0
0
0
0
New post on how to get your detection engineering program to be APT-ready:
ag-michael.github.io/02.html
A bit wordy, but looking for any feedback/thoughts.
#DetectionEngineering #APT #infosec #threathunting #purpleteaming #bas #detection
1
0
0
0
Amine Besson's 'SOC must die talk' from #BSidesLuxembourg2025 is an absolute blast and a must-watch if you want to know where your SOC should move in today's environment and which role autonomy and AI will/should have in it going forwards
So if you do #blueteam #SOC #DetectionEngineering, watch […]
0
0
0
0
Amine Besson's 'SOC must die talk' from #BSidesLuxembourg2025 is an absolute blast and a must-watch if you want to know where your SOC should move in today's environment and which role autonomy and AI will/should have in it going forwards
So if you do #blueteam #SOC #DetectionEngineering, watch […]
0
0
0
0