Skip to content
Stories
 2026-06-03 A Practical Detection Engineering Framework Used by Modern SOCs  2026-06-03 What Cloud Logs You Actually Need for Threat Hunting (And Why Most Teams Fail)  2026-06-03 How to Measure Detection Quality: Metrics Every Detection Engineer Must Track  2026-06-01 Weekly Threat Advisory: Top Cyber Adversaries May 24 – 31, 2026  2026-05-25 Weekly Threat Advisory: Top Cyber Adversaries May 18 – 24, 2026  2026-05-18 Weekly Threat Advisory: Top Cyber Adversaries May 11 – 17, 2026  2026-05-16 Living-off-the-Cloud Attack-Chain Detection: CloudTrail and VPC Flow Fusion  2026-05-16 Insider Threat Detection from VPC Flow Logs (UEBA Without Endpoints)  2026-05-16 Kubernetes East-West Attack Hunting from VPC Flow Logs  2026-05-16 Tor and Anonymizer Egress Hunting on VPC Flow Logs  2026-05-16 Cloud Cryptojacking Detection at Scale: Mining-Pool Hunting on AWS  2026-05-16 TLS Fingerprinting (JA3, JA4, JARM) for Encrypted C2 Hunting  2026-05-16 DGA and DNS-Tunnel Hunting at Scale on VPC Flow Logs  2026-05-15 Lateral Movement Detection via Graph Analysis on VPC Flow Logs  2026-05-15 Detecting Low-and-Slow Data Exfiltration with Isolation Forest + LSTM  2026-05-15 Hunting Botnet Coordination and DDoS Staging with Clustering  2026-05-15 Living-off-the-Land Kill Chain Detection with Markov Chains  2026-05-13 Adaptive C2 Beacon Detection: FFT and DBSCAN on VPC Flow Logs  2026-05-11 Weekly Threat Advisory: Top Cyber Adversaries May 04 – 10, 2026  2026-05-09 AWS Bedrock Threat Hunting: A CloudTrail Log Analysis Playbook  2025-10-22 Weekly Threat Advisory: The Most Active Cyber Adversaries October 13 – October 19, 2025  2025-10-22 Weekly Threat Advisory: The Most Active Cyber Adversaries October 06 – October 12, 2025  2025-10-08 Weekly Threat Advisory: The Most Active Cyber Adversaries Sep 29 – Oct 05, 2025  2025-10-02 Weekly Threat Advisory: Top Cyber Threats from September 22 – September 28 2025  2025-09-23 Weekly Threat Advisory: Top Cyber Threats from September 15 – September 21 2025  2025-09-23 Weekly Threat Advisory: Top Cyber Threats from September 08 – September 14 2025  2025-09-09 Weekly Threat Advisory: Top Cyber Threats from September 01 – September 07 2025  2025-09-09 Weekly Threat Advisory: Top Cyber Threats from August 25- August 31 2025  2025-08-26 Weekly Threat Advisory: Top Cyber Threats from August 18- August 24, 2025  2025-08-18 Weekly Threat Advisory: Top Cyber Threats from August 11- August 17, 2025  2025-08-10 Weekly Threat Advisory: Top Cyber Threats from August 04- August 10, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from July 14- August 03, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 16- June 22, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 09 – June 15, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 02 – June 08, 2025  2025-07-14 AWS Cloud Attack Summary  2025-06-17 Attack Hunting Using AWS VPC Flow Logs  2025-06-05 Weekly Threat Advisory: Top Cyber Threats from May 26 – June 01, 2025  2025-06-05 Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025  2025-05-21 Weekly Threat Advisory Top Cyber Threats from May 12 – May 18, 2025  2025-05-12 Weekly Threat Advisory Top Cyber Threats from May 4 – May 11, 2025  2025-04-27 Weekly Threat Advisory Top Cyber Threats from April 20 – April 27, 2025  2025-04-20 Weekly Threat Advisory Top Cyber Threats from April 14 – April 20, 2025  2025-04-14 Weekly Threat Advisory Top Cyber Threats from April 07 – April 13, 2025  2025-04-12 Hunting AWS Identity Attacks  2025-04-07 Weekly Threat Advisory Top Cyber Threats from March 30 – April 6 2025  2025-03-30 Weekly Threat Advisory Top Cyber Threats from March 24 – March 30 2025  2025-03-23 Weekly Threat Advisory Top Cyber Threats from March 17 – March 23 2025  2025-03-16 Weekly Threat Advisory Top Cyber Threats from March 10 – March 16 2025  2025-03-09 Weekly Threat Advisory Top Cyber Threats from March 3 – March 9 2025

Detect Diagnose Defeat Cyber Threat

Detect Diagnose Defeat Cyber Threat

  • Home
  • Threat Intelligence
    • Weekly Advisories
    • Adversary Profiles
    • MITRE Coverage
  • Threat Hunting
    • VPC Flow Log Hunting
    • Cloud Threat Hunting
    • Detection Engineering
  • Platform
    • Intelligence Overview
    • Platform Architecture
    • Threat Actors
    • C2 Operations
    • Knowledge Graph
  • Blog
    • Cyber Threat
    • Packet Forensics and Analytics
    • Threat Intelligence
    • Linux Forensics
    • General
    • Digital Forensics
    • Data Recovery
    • ProDiscover
×

Tag: cve

Weekly Threat Advisory
1 514
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from March 30 – April 6 2025

⚠ Weekly Threat Advisory: Top Cyber Threats from March 30… read out Weekly Threat Advisory Top Cyber Threats from March 30 – April 6 2025

Rohit Sadgune 7th April 2025 0 Comment
Weekly Threat Advisory
0 358
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from March 24 – March 30 2025

