Skip to content
Stories
 2026-06-25 Indicators of Compromise and Threat Intelligence: A Practitioner Reference  2026-06-22 Weekly Threat Advisory: Cluster Analysis & Top IOCs, June 15 – 21, 2026  2026-06-19 The Complete AWS Threat Hunting Library: 27 Cloud Hunts, 7 Flagship Playbooks, and the Full Archive (2026)  2026-06-19 AWS Organizations Compromise: Hunting the Multi-Account Federation Attack  2026-06-19 Athena and S3 Data Lake Exfiltration: Hunting the SQL-Powered Data Heist  2026-06-19 EventBridge and SNS as Covert C2: Hunting Native AWS Messaging Abuse  2026-06-19 Hunting CI/CD Compromise in AWS: CodeBuild, CodePipeline, and the Buildspec Backdoor  2026-06-19 GuardDuty Evasion Hunt: 9 Techniques Adversaries Use to Stay Silent on AWS  2026-06-19 AWS KMS Ransomware Hunt: When Your Encryption Keys Become the Attacker’s Weapon  2026-06-19 CloudTrail Blind Spots: 12 Places AWS Doesn’t Log (And How to Hunt There Anyway)  2026-06-19 From SOC Analyst to Threat Hunter in 15 Months: The Complete 2026 Career Roadmap  2026-06-15 12 Must-Know AI Terms in 2026: The Complete Glossary for Builders, Defenders, and Learners  2026-06-15 Weekly Threat Advisory: Top Cyber Adversaries, June 8 – 14, 2026  2026-06-07 Weekly Threat Advisory: Top Cyber Adversaries, June 1 – 7, 2026  2026-06-06 The Threat Hunter’s Sigma Playbook: 7 Hunts Every Modern SOC Must Run  2026-06-03 A Practical Detection Engineering Framework Used by Modern SOCs  2026-06-03 What Cloud Logs You Actually Need for Threat Hunting (And Why Most Teams Fail)  2026-06-03 How to Measure Detection Quality: Metrics Every Detection Engineer Must Track  2026-06-01 Weekly Threat Advisory: Top Cyber Adversaries May 24 – 31, 2026  2026-05-25 Weekly Threat Advisory: Top Cyber Adversaries May 18 – 24, 2026  2026-05-18 Weekly Threat Advisory: Top Cyber Adversaries May 11 – 17, 2026  2026-05-16 Living-off-the-Cloud Attack-Chain Detection: CloudTrail and VPC Flow Fusion  2026-05-16 Insider Threat Detection from VPC Flow Logs (UEBA Without Endpoints)  2026-05-16 Kubernetes East-West Attack Hunting from VPC Flow Logs  2026-05-16 Tor and Anonymizer Egress Hunting on VPC Flow Logs  2026-05-16 Cloud Cryptojacking Detection at Scale: Mining-Pool Hunting on AWS  2026-05-16 TLS Fingerprinting (JA3, JA4, JARM) for Encrypted C2 Hunting  2026-05-16 DGA and DNS-Tunnel Hunting at Scale on VPC Flow Logs  2026-05-15 Lateral Movement Detection via Graph Analysis on VPC Flow Logs  2026-05-15 Detecting Low-and-Slow Data Exfiltration with Isolation Forest + LSTM  2026-05-15 Hunting Botnet Coordination and DDoS Staging with Clustering  2026-05-15 Living-off-the-Land Kill Chain Detection with Markov Chains  2026-05-13 Adaptive C2 Beacon Detection: FFT and DBSCAN on VPC Flow Logs  2026-05-11 Weekly Threat Advisory: Top Cyber Adversaries May 04 – 10, 2026  2026-05-09 AWS Bedrock Threat Hunting: A CloudTrail Log Analysis Playbook  2025-10-22 Weekly Threat Advisory: The Most Active Cyber Adversaries October 13 – October 19, 2025  2025-10-22 Weekly Threat Advisory: The Most Active Cyber Adversaries October 06 – October 12, 2025  2025-10-08 Weekly Threat Advisory: The Most Active Cyber Adversaries Sep 29 – Oct 05, 2025  2025-10-02 Weekly Threat Advisory: Top Cyber Threats from September 22 – September 28 2025  2025-09-23 Weekly Threat Advisory: Top Cyber Threats from September 15 – September 21 2025  2025-09-23 Weekly Threat Advisory: Top Cyber Threats from September 08 – September 14 2025  2025-09-09 Weekly Threat Advisory: Top Cyber Threats from September 01 – September 07 2025  2025-09-09 Weekly Threat Advisory: Top Cyber Threats from August 25- August 31 2025  2025-08-26 Weekly Threat Advisory: Top Cyber Threats from August 18- August 24, 2025  2025-08-18 Weekly Threat Advisory: Top Cyber Threats from August 11- August 17, 2025  2025-08-10 Weekly Threat Advisory: Top Cyber Threats from August 04- August 10, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from July 14- August 03, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 16- June 22, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 09 – June 15, 2025  2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 02 – June 08, 2025

