エピソード

  • S4 Ep1: When the Chain Bites Back

    S4 Ep1: When the Chain Bites Back
    2026/05/18
    Top Headlines:
    • The Hacker News | Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages: https://thehackernews.com/2026/05/mini-shai-hulud-worm-compromises.html
    • Checkmarx | Update: Ongoing Checkmarx Supply Chain Security Incident: https://checkmarx.com/blog/ongoing-security-updates/
    • Google Cloud Blog | Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access: https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
    • Bitdefender | FamousSparrow APT Targets Azerbaijani Oil and Gas Industry: https://businessinsights.bitdefender.com/famoussparrow-apt-targets-azerbaijani-oil-gas-industry


    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    57 分
  • S3 Ep63: May the Context Be With You

    S3 Ep63: May the Context Be With You
    2026/04/22
    Top Headlines:
    • Elastic Security Labs | Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT: https://www.elastic.co/security-labs/phantom-in-the-vault
    • SentinelOne | Annual Threat Report: A Defender's Guide from the Frontlines: https://www.sentinelone.com/resources/ebooks/assets/threat-intel-program-fy27/tdr-annual-threat-report-25-en?utm_medium=paid-display&utm_source=thehackernews&utm_campaign=amer-us-platform&utm_content=homepage-newsfeed-3-23-2026
    • eSentire | STX RAT: A new RAT in 2026 with Infostealer Capabilities: https://www.esentire.com/blog/stx-rat-a-new-rat-in-2026-with-infostealer-capabilities

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    51 分
  • S3 Ep62: Q1 2026 - Threat Hunt Report

    S3 Ep62: Q1 2026 - Threat Hunt Report
    2026/04/21

    In this special episode of Out of the Woods, Scott Poley and Tom Kostura review key findings from the Q1 2026 Threat Hunt Report and discuss what stood out across the quarter. They cover recurring living off the land activity, persistence techniques, valid account abuse, social engineering trends, geopolitical developments and supply chain compromises, with a focus on what those patterns mean for threat hunters and defenders.

    Download the full Q1 2026 Threat Hunt Report: https://www.intel471.com/resources/whitepapers/threat-hunt-report-q1-2026

    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 5 分
  • S3 Ep61: [LIVE] Guess Who: The Malware Edition

    S3 Ep61: [LIVE] Guess Who: The Malware Edition
    2026/03/26

    Can You Identify the Malware Family?

    Out of the Woods: The Threat Hunting Podcast returns with another live, interactive edition designed to test how you analyze malicious activity. This session will focus on a specific malware family, revealing its behavior in stages as our hosts walk through execution patterns, infrastructure clues, and operational tradecraft.

    Participants will examine how observed behaviors align to MITRE ATT&CK, how the malware evolves across campaigns, and how delivery methods and post-exploitation activity signal attribution. Before the final reveal, attendees will have the opportunity to submit their best guess on which malware family is responsible.

    What You’ll Learn:

    • Real-world malware behavior – A phase-by-phase breakdown of an active malware campaign
    • MITRE ATT&CK in context – How techniques manifest during execution
    • Behavioral fingerprinting – Identifying patterns across variants and infrastructure
    • Delivery and objectives – What infection chains reveal about operator intent
    • Interactive analysis – Submit your guess before the final reveal

    Watch the episode here: https://youtu.be/wo-Vy6okKVI
    続きを読む 一部表示
    1 時間 30 分
  • S3 Ep60: Honey, I sideloaded Havoc...

    S3 Ep60: Honey, I sideloaded Havoc...
    2026/03/05

    *[LIVE] Out of the Woods Podcast: Guess Who: The Malware Edition
    March 25, 2026 | 12:00 - 1:30 PM ET
    Sign Up: https://www.intel471.com/resources/podcasts/guess-who-the-malware-edition-1

    *Threat Hunting Management Workshop: Rethinking Priority
    March 18, 2026 | 12:00 - 12:30 PM ET
    Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-rethinking-priority

    ----------

    Top Headlines:
    • Arctic Wolf | SloppyLemming Deploys BurrowShell and Rust-Based RAT to Target Pakistan and Bangladesh: https://arcticwolf.com/resources/blog/sloppylemming-deploys-burrowshell-and-rust-based-rat-to-target-pakistan-and-bangladesh/
    • Huntress | Fake Tech Support Delivers Havoc Command & Control: https://www.huntress.com/blog/fake-tech-support-havoc-command-control
    • Socket | StegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy Multi-Stage Credential Stealer: https://socket.dev/blog/stegabin-26-malicious-npm-packages-use-pastebin-steganography
    • ThreatLabz | APT37 Adds New Tools For Air-Gapped Networks: https://www.zscaler.com/blogs/security-research/apt37-adds-new-capabilities-air-gapped-networks?&web_view=true#technical-analysis


    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    48 分
  • S3 Ep59: Raiders of the Lost Macro

    S3 Ep59: Raiders of the Lost Macro
    2026/02/27
    Top Headlines:
    • Group-IB | Operation Olalampo: Inside MuddyWater’s Latest Campaign: https://www.group-ib.com/blog/muddywater-operation-olalampo/
    • Point Wild | Remcos Revisited: Inside the RAT’s Evolving Command-and-Control Techniques: https://www.pointwild.com/threat-intelligence/remcos-revisited-inside-the-rats-evolving-command-and-control-techniques/
    • Lab 52 | Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure: https://lab52.io/blog/operation-macromaze-new-apt28-campaign-using-basic-tooling-and-legit-infrastructure/
    • therecord.media | Researchers warn Volt Typhoon still embedded in US utilities and some breaches may never be found: https://therecord.media/researchers-warn-volt-typhoon-still-active-critical-infrastructure?&web_view=true


    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 2 分
  • S3 Ep58: Keep the Classics, Cue the Chaos

    S3 Ep58: Keep the Classics, Cue the Chaos
    2026/02/19
    Top Headlines:

    • The Hacker News | Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging: https://thehackernews.com/2026/02/microsoft-discloses-dns-based-clickfix.html?m=1
    • Straiker | SmartLoader Clones Oura Ring MCP to Deploy Supply Chain Attack: https://www.straiker.ai/blog/smartloader-clones-oura-ring-mcp-to-deploy-supply-chain-attack
    • InfoStealers | Hudson Rock Identifies Real-World Infostealer Infection Targeting OpenClaw Configurations: https://www.infostealers.com/article/hudson-rock-identifies-real-world-infostealer-infection-targeting-openclaw-configurations/
    • Forcepoint | ScreenConnect Under Attack: SmartScreen Evasion and RMM Abuse: https://www.forcepoint.com/blog/x-labs/screenconnect-attack


    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    46 分
  • S3 Ep57: If you speak it, they will come...

    S3 Ep57: If you speak it, they will come...
    2026/02/12

    *On-Demand - Threat Hunting Workshop: Hunting for Privilege Escalation - Level 2
    Watch Now: https://www.intel471.com/resources/webinars/threat-hunting-workshop-hunting-for-privilege-escalation-level-2

    ----------

    Top Headlines:

    • Socket | Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise: https://socket.dev/blog/malicious-dydx-packages-published-to-npm-and-pypi
    • Help Net Security | State-backed phishing attacks targeting military officials and journalists on Signal: https://www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/?web_view=true
    • Cisco Talos | Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework: https://blog.talosintelligence.com/knife-cutting
    • Huntress | They Got In Through SonicWall. Then They Tried to Kill Every Security Tool: https://www.huntress.com/blog/encase-byovd-edr-killer


    ----------

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    49 分