Lucene search
K

293 matches found

Talos Blog
Talos Blog
added 2026/06/04 12:5 p.m.11 views

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting

By Ron Scott-Adams Most security tools operate on a simple principle: If a known-bad pattern appears, fire an alert. This works well enough for many threats, but it fails against adversaries who closely study detection thresholds and deliberately stay under them. Cisco Talos Threat Hunting operat...

5.7AI score
Exploits0
Talos Blog
Talos Blog
added 2026/05/27 10:0 a.m.10 views

Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake

Security teams need high-quality, labeled datasets to train threat hunters and incident responders, validate detection logic, and develop robust analytic models. EvidenceForge helps teams overcome the limitations of anonymized or stale public datasets, while avoiding the cost and complexity of...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/21 12:0 a.m.31 views

Cyber Defense Benchmark: Agentic Threat Hunting Evaluation for LLMs in SecOps

We introduce the Cyber Defense Benchmark, a benchmark for measuring how well large language model LLM agents perform the core SOC analyst task of threat hunting: given a database of raw Windows event logs with no guided questions or hints, identify the exact timestamps of malicious events. The...

5.8AI score
Exploits0
Talos Blog
Talos Blog
added 2026/04/09 6:0 p.m.10 views

The threat hunter’s gambit

Welcome to this week's edition of the Threat Source newsletter. " Study hard what interests you the most in the most undisciplined, irreverent and original manner possible." ― Richard Feynman " I had discovered that learning something, no matter how complex, wasn't hard when I had a reason to wan...

9.9CVSS7.9AI score0.88115EPSS
Exploits11
hivepro
hivepro
added 2026/04/09 3:40 a.m.3 views

What Is Threat Hunting? A Complete Guide for Security Teams

What Is Threat Hunting? A Complete Guide for Security Teams Security tools catch a lot. They do not catch everything. Automated detection systems rely on known signatures, predefined rules, and behavioral baselines. Sophisticated adversaries know this and design their operations to slip through t...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

Hayabusa 跨站脚本漏洞

Hayabusa is an open-source Windows event log forensic and threat hunting tool developed by Yamato Security. Versions prior to Hayabusa 3.8.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML report outputs that had the same cross-site scripting vulnerabilities,...

5.4CVSS5.9AI score0.002EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/03/25 12:0 a.m.8 views

Policy-Guided Threat Hunting: An LLM Enabled Framework with Splunk SOC Triage

With frequently evolving Advanced Persistent Threats APTs in cyberspace, traditional security solutions approaches have become inadequate for threat hunting for organizations. Moreover, SOC Security Operation Centers analysts are often overwhelmed and struggle to analyze the huge volume of logs...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/17 11:30 a.m.7 views

My Day Getting My Hands Dirty with an NDR System

My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response NDR system. My goal was to understand how NDR is used in hunting and incident response, and how it fits into the daily workflow of a Securi...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.12 views

A Unified Evaluation of Learning-Based Similarity Techniques for Malware Detection

Cryptographic digests e.g., MD5, SHA-256 are designed to provide exact identity. Any single-bit change in the input produces a completely different hash, which is ideal for integrity verification but limits their usefulness in many real-world tasks like threat hunting, malware analysis and digita...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.6 views

Towards a Cognitive-Support Tool for Threat Hunters

Cybersecurity increasingly relies on threat hunters to proactively identify adversarial activity, yet the cognitive work underlying threat hunting remains underexplored or insufficiently supported by existing tools. Building on prior studies that examined how threat hunters construct and share...

5.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/01/20 4:0 p.m.10 views

Cybersecurity Predictions for 2026 Signal the Maturation of Risk-First Security Models

Key Takeaways Cyber risk management gets operationalized in 2026. Leading organizations move beyond visibility and frameworks to govern risk through prioritization, simulation, and deliberate action. Attack-path modeling matures into execution. Static views give way to dynamic, decision-driving...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/07 12:0 a.m.16 views

A Survey of Agentic AI and Cybersecurity: Challenges, Opportunities and Use-Case Prototypes

Agentic AI marks an important transition from single-step generative models to systems capable of reasoning, planning, acting, and adapting over long-lasting tasks. By integrating memory, tool use, and iterative decision cycles, these systems enable continuous, autonomous workflows in real-world...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2025/12/17 11:0 a.m.5 views

Lexi DiScola’s guide to global teamwork and overflowing TBRs

Welcome back to Humans of Talos. This month, Amy chats with Senior Cyber Threat Analyst Lexi DiScola from the Strategic Analysis team. Lexi's journey into cybersecurity is anything but traditional -- she brings a background in political science and French to her work tracking global cyber threats...

6.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/12/08 12:0 a.m.25 views

AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows

In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/11/04 5:0 p.m.7 views

​​Learn what generative AI can do for your security operations center

The busier security teams get, the harder it can be to understand the full impact of false positives, queue clutter, tool fragmentation, and more. But what is clear—it all adds up to increased fatigue and an increased potential to miss the cyberthreats that matter most. To help security teams...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/11/04 5:0 p.m.7 views

​​Learn what generative AI can do for your security operations center

The busier security teams get, the harder it can be to understand the full impact of false positives, queue clutter, tool fragmentation, and more. But what is clear—it all adds up to increased fatigue and an increased potential to miss the cyberthreats that matter most. To help security teams...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/29 12:0 a.m.3 views

APThreatHunter: An Automated Planning-Based Threat Hunting Framework

Cyber attacks threaten economic interests, critical infrastructure, and public health and safety. To counter this, entities adopt cyber threat hunting, a proactive approach that involves formulating hypotheses and searching for attack patterns within organisational networks. Automating cyber thre...

6.8AI score
Exploits0
hivepro
hivepro
added 2025/10/15 8:39 p.m.15 views

6 Essential AI Cybersecurity Tools for Your Stack

Is your security team spending more time chasing low-level alerts than hunting for genuine threats? It’s a common problem that leads to burnout and allows critical risks to slip through the cracks. The most significant advantage of AI cybersecurity tools is their ability to restore focus. By...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/14 11:55 a.m.3 views

Moving Beyond Awareness: How Threat Hunting Builds Readiness

Every October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone. Make ...

6.7AI score
Exploits0
hivepro
hivepro
added 2025/10/13 4:17 p.m.6 views

Beyond CVSS: Critical CVE Vulnerabilities Analysis

Attackers don't care about your CVSS scores. They care about finding a path into your network. That path might not be a single, glaring "critical" vulnerability. Often, it’s a chain of lower-severity weaknesses on overlooked assets that, when combined, give them the keys to the kingdom. This is w...

7.1AI score
Exploits0
Rows per page
Query Builder