JA4+ network fingerprinting
Guest Post: Powerful human and machine-readable network fingerprints for multiple protocols that improve threat-hunting and analysis.
Tag: threat hunting
Threat activity and vulnerabilities in Indonesia, Malaysia, Philippines, and Thailand
Guest Post: Understanding the attack surface of ASEAN economies to better support them.
Incident response lessons from FIRSTCON22
Guest Post: Effective threat hunting, incident response in the cloud, how to stop phishing, and the emotional experience of ransomware.
Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.
Three of the best: How to
‘How to’ posts are a great way to learn how to use a new tool, troubleshoot problems, or perform advanced tasks. Here are three of 2021’s best.
Intel Owl v3.0.0 speeds up threat intelligence retrieval
Guest Post: With 100+ analysers, Intel Owl helps with incident response, threat analysis, security research and threat hunting.
How to: Threat hunting and threat intelligence
Guest Post: Team Cymru takes us through the steps of a threat hunt.