Episodes

  • S3 Ep21: Sight Your Sources, Look for the Obvious

    S3 Ep21: Sight Your Sources, Look for the Obvious
    Feb 26 2025
    *Top Cover 4 – Threat Hunting Management Workshop: Hiring Effective Threat Hunters
    March 5, 2025 | 12:00 – 12:45 PM ET
    Sign Up: https://intel471.com/resources/webinars/top-cover-4-threat-hunting-management-workshop-hiring-effective-threat-hunters

    *Out of the Woods: The Threat Hunting Podcast [LIVE]
    March 13, 2025 | 12:00 – 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/from-skilled-to-tactical-threat-hunting-where-to-focus-for-maximum-impact

    Threat Hunting Foundations Workshop: Moving Beyond IOCs to Behaviors and TTPs
    March 27, 2025 | 9:30 am – 1:30 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-foundations-workshop-moving-beyond-iocs-to-behaviors-and-ttps

    ----------

    Top Headlines:

    • Netcraft | The Bleeding Edge of Phishing: Dracula-suite 3.0 Enables DIY Phishing of Any Brand: https://www.netcraft.com/blog/darcula-v3-phishing-kits-targeting-any-brand/
    • The Cyber Express | Ghost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT: https://thecyberexpress.com/asyncrat-attack/?&web_view=true
    • Cisco Talos Blog | Weathering the Storm: In the Midst of a Typhoon: https://blog.talosintelligence.com/salt-typhoon-analysis/
    • ANY.RUN’s Cybersecurity Blog | Zhong Stealer: Technical Analysis of a Threat Targeting FIntech: https://any.run/cybersecurity-blog/zhong-stealer-malware-analysis/?utm_source=csn&utm_medium=article&utm_campaign=webinar&utm_content=landing&utm_term=200225

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    40 mins
  • S3 Ep20: Adjust, Protect, Improve - API Your Posture

    S3 Ep20: Adjust, Protect, Improve - API Your Posture
    Feb 19 2025
    [LIVE] Top Cover 4 – Threat Hunting Management Workshop: Hiring Effective Threat Hunters
    March 5, 2025 | 12:00 – 12:45 PM EST
    Sign Up: https://intel471.com/resources/webinars/top-cover-4-threat-hunting-management-workshop-hiring-effective-threat-hunters


    [LIVE] OOTW Live Podcast – From Skilled to Tactical Threat Hunting: Where to Focus for Maximum Impact
    March 13, 2025 | 12:00 – 1:30 PM EST
    Sign Up: https://intel471.com/resources/podcasts/from-skilled-to-tactical-threat-hunting-where-to-focus-for-maximum-impact

    ----------

    Top Headlines:

    • Netskope | Telegram Abused as C2 Channel for New Golang Backdoor: https://www.netskope.com/blog/telegram-abused-as-c2-channel-for-new-golang-backdoor
    • Sygnia | Abyss Locker Ransomware: Attack Flow & Defense Strategies: https://www.sygnia.co/blog/abyss-locker-ransomware-attack-analysis/?web_view=true
    • Security Labs | whoAMI: A Cloud Image Name Confusion Attack: https://securitylabs.datadoghq.com/articles/whoami-a-cloud-image-name-confusion-attack/
    • Trend Micro | Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response: https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    43 mins
  • S3 Ep19: [Bonus Episode] From Curiosity to Cybersecurity: Matt Scheurer on Incident Response, Mentorship, and Career Growth

    S3 Ep19: [Bonus Episode] From Curiosity to Cybersecurity: Matt Scheurer on Incident Response, Mentorship, and Career Growth
    Feb 11 2025
    In this episode of Out of the Woods, Scott Poley sits down with Matt Scheurer at the Information Security Summit in Cleveland to discuss his journey into cybersecurity, from early tech fascination to leading incident response teams.

    Matt shares insights on breaking into the field, the challenges of asset management and alert fatigue, and the importance of mentorship and professional networking. He also highlights key lessons from incident response, the value of cross-team collaboration, and how security teams can stay ahead of evolving threats. Whether you're new to cybersecurity or a seasoned professional, this conversation offers valuable takeaways on building a successful career in security.

