Automating the on-demand collection of memory dumps, process information, system files, and event logs for inclusion in threat hunting activities allows for a more comprehensive and proactive approach to adaptive threat hunting. In the WatchTower Threat Hunting blog series, we call out some adaptive threat hunting methodologies including Chained Detections, Multi-Directional Approach, and AI-Powered Hunts. […]

For the third year in a row, LABScon gathered world-class cyber researchers and threat investigators from 16 countries to share their bleeding-edge intelligence on some of the most pressing issues from across the threat landscape. From exploring the latest in techniques, exploits, and tooling to uncovering the tracks of today’s threat actors, we’re looking back

The Good | Feds Indict Russian Money Launderer & Sanction Two Illegal Virtual Exchanges Linked to Ransomware Operations The U.S. government doled out a heavy helping of sanctions this week in a coordinated effort against two illicit virtual currency exchanges and Sergey Sergeevich Ivanov, an alleged money launderer. From the Treasury’s Financial Crimes Enforcement Network

Get ready for LABScon 2024 – the premier, invite-only conference hosted by SentinelLabs for top minds from across the cybersecurity community. This year’s event takes place from September 18th to 21st with leading experts, threat investigators, academics, government partners, and journalists set to gather at the stunning Mountain Shadows Resort in Scottsdale, Arizona. LABScon returns

Monday September 17th saw Apple release the newest version of its Mac operating system, macOS 15 Sequoia, and SentinelOne was delighted to announce support for this version of macOS on the day of release. While the original announcement of Sequoia at WWDC 2024 focused heavily on a raft of “AI” features – largely absent so

The Good | Cybercrime Syndicate Members Arrested In Singapore & Dark Market Admins Indicted for Fraud Singaporean authorities conducted an island-wide raid on various suspects that were being monitored for their links to a global cybercrime syndicate. As a result of the operation, 160 officials from various law enforcement departments joined up to arrest five

It started out (apparently) as a ChatGPT project in April 2023 but has gone on to become arguably the most successful Malware-as-a-Service (MaaS) offering to date that specifically targets Mac users. Amos Atomic was once a single offering but has now become several, and researchers and defenders can take their pick trying to unravel the

A (Re)introduction to AI and IoT Intros may not be necessary—you’ve likely already met. Artificial intelligence (AI) and the Internet of Things (IoT) are increasingly infused into our lives. In fact, the better these technologies work together, the less likely we are to think about how they interact. When things work, they just work (thanks,

The Good | U.S. Officials Crackdown on Russian State-Backed Disinformation Campaigns Ahead of Presidential Elections Amid ongoing concerns about U.S. election interference, the DoJ seized 32 domains this week used by Russian-linked threat actor, Doppelgänger, to spread disinformation campaigns. The campaigns aimed to influence the upcoming U.S. elections and sway international support for Ukraine. Officials

The Good | Big Reward Offered for Angler Exploit Kit Hacker The U.S. Department of State is offering a reward of up to $2.5 million for information relating to the whereabouts of Volodymyr Kadariya, a Belarusian man alleged to be heavily involved in cybercrime. The 35-year old is wanted for his role in a number