⚠ Weekly Threat Advisory: Top Cyber Threats from March 24… read out Weekly Threat Advisory Top Cyber Threats from March 24 – March 30 2025

Rohit Sadgune 30th March 2025 0 Comment
Weekly Threat Advisory
0 490
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from March 17 – March 23 2025

⚠ Weekly Threat Advisory: Top Cyber Threats from March 17… read out Weekly Threat Advisory Top Cyber Threats from March 17 – March 23 2025

Rohit Sadgune 23rd March 2025 0 Comment
Weekly Threat Advisory
0 390
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from March 10 – March 16 2025

⚠ Weekly Threat Advisory: Top Cyber Threats from March 10… read out Weekly Threat Advisory Top Cyber Threats from March 10 – March 16 2025

Rohit Sadgune 16th March 2025 0 Comment

Posts pagination

← Newer posts 1 … 3 4 5

Recent Posts

  • A Practical Detection Engineering Framework Used by Modern SOCs
  • What Cloud Logs You Actually Need for Threat Hunting (And Why Most Teams Fail)
  • How to Measure Detection Quality: Metrics Every Detection Engineer Must Track
  • Weekly Threat Advisory: Top Cyber Adversaries May 24 – 31, 2026
  • Weekly Threat Advisory: Top Cyber Adversaries May 18 – 24, 2026
  • Weekly Threat Advisory: Top Cyber Adversaries May 11 – 17, 2026
  • Living-off-the-Cloud Attack-Chain Detection: CloudTrail and VPC Flow Fusion
  • Insider Threat Detection from VPC Flow Logs (UEBA Without Endpoints)
  • Kubernetes East-West Attack Hunting from VPC Flow Logs
  • Tor and Anonymizer Egress Hunting on VPC Flow Logs

Hackforlab Category

SOCIAL HACKFORLAB

FaceBook Page

FaceBook Page

SIEM | UEBA




GridView List Posts Widget

A Practical Detection Engineering Framework — 5-stage lifecycle from hypothesis to shipped rule used by modern SOCs · Hypothesis · Data · Logic · Validation · Metrics
4

A Practical Detection Engineering Framework Used by Modern SOCs

DETECTION ENGINEERING · CORNERSTONE GUIDE The difference between an alert farm and a detection engineering practice is not better tooling...
What Cloud Logs You Actually Need to Hunt — log dependency map across AWS, Azure, and GCP for threat hunting · VPC Flow · CloudTrail · K8s Audit · coverage · blind spots
4

What Cloud Logs You Actually Need for Threat Hunting (And Why Most Teams Fail)

On this page Why Most Teams Fail The Log Dependency Map AWS / Azure / GCP Coverage Matrix When Logs...
How to Measure Detection Quality — precision, recall, MTTD, FP rate, SLO — metrics every detection engineer must track
3

How to Measure Detection Quality: Metrics Every Detection Engineer Must Track

Detection Engineering  ·  Operator Playbook If your detection portfolio is a black box, every conversation about coverage, hiring, tooling and...
Weekly Threat Advisory cover · Top Cyber Adversaries May 24 – 31, 2026 · 1.35M observations · 87 adversary clusters · CobaltStrike · Cloud Atlas · DPRK · Kimsuky · Void Dokkaebi · AdaptixC2 · VShell
10

Weekly Threat Advisory: Top Cyber Adversaries May 24 – 31, 2026

⚠ Weekly Threat Advisory — May 24 – 31, 2026 What this advisory covers — read this first This advisory...
Weekly Threat Advisory cover for May 18-24 2026
15

Weekly Threat Advisory: Top Cyber Adversaries May 18 – 24, 2026

⚠ Weekly Threat Advisory — New Adversaries, Fresh Tradecraft, 18 – 24 May 2026 What This Advisory Covers — Read...

Cyber Threat Attacks / Hunting

HACKFORALB successfully completed threat hunting for following attack…

DNS Reconnaissance, Domain Generation Algorithm (DGA), Robotic Pattern Detection, DNS Shadowing , Fast Flux DNS , Beaconing , Phishing , APT , Lateral Movement , Browser Compromised , DNS Amplification , DNS Tunneling , Skeleton key Malware , Advance Persistent Threats, Low and Slow attacks , DoS, Watering Hole Attack Detection, Weh Shell , DNS Water Torch Attack , Intrusion Detection, Cookie visibility and theft, User login Session hijacking, Broken Trust, Pass the Hash, Session fixation, Honey Token account suspicious activities, Data Snooping / Data aggregation, Cross Channel Data Egress, Banking fraud detection, Chopper Web shell

Cyber Deception




  • Facebook
  • LinkedIN
  • Twitter
  • Google+

FOLLOW US

  • Facebook
  • LinkedIN
  • Twitter
  • Google+

CYBER THREAT CATEGORIES

  • Cyber Threat (46)
  • Data Recovery (3)
  • Digital Forensics (16)
  • General (11)
  • Linux Server Investigation (1)
  • Linux Training (1)
  • Packet Forensics and Analytics (8)
  • ProDiscover (4)
  • Threat Intelligence (31)

Top Cyber Security Articles

  • Network Threat Hunting with Outbound Traffic
    Network Threat Hunting with Outbound Traffic
  • Network Vulnerability and Attacks by Layer
    Network Vulnerability and Attacks by Layer
  • How to use ProDiscover
    How to use ProDiscover
  • Digital Forensic Checklist
    Digital Forensic Checklist
  • Types of System Software
    Types of System Software

Threat Hunting Scenarios




Copyright HACKFORLAB

Design by ThemesDNA.com