Episodes

  • S3 Ep26: Inception Point: Informed Defense

    S3 Ep26: Inception Point: Informed Defense
    Apr 25 2025
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Threat Hunting Workshop: Hunting for Execution - Level 2
    May 14, 2025 | 12:00 - 1:00 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-workshop-15-hunting-for-execution-level-2

    ----------

    Top Headlines:

    • Check Point Research | Renewed APT29 Phishing Campaign Against European Diplomats: https://research.checkpoint.com/2025/apt29-phishing-campaign/
    • JPCERT/CC EYES | DslogdRAT Malware Installed in Ivanti Connect Secure: https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html?&web_view=true
    • Tenable | ConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP Composer: https://www.tenable.com/blog/confusedcomposer-a-privilege-escalation-vulnerability-impacting-gcp-composer
    • Confense | Decoding Fake US ESTA Emails: Scam or Real Deal?: https://cofense.com/blog/decoding-fake-us-esta-emails-scam-or-real-deal?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    57 mins
  • S3 Ep25: 00UserAgent: Complexity Never Sleeps

    S3 Ep25: 00UserAgent: Complexity Never Sleeps
    Apr 21 2025
    [LIVE] Out of the Woods: The Threat Hunting Podcast - "Guess Who: The Adversary Edition"
    May 8, 2025 | 12:00 - 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/ootw-guess-who-the-adversary-edition

    Top Headlines:

    • Symantec | Shuckworm Targets Foreign Military Mission Based in Ukraine: https://www.security.com/threat-intelligence/shuckworm-ukraine-gammasteel
    • BI.ZONE | Sapphire Werewolf Refines Amethyst Stealer to Attack Energy Companies: https://bi.zone/eng/expertise/blog/kamen-ogranennyy-sapphire-werewolf-ispolzuet-novuyu-versiyu-amethyst-stealer-dlya-atak-na-tek/
    • SentinelOne | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale: https://www.sentinelone.com/labs/akirabot-ai-powered-bot-bypasses-captchas-spams-websites-at-scale/
    • SecureList | GOFFEE Continues to Attack Organizations in Russia: https://securelist.com/goffee-apt-new-attacks/116139/?web_view=true
    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    52 mins
  • S3 Ep24: ShortCut to the Fast and the Obfuscated

    S3 Ep24: ShortCut to the Fast and the Obfuscated
    Apr 3 2025
    Top Headlines:

    • Elastic | Outlaw Linux Malware: Persistent, Unsophisticated, and Surprisingly Effective: https://www.elastic.co/security-labs/outlaw-linux-malware
    • G Data | Smoked out - Emmenhtal spreads SmokeLoader malware: https://www.gdatasoftware.com/blog/2025/03/38160-emmenhtal-smokeloader-malware
    • CISA | #StopRansomware: Medusa Ransomware: https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-071a
    • Esentire | The Long and Short(cut) of It: KoiLoader Analysis: https://www.esentire.com/blog/the-long-and-shortcut-of-it-koiloader-analysis

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    34 mins
  • S3 Ep23: [LIVE] From Skilled to Tactical Threat Hunting: Where to Focus for Maximum Impact

    S3 Ep23: [LIVE] From Skilled to Tactical Threat Hunting: Where to Focus for Maximum Impact
    Mar 17 2025
    In this episode of Out of the Woods: The Threat Hunting Podcast, this live discussion focuses on where threat hunters should focus their time to drive real security impact.

    • How experienced hunters prioritize their time - What matters most in real-world threat hunting.
    • The biggest mistakes that slow hunters down - Common distractions and how to avoid them.
    • How to refine your investigative approach - Strategies to ensure your hunts lead to real findings.

    Interesting Artifacts:
    • https://cybersources.site/
    • https://github.com/FalconForceTeam/FalconHound
    • https://medium.com/falconforce/falconhound-attack-path-management-for-blue-teams-42adedc9cae5
    • https://github.com/SpecterOps/BloodHound?tab=readme-ov-file
    • https://github.com/SpecterOps/BloodHound-Legacy
    • https://www.youtube.com/watch?v=Pn7GWRXfgeI
    • https://www.eccouncil.org/cybersecurity-exchange/cyber-talks/cloud-threat-hunting-tactics-for-enhanced-azure-security/

    🔗 Join us on Discord: https://discord.gg/DR4mcW4zBr

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    1 hr and 29 mins
  • S3 Ep22: What You Don't Know, Can Hurt You

    S3 Ep22: What You Don't Know, Can Hurt You
    Mar 4 2025
    *Top Cover 4 – Threat Hunting Management Workshop: Hiring Effective Threat Hunters
    March 5, 2025 | 12:00 – 12:45 PM ET
    Sign Up: https://intel471.com/resources/webinars/top-cover-4-threat-hunting-management-workshop-hiring-effective-threat-hunters

    *Out of the Woods: The Threat Hunting Podcast [LIVE]
    March 13, 2025 | 12:00 – 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/from-skilled-to-tactical-threat-hunting-where-to-focus-for-maximum-impact

    Threat Hunting Foundations Workshop: Moving Beyond IOCs to Behaviors and TTPs
    March 27, 2025 | 9:30 am – 1:30 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-foundations-workshop-moving-beyond-iocs-to-behaviors-and-ttps