    Connect with Matt: https://www.linkedin.com/in/mattscheurer/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    30 mins
  • S3 Ep18: 99 Problems but AI (Maybe) Ain't 1

    S3 Ep18: 99 Problems but AI (Maybe) Ain't 1
    Feb 4 2025
    [LIVE] Threat Hunting Workshop: Hunting for Initial Access – Level 2
    February 12, 2025 | 12:00 – 1:00 PM ET
    Sign Up --> https://intel471.com/resources/webinars/threat-hunting-workshop-14-hunting-for-initial-access-level-2

    ----------

    Top Headlines:
    • Wiz Blog | Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History: https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
    • Google | Adversarial Misuse of Generative AI: https://services.google.com/fh/files/misc/adversarial-misuse-generative-ai.pdf
    • Cisco Talos Blog | New TorNet Backdoor Seen in Widespread Campaign: https://blog.talosintelligence.com/new-tornet-backdoor-campaign/
    • BleepingComputer | Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics: https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    40 mins
  • S3 Ep17: [LIVE] The Art of the Hunt: Turning Intel into Action

    S3 Ep17: [LIVE] The Art of the Hunt: Turning Intel into Action
    Feb 3 2025
    In this episode, "The Art of the Hunt: Turning Intel into Action," our expert team explores the nuances of threat intelligence, including behavioral and indicator-based approaches, and how to effectively leverage them for superior outcomes.

    Here’s what to expect:

    • Understanding Intelligence: Learn the key differences between raw data and operationalized threat intelligence, and why context and relevance are crucial.
    • Behavioral vs. Indicator-Based Intel: Explore why focusing on attacker goals, techniques, and patterns offers lasting value over short-lived indicators.
    • Maximizing MITRE ATT&CK: Discover how to navigate its strengths and challenges to align threat intelligence with real-world scenarios.
    • What Defines Good Threat Intel: Delve into attributes like timeliness, behavior tracking, and tailored context for better hunting.
    • Practical Strategies: Gain insights into transforming collected data into meaningful hypotheses that align with your unique environment.

    Interesting Artifacts:
    • https://www.mcafee.com/blogs/other-blogs/mcafee-labs/githubs-dark-side-unveiling-malware-disguised-as-cracks-hacks-and-crypto-tools/
    • https://www.focustodo.cn/#features
    • https://github.com/center-for-threat-informed-defense/cti-blueprints/wiki


    🔗 Join us on Discord: https://discord.gg/Ka6tsEc3

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    1 hr and 29 mins
  • S3 Ep16: [Bonus Episode] Professional Growth and Security Strategies with Arun DeSouza

    S3 Ep16: [Bonus Episode] Professional Growth and Security Strategies with Arun DeSouza
    Jan 24 2025
    In this episode of Intel 471's Out of the Woods: Threat Hunting Podcast, Arun DeSouza shares insights from his journey as a cybersecurity leader, including the importance of zero trust, identity management, and data sovereignty. Arun emphasizes the value of strong relationships, mentorship, and continuous learning in overcoming challenges like IoT risks and responsible AI adoption.

    Packed with practical advice, this conversation offers valuable takeaways for cybersecurity professionals at any stage of their career.

    Connect with Arun: https://www.linkedin.com/in/arundesouza/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    29 mins
  • S3 Ep15: Trust but Verify

    S3 Ep15: Trust but Verify
    Jan 22 2025
    [LIVE] Out of the Woods Podcast
    January 30, 2025 | 12:00 - 1:30 PM ET
    Sign Up --> https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action

    [LIVE] Threat Hunting Workshop: Hunting for Initial Access – Level 2
    February 12, 2025 | 12:00 – 1:00 PM ET
    Sign Up --> https://intel471.com/resources/webinars/threat-hunting-workshop-14-hunting-for-initial-access-level-2


    ----------


    Top Headlines:

    1. Sekoia.ai Blog | Sneaky 2FA: Exposing a New AiTM Phishing-as-a-Service: https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/
    2. Netcraft | The Truth of the Matter: Scammers Targeting Truth Social Users: https://www.netcraft.com/blog/truth-social-scam-threat-review/
    3. Silverfort | Think You Blocked NTLMv1? Bypassing NTLM Authentication is Still Possible: https://www.silverfort.com/blog/ntlmv1-bypass-in-active-directory-technical-deep-dive/
    4. Cybersecurity News | CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now: https://securityonline.info/cve-2025-0411-7-zip-security-vulnerability-enables-code-execution-update-now/?&web_view=true

    ----------


    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    34 mins
  • S3 Ep14: Some Things are Better Left Unstructured

    S3 Ep14: Some Things are Better Left Unstructured
    Jan 15 2025
    [LIVE] Out of the Woods Podcast
    January 30, 2025 | 12:00 - 1:30 PM ET
    Sign Up -->     https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action

    Top Headlines:

    1. Truffle Security | Millions of Accounts Vulnerable due to Google's OAuth Flaw: https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw
    2. Halcyon | Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C: https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
    3. Horizon3 | Critical Vulnerabilities in SimpleHelp Remote Support Software: https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/
    4. Sekoia | Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations: https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show More Show Less
    38 mins