On the latest episode of Hands-On Security podcast, I discuss methods to hunt for the next #SupplyChain attack with Amit Serper & Shahar Vaknin Listen now: fast.wistia.net/embed/channel/… #REvil #Ransomware #CyberSecurity

Thanks Dvir Sayag and Hunters for having me as a guest on your podcast! Was nice discussing supply chain attacks and ransomware with you! They even used my band's song (Benmozes - she's the wave) in the podcast itself! Give it a listen fast.wistia.net/embed/channel/…

There is an ongoing conversation about the #HiveNightmare vulnerability. As we are further investigating to find automatic mitigations, please follow the next steps to manually prevent possible privilege escalation with it. #CyberSecurity #SeriousSAM #vulnerability 1/2

We don’t know how it happened, but the “Hands-On Security” podcast is not just a podcast now, it’s also a video. A videocast, A podeo, a vidpod, a PODVID (what). In addition - it’s also on apple podcasts now! Follow ASAP as episode 5 is about to come out. podcasts.apple.com/il/podcast/hun…

Check out these three must-have investigation methods from our Research team to reduce false-positive alerts on the following surfaces: ☁️ Cloud (AWS) 📧 Email (Cyren) 👤 Identity (Okta) You can apply all of them to your SOC today! hunters.ai/blog/three-inv…

Excited to work with the Hunters team as they up level security analysts’ ability to see, understand and respond to security incidents!

Hunters' researchers Matthias Becache and Yaniv Assor share their insights on how to make the most out of your Firewall data when correlating it with EDR telemetry. hunters.ai/blog/firewall-…

Listen now to the latest "Hands-On Security" podcast! In this episode Brad Mecha Director of Managed Services at Recorded Future, and Guy Yasoor, Threat Researcher at Hunters joined host Dvir Sayag to discuss how to face Ransomware Attacks. fast.wistia.net/embed/channel/…

#Team_AXON_Tweets A few weeks ago, a #vulnerability was published that puts Cosmos DB users that use Jupyter notebook at risk. The vulnerability allows a user to gain access to another user’s resources by using the account’s primary read-write key. Recommendations below. 1/3

Eliav Levy, Senior Security Researcher at Hunters, will present a methodology for investigating AWS security incidents - CloudTrail Logging Internals - at the fwd:cloudsec 2021 conference. Tune in on Tuesday at 11:30 AM ET/8:30 AM PT for the live talk: hubs.ly/H0X4ZCr0

Hunters’ platform managed to automatically discover and create a story of an attack on one of our customers. The actor deployed web shells on two Exchange Servers that allowed them to gain access to the servers and move laterally in the network. 1/4

If you roll AWS IR and you haven't seen Eliav Levy's fwd:cloudsec talk, you really need to (youtu.be/ItAVjDV-k3o?t=…). In particular the IP spoofing technique using private VPCs is really nice for attackers (hunters.ai/blog/hunters-r…).

Excited to share the first part of my blog about how Exchange's Autodiscover causes a massive leak of domain credentials. In 4 months I gathered hundreds of thousands of domain credentials without sending a single packet. Read about all about it here guardicore.com/labs/autodisco…

Take a look at this blog that Meghana wrote about a great tool when working with Jupyter Notebook. meghana.blog/on-the-brillia…

I had the great pleasure to take part in Hunters' podcast hosted by Dvir Sayag. We discussed the vulnerability I found in Windows Hello, which I also presented it in the #BlackhatUSA 2021.

💀Ransomware attacks are not going away anytime soon. Read Dvir Sayag's latest blog post to get an overview of how you can best use Threat Intelligence to detect and stop ransomware attacks in your network. #CybersecurityAwarenessMonth hunters.ai/blog/facing-ra…

🚨 GIVEAWAY ALERT🚨 We're giving you the chance to win a brand new PC, a Secret Lab Titan G2 Chair, and a SIGNED JERSEY by the one and only CASEL! To enter: Follow Betway Esports and G2 Esports ❤️Like & 🔁RT Tag 3 friends! 18+ | Restricted to EU & NA (Excluding Spain)

Take a look at this example of an Attack Story that was automatically generated by Hunters XDR and how the different detected alerts and signals were connected. As you can see, the malicious activity was detected on several sources in the network. #cybersecurity #infosec 1/5

Get helpful detection methods to deal with Nobelium!

On the newest episode of the Hands-On Security podcast, Dvir Sayag hosts Daniel Margalit to introduce life in a SOC in 2021. Daniel was Elbit's SOC manager for four years and now he's working at CyberSIEM as their Head of MSSP. fast.wistia.net/embed/channel/…