Detect Diagnose Defeat Cyber Threat

Detect Diagnose Defeat Cyber Threat

  • Home
  • Threat Intelligence
    • Weekly Advisories
    • Adversary Profiles
    • MITRE Coverage
  • Threat Hunting
    • VPC Flow Log Hunting
    • Cloud Threat Hunting
    • Detection Engineering
  • Platform
    • Intelligence Overview
    • Platform Architecture
    • Threat Actors
    • C2 Operations
    • Knowledge Graph
  • Blog
    • Cyber Threat
    • Packet Forensics and Analytics
    • Threat Intelligence
    • Linux Forensics
    • General
    • Digital Forensics
    • Data Recovery
    • ProDiscover
×

Tag: ThreatFeeds

Weekly Threat Advisory
0 321
Posted in Threat Intelligence

Weekly Threat Advisory: Top Cyber Threats from July 14- August 03, 2025

Weekly Threat Advisory: Top Cyber Threats from July 14- August… read out Weekly Threat Advisory: Top Cyber Threats from July 14- August 03, 2025

Rohit Sadgune 5th August 2025 0 Comment
Weekly Threat Advisory
0 371
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025

Weekly Threat Advisory Top Cyber Threats from May 19 –… read out Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025

Rohit Sadgune 5th June 2025 0 Comment
Weekly Threat Advisory
0 472
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from May 12 – May 18, 2025

Weekly Threat Advisory Top Cyber Threats from May 12 –… read out Weekly Threat Advisory Top Cyber Threats from May 12 – May 18, 2025

Rohit Sadgune 21st May 2025 0 Comment
Weekly Threat Advisory
0 448
Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from April 20 – April 27, 2025

⚠ Weekly Threat Advisory: Top Cyber Threats from April 21… read out Weekly Threat Advisory Top Cyber Threats from April 20 – April 27, 2025

Rohit Sadgune 27th April 2025 0 Comment

Posts pagination

← Newer posts 1 2 3

Recent Posts

  • Indicators of Compromise and Threat Intelligence: A Practitioner Reference
  • Weekly Threat Advisory: Cluster Analysis & Top IOCs, June 15 – 21, 2026
  • The Complete AWS Threat Hunting Library: 27 Cloud Hunts, 7 Flagship Playbooks, and the Full Archive (2026)
  • AWS Organizations Compromise: Hunting the Multi-Account Federation Attack
  • Athena and S3 Data Lake Exfiltration: Hunting the SQL-Powered Data Heist
  • EventBridge and SNS as Covert C2: Hunting Native AWS Messaging Abuse
  • Hunting CI/CD Compromise in AWS: CodeBuild, CodePipeline, and the Buildspec Backdoor
  • GuardDuty Evasion Hunt: 9 Techniques Adversaries Use to Stay Silent on AWS
  • AWS KMS Ransomware Hunt: When Your Encryption Keys Become the Attacker’s Weapon
  • CloudTrail Blind Spots: 12 Places AWS Doesn’t Log (And How to Hunt There Anyway)

