Threat Hunting

2 posts

Active Node.js Malware Campaign Targeting Manual Reader Applications
Oct 21, 2025 2 min read Intermediate
Threat Hunting Incident Response Malware Node.js EDR
We’re seeing a significant uptick in a malware campaign that’s affecting multiple customers. This one’s worth knowing about if you’re in a SOC or working with EDR platforms. …
Read More
Building Effective Threat Hunting Queries
Oct 20, 2025 2 min read Intermediate
Threat Hunting SIEM Queries Splunk Sentinel KQL
Effective threat hunting queries help you find what automated detections miss. Here’s my approach to building them. Start with a Hypothesis Before writing a query, form a hypothesis about …
Read More