Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
Tag: threat hunting
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.
Three of the best: How to
‘How to’ posts are a great way to learn how to use a new tool, troubleshoot problems, or perform advanced tasks. Here are three of 2021’s best.
Intel Owl v3.0.0 speeds up threat intelligence retrieval
Guest Post: With 100+ analysers, Intel Owl helps with incident response, threat analysis, security research and threat hunting.
How to: Threat hunting and threat intelligence
Guest Post: Team Cymru takes us through the steps of a threat hunt.
Sigma: A generic log signature format
Guest Post: Sigma is an open-source project that tries to solve challenges with store logs in different repositories.
Threat hunting 101: Hunting with Yara rules
Guest Post: Yara rules are an easy yet important threat hunting tool for searching for malicious files in your directories.
Asia Pacific organizations becoming more proactive in cybersecurity, reducing dwell time
Asia Pacific organizations are getting better and more proactive at detecting compromises in their own network.