Hackforlab Category

SOCIAL HACKFORLAB

FaceBook Page

FaceBook Page

SIEM | UEBA




GridView List Posts Widget

Practitioner reference cover · Indicators of Compromise and Threat Intelligence · 6 framework cards: Pyramid of Pain, IOC Standards (STIX TAXII OpenIOC MISP), Pivoting Tradecraft (passive DNS WHOIS JARM JA4 cert), Diamond Model, TI Lifecycle + F3EAD, Detection Engineering (Sigma YARA ATT&CK Navigator SOAR) · framework chip strip: Pyramid of Pain · Diamond Model · Kill Chain · ATT&CK · STIX TAXII · Sigma YARA · F3EAD
3

Indicators of Compromise and Threat Intelligence: A Practitioner Reference

PRACTITIONER REFERENCE · THREAT INTELLIGENCE & DETECTION ENGINEERING · v2 A working analyst's reference. Twenty sections, sixteen frameworks — the...
HACKFORLAB Weekly Threat Advisory · June 15-21, 2026 · 55,480 indicator observations across 89 adversary clusters · radar showing intelligence graph with multi-pivot locked cluster · Rhysida-Interlock 219 IOCs, ClickFix 215 IOCs, JetBrains plugin supply chain attack, AI platform abuse, APT37 and UNC6508 active
9

Weekly Threat Advisory: Cluster Analysis & Top IOCs, June 15 – 21, 2026

WEEKLY THREAT ADVISORY · ADVISORY 026-25 · JUNE 15 – 21, 2026 The catalogue produced 55,480 indicator observations across 89...
The AWS Threat Hunting Library — 7 hunts every cloud SOC should run · HackForLab AWS Threat Hunting series hub
11

The Complete AWS Threat Hunting Library: 27 Cloud Hunts, 7 Flagship Playbooks, and the Full Archive (2026)

⚙ AWS THREAT HUNTING · CORNERSTONE LIBRARY · 2026 EDITION The Amazon Web Services attack surface is broader than most...
AWS Organizations Compromise — hunting the multi-account federation attack · HackForLab AWS Threat Hunting Part 7
10

AWS Organizations Compromise: Hunting the Multi-Account Federation Attack

AWS THREAT HUNTING · PART 07 OF 07 · 2026 An attacker who compromises the right role in your AWS...
Athena and S3 Data Lake Exfiltration — hunting the SQL-powered data heist · HackForLab AWS Threat Hunting Part 6
8

Athena and S3 Data Lake Exfiltration: Hunting the SQL-Powered Data Heist

AWS THREAT HUNTING · PART 06 OF 07 · 2026 If your most valuable data lives in S3 and your...

Cyber Threat Attacks / Hunting

HACKFORALB successfully completed threat hunting for following attack…

DNS Reconnaissance, Domain Generation Algorithm (DGA), Robotic Pattern Detection, DNS Shadowing , Fast Flux DNS , Beaconing , Phishing , APT , Lateral Movement , Browser Compromised , DNS Amplification , DNS Tunneling , Skeleton key Malware , Advance Persistent Threats, Low and Slow attacks , DoS, Watering Hole Attack Detection, Weh Shell , DNS Water Torch Attack , Intrusion Detection, Cookie visibility and theft, User login Session hijacking, Broken Trust, Pass the Hash, Session fixation, Honey Token account suspicious activities, Data Snooping / Data aggregation, Cross Channel Data Egress, Banking fraud detection, Chopper Web shell

Cyber Deception




  • Facebook
  • LinkedIN
  • Twitter
  • Google+

FOLLOW US

  • Facebook
  • LinkedIN
  • Twitter
  • Google+

CYBER THREAT CATEGORIES

  • Cyber Threat (55)
  • Data Recovery (3)
  • Digital Forensics (16)
  • General (14)
  • Linux Server Investigation (1)
  • Linux Training (1)
  • Packet Forensics and Analytics (8)
  • ProDiscover (4)
  • Threat Intelligence (34)

Top Cyber Security Articles

  • Network Threat Hunting with Outbound Traffic
    Network Threat Hunting with Outbound Traffic
  • Network Vulnerability and Attacks by Layer
    Network Vulnerability and Attacks by Layer
  • How to use ProDiscover
    How to use ProDiscover
  • Digital Forensic Checklist
    Digital Forensic Checklist
  • Types of System Software
    Types of System Software

Threat Hunting Scenarios




Copyright HACKFORLAB

Design by ThemesDNA.com