    ----------

    Top Headlines:

    • Truffle Security Co | Research Finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek’s Training Data: https://trufflesecurity.com/blog/research-finds-12-000-live-api-keys-and-passwords-in-deepseek-s-training-data
    • Trend Micro | Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal: https://www.trendmicro.com/en_us/research/25/b/black-basta-cactus-ransomware-backconnect.html?&web_view=true
    • Intel 471 | Android Trojan TgToxic Updates Its Capabilities: https://intel471.com/blog/android-trojan-tgtoxic-updates-its-capabilities
    • BleepingComputer | Over 49,000 Misconfigured Building Access Systems Exposed Online: https://www.bleepingcomputer.com/news/security/over-49-000-misconfigured-building-access-systems-exposed-online/?&web_view=true

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    51 mins
  • S3 Ep21: Sight Your Sources, Look for the Obvious

    S3 Ep21: Sight Your Sources, Look for the Obvious
    Feb 26 2025
    *Top Cover 4 – Threat Hunting Management Workshop: Hiring Effective Threat Hunters
    March 5, 2025 | 12:00 – 12:45 PM ET
    Sign Up: https://intel471.com/resources/webinars/top-cover-4-threat-hunting-management-workshop-hiring-effective-threat-hunters

    *Out of the Woods: The Threat Hunting Podcast [LIVE]
    March 13, 2025 | 12:00 – 1:30 PM ET
    Sign Up: https://intel471.com/resources/podcasts/from-skilled-to-tactical-threat-hunting-where-to-focus-for-maximum-impact

    Threat Hunting Foundations Workshop: Moving Beyond IOCs to Behaviors and TTPs
    March 27, 2025 | 9:30 am – 1:30 PM ET
    Sign Up: https://intel471.com/resources/webinars/threat-hunting-foundations-workshop-moving-beyond-iocs-to-behaviors-and-ttps

    ----------

    Top Headlines:

    • Netcraft | The Bleeding Edge of Phishing: Dracula-suite 3.0 Enables DIY Phishing of Any Brand: https://www.netcraft.com/blog/darcula-v3-phishing-kits-targeting-any-brand/
    • The Cyber Express | Ghost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT: https://thecyberexpress.com/asyncrat-attack/?&web_view=true
    • Cisco Talos Blog | Weathering the Storm: In the Midst of a Typhoon: https://blog.talosintelligence.com/salt-typhoon-analysis/
    • ANY.RUN’s Cybersecurity Blog | Zhong Stealer: Technical Analysis of a Threat Targeting FIntech: https://any.run/cybersecurity-blog/zhong-stealer-malware-analysis/?utm_source=csn&utm_medium=article&utm_campaign=webinar&utm_content=landing&utm_term=200225

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    40 mins
  • S3 Ep20: Adjust, Protect, Improve - API Your Posture

    S3 Ep20: Adjust, Protect, Improve - API Your Posture
    Feb 19 2025
    [LIVE] Top Cover 4 – Threat Hunting Management Workshop: Hiring Effective Threat Hunters
    March 5, 2025 | 12:00 – 12:45 PM EST
    Sign Up: https://intel471.com/resources/webinars/top-cover-4-threat-hunting-management-workshop-hiring-effective-threat-hunters


    [LIVE] OOTW Live Podcast – From Skilled to Tactical Threat Hunting: Where to Focus for Maximum Impact
    March 13, 2025 | 12:00 – 1:30 PM EST
    Sign Up: https://intel471.com/resources/podcasts/from-skilled-to-tactical-threat-hunting-where-to-focus-for-maximum-impact

    ----------

    Top Headlines:

    • Netskope | Telegram Abused as C2 Channel for New Golang Backdoor: https://www.netskope.com/blog/telegram-abused-as-c2-channel-for-new-golang-backdoor
    • Sygnia | Abyss Locker Ransomware: Attack Flow & Defense Strategies: https://www.sygnia.co/blog/abyss-locker-ransomware-attack-analysis/?web_view=true
    • Security Labs | whoAMI: A Cloud Image Name Confusion Attack: https://securitylabs.datadoghq.com/articles/whoami-a-cloud-image-name-confusion-attack/
    • Trend Micro | Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response: https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    43 mins
  • S3 Ep19: [Bonus Episode] From Curiosity to Cybersecurity: Matt Scheurer on Incident Response, Mentorship, and Career Growth

    S3 Ep19: [Bonus Episode] From Curiosity to Cybersecurity: Matt Scheurer on Incident Response, Mentorship, and Career Growth
    Feb 11 2025
    In this episode of Out of the Woods, Scott Poley sits down with Matt Scheurer at the Information Security Summit in Cleveland to discuss his journey into cybersecurity, from early tech fascination to leading incident response teams.

    Matt shares insights on breaking into the field, the challenges of asset management and alert fatigue, and the importance of mentorship and professional networking. He also highlights key lessons from incident response, the value of cross-team collaboration, and how security teams can stay ahead of evolving threats. Whether you're new to cybersecurity or a seasoned professional, this conversation offers valuable takeaways on building a successful career in security.

    Connect with Matt: https://www.linkedin.com/in/mattscheurer/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    Show more Show less
    30 mins
adbl_web_global_use_to_activate_webcro768_stickypopup