Sharing our recent detection research and strategies for defendnot, a tool that creates a Malicious Security Product to disable Defender. We dive into:.- How it works.- Artifacts left behind.- How to build and layer robust detections.- Detection rules.

RT @inversecos: Become a contributor at XINTRA @XintraOrg 🔎. We're looking for RED and BLUE team contributors . 🔴Red Team – Emulate real AP….

RT @Antonlovesdnb: Coming up on my 1 year anniversary with @HuntressLabs ! . Taking this opportunity to go over some things myself and the….

RT @ValidinLLC: Hot on the heels of the researched published by @HuntressLabs, hunting for Zoom-themed lures from DPRK's #BlueNoroff . 💥Lea….

RT @HuntressLabs: BlueNoroff (TA444) just dropped one of the most sophisticated macOS intrusions we’ve seen—deepfakes, fake Zoom links, and….

RT @Level_Effect: 🛠 Workshop Name:.Augmenting Detection and Response with AI.by Matt Anderson @nosecurething !. 🚨 Day 12 of Workshop Showca….

RT @HuntressLabs: 👀 DPRK threat actors are now using deepfakes and fake Zoom links to socially engineer macOS users. Starts with a Telegra….

RT @birchb0y: excited bc today @HuntressLabs is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!!….

RT @_JohnHammond: gawd daaayyuumm this is cool.web3 company intrusion.zoom/google meets phish.mac malware.nim and go and applescript and ob….

RT @JonnyJohnson_: Have you ever wondered if there was a way to deploy a "Remote EDR"? Today I'm excited to share research I've been workin….

RT @Antonlovesdnb: 🚨 [ New blog ] out today with my 🐐 colleagues @xorJosh and @Purp1eW0lf - this case started with a simple brute force and….

RT @gleeda: ✅Are you well versed in Linux? .✅Do you understand Linux internals and eBPF?.✅ Do you like building out POCs?.✅Do you understa….

RT @4ndr3w6S: Incredibly excited to share my first blog with @HuntressLabs 🚀. I explore detecting Kerberoasting attacks using Perfmon as a….

RT @HuntressLabs: We’ve been working to break down #RedCurl’s unique tactics, show how they match past attacks, and share tips on spotting….

New @huntress blog where @birchb0y @Laughing_Mantis and I tell the story of 🕵️and 🤜 ➡️🗑️ some cyber espionage activity in 2024. Always feels good to learn something interesting and then use it to stop real threats with our team at Huntress! 💪

RT @birchb0y: reminder to say happy new years to the russian espionage groups in ur network 🥰🇷🇺. @nosecurething (🐐), @Laughing_Mantis (🐐),….

RT @stuartjash: ICYMI: @birchb0y and I spoke about macOS infostealers at #OBTS and dove into some of the interesting ones. @objective_see….

Fantastic new blog from the amazing @Antonlovesdnb on initial access trends we're seeing. Check it out!.

RT @sublime_sec: Freight-forwarding fraud, which can target shipping containers full of goods, is on the rise as a lucrative alternative to….

Wanted to learn 0⃣1⃣ 🥷specifically, but I learned a ton more! ❤️the format, using videos & written guides for all the content. Amazing Binja-specific material. Analyzing real malware. Nothing else like IMBT @InvokeReversing .🔥 Enjoyable, excellent course! (great price too).