Threat actors when they see our graph based correlation

🚨Your employees’ credentials are already on the dark web. In 2024 alone there were 4.3M+ devices hit by infostealers & 330M+ credentials compromised. It’s time to rethink identity defense. Join Team Axon for a can’t-miss webinar on Infostealer trends, why defenses fail and

A new research series diving into Azure Managed Identities. My dear research partner @CYBER_TLDR and I cover offensive aspects of Managed Identities, including practical abuse scenarios across services like Exchange Online, Key Vault, and more. Part 2 - focused on detection and

Azure Managed Identities (MIs) streamline security, but convenience brings new risks. Our security researchers uncover how attackers exploit these Non-Human Identities (NHIs). Dive into Part 1 for deep insights and practical attack scenarios. Read now: https://t.co/ILDhMlW5PS

Check out our GitHub:

🚨 Major Chrome extension threat campaign recently uncovered that includes: 🔹35+ malicious extensions 🔹2.5M+ potential victims 🔹Extensive attacker infrastructure Read our blog for the full story and resources to protect your organization. https://t.co/UxEQhQ34EM

On the first day of Huntmas, my true love gave to me... a SOC BINGO card! 🎶 Welcome to the 10 Days of Huntmas! 🎁 Dive into the festive spirit with our BINGO card. Have fun ticking off those familiar phrases you've been using all year!

HuntersCON 2024 opens tomorrow at 8:00 AM PT! Enjoy a day full of top speakers on key cybersecurity topics. Don't miss Marcus Hutchins' keynote on App-Bound Encryption and InfoStealer, plus a Q&A with Hunters' CEO, Uri May. Register now: https://t.co/zdiQDU2YTo

Think you're funny? Prove it! Mark your calendar for Nov 19th, and dive into HuntersCON for sessions on the topics that matter to you. While you're there, unleash your creativity by sharing original memes for a shot to win fantastic prizes! Register now: https://t.co/586Jyh3VBI

📢 CALLING ALL THREAT HUNTERS Join us on Nov 19th with Hunters' Field CTO and Security Research Team Lead, to explore real-world scenarios: uncovering cloud adversary tactics from a recent AWS attack and preventing a ransomware attack. REGISTER NOW: https://t.co/yrVRPc2l1y

Marcus Hutchins is taking the #HuntersCON2024 stage as our keynote speaker! Join Marcus on Nov 19 to explore: ▪️The latest Chrome infostealer protection ▪️His perspective on cybercrime networks ▪️How threat actors work together 📅 Register now! https://t.co/fknpivCecO

LAST CHANCE TO REGISTER 🚨 The Hunters Games #CTF has returned! Are you up for the challenge? Join in for a shot at winning amazing prizes, such as: SpyraThree Water Guns, Raspberry Pi 5 Desktop Kit & Hack The Box gift cards Save your spot: https://t.co/p8ciPUdu1B

The Hunters Games #CTF is back by popular demand! Think you've got what it takes to conquer the challenges and rise above the competition? 🏆 Register now: https://t.co/Kq4AolMf5D

Breaking: #VEILDrive campaign uses Microsoft services for Command & Control! Unobfuscated Java malware evaded detection. Read the attack path + hunting queries from @Team__AXON 👉 https://t.co/fJDFdIep2H #ThreatHunting #CyberSec @InfosecInsights

📣 #HuntersCON24 is back on November 19! 🚀 This year, we're raising the stakes: 🤣 Enjoy our meme board and win awesome prizes! 🏆 #CTF is back - winners revealed live! 👾 Sessions exploring Inside the Mind of an Adversary Secure your spot today!🎟️

1 / 2 We've researched how EDRs audit plist files in macOS LaunchAgents. Detection issues can allow persistence mechanisms to slip through, impacting visibility and security posture. #Cybersecurity #macOS #EDR #ThreatHunting #Infosec

🚨 Inside the UNC5537 Snowflake Threat Campaign @Team_Axon is breaking down the attack on #Snowflake users with a technical deep dive to level up your defenses. Get insights on UNC5537 tactics & expert investigation tips 👉 https://t.co/hfo5sccvCZ #CyberSecurity #ThreatHunting

Please try to remember that there are humans on the other end of every one of these machines, all trying their best to resolve the problem. While we know the situation is urgent, please try to extend as much grace and patience as possible.

To everyone else - we've shared our queries to assist in identifying impacted devices: