Skip to content

    Threat Hunting (2)

      Filter by Topic

      Featured Incident Response Threat Hunting

      Sygnia Advisory: Potential Okta Breach

      executive summary On March 22nd, 2022, the LAPSUS$ threat group published potential evidence of a successful breach of Okta, a widely used identity provider. This... Read More
      Featured Incident Response Threat Hunting

      Advisory: Russia–Ukraine Conflict Escalation

      executive summary As we continue to closely monitor the unfolding conflict between Russia and Ukraine, we're publishing this advisory to support global organizations. The... Read More
      Featured Incident Response Threat Hunting

      End-to-End LOG4SHELL Hunting Strategy

      Log4j2 is a widely used open-source Java logging library developed by the Apache foundation. On December 9, 2021 a critical unauthenticated remote code execution... Read More
      Incident Response Threat Hunting

      Sygnia Advisory: Log4Shell Remote Code Execution

      Updated - December 17, 2021 On December 9, a critical remote code execution (RCE) vulnerability in Java logging library Apache Log4j was made public. The vulnerability,... Read More
      Incident Response Threat Hunting

      Recent Waves of Phishing Attacks Overpowering 2-factor Authentication

      Real-Time Authentication Phishing Kits implement a Man-in-the-Middle attack technique, allowing threat actors to obtain a live Office365 user session. Conditional Access... Read More
      Incident Response Threat Research Threat Hunting Ransomware

      Lazarus Group’s Mata Framework Leveraged To Deploy TFlower Ransomware

      Over the past few years, North Korea has turned its offensive cyber operations into a major source of income. On February 17, 2021, the US Department of Justice (DoJ) has... Read More