Lee Archinal

Happy Skenes Day! REPOST THIS for a chance to win this autographed baseball by Paul Skenes. Presented by @sheetz

Super fun working on this lab with the @XintraOrg gang!! Enjoy and let us know your feedback! #ScatteredSpider #MuddledLibra #UNC3944

REPOST THIS for a chance to win a @NewEraCap Players' Weekend 59FIFTY Cap!

How do #malware behaviors inform hunt strategy? Find out July 31 in Intel 471’s live, hands-on workshop. Real telemetry, real IOAs, guided by our #threatintel and #threathunting teams. Sign up: hubs.la/Q03w49-h0 #cybersecurity #CTI

Intel 471: This post will examine one of the top pro-Russian hacktivist groups, new ones that have entered the scene and the impact of these groups. intel471.com/blog/pro-russi… @Intel471Inc

🚨 New Threat Actor Profile by @intel_anastasia From the shadows of Conti, Black Basta emerged as one of the most prolific ransomware gangs in recent years—until a massive internal leak exposed everything. 🔍 In our latest profile, we trace the group’s Conti lineage, breakdown their TTPs, and analyze the leaked chats that ultimately led to their demise. 💥 578 victims. Triple extortion tactics. Political undertones. Was it just about money, or something more? Swipe through the key takeaways, then dive into the full report. 👉 analyst1.com/threat-actors/… #ThreatIntel #Cybercrime #BlackBasta #Ransomware #A1ThreatProfiles #CyberSecurity #Analyst1

🌟New report out today!🌟 Hide Your RDP: Password Spray Leads to RansomHub Deployment Analysis and reporting completed by @tas_kmanager, @iiamaleks and UC2 🔊Audio: Available on Spotify, Apple, YouTube and more! thedfirreport.com/2025/06/30/hid…

Check out this opportunity to work with an awesome team! #ThreatHunting #ThreatIntel

CTI teams are under pressure to mature fast. In this #SANS webcast, Intel 471’s Ashley Jess shares insights on integrating #geopolitics and measuring CTI value using frameworks like CTI-CMM & CU-GIRH. Watch the full discussion: hubs.la/Q03tbg-t0 #CTI #cybersecurity

🚨Kroger cybersecurity is hiring! Check out the postings here: linkedin.com/posts/activity… #cyberjobs #hiring

Join Intel 471's Level 2 Threat Hunting Workshop on Execution tomorrow, May 14 from 12 - 1 PM EDT. Investigate PowerShell abuse, LOLBins, macro payloads, and more using real-world data. Finish the challenge, earn your #threathunting badge. Register now: hubs.la/Q03m5Z1H0

📉DFIR Labs Weekend Discount📉 Use this discount code to receive 10% off all DFIR Labs cases! Discount expires May 5th 04:00 UTC ⏲️Buy now, use anytime over the next 3 months. ➡️Discount code: WeekendDiscount20250502 Access DFIR Labs: store.thedfirreport.com/collections/df…

🌟New report out today!🌟 Navigating Through The Fog Analysis and reporting completed by @angelo_violetti, and reviewed by @svch0st. Audio: Available on Spotify, Apple, YouTube and more! thedfirreport.com/2025/04/28/nav…

this continues to be the most simple yet diabolical defense evasion.

“For this case we observed TXT records being utilized for C2 communication rather than MX records. This can be identified by the "type: 16" in the Sysmon logs seen above. Below is a sample list that, while not exhaustive, provides a clear example of the traffic patterns:” 1/2

#Cybersecurity truly is a collaborative endeavor. We asked Steve Orrin from @intel to share his insights on how the government and commercial sides can work together to stay ahead of #CYBER threats. #informationsecurity

🚨 VanHelsing Ransomware hit 3 victims within weeks of launch. Cross-platform, $500K ransoms, and growing fast. Intel 471 is tracking it, read the full report: hubs.la/Q03fwSjX0 #vanhelsing #ransomware #emergingthreats #threathunting #cybersecurity

Happy Monday everyone! Here is your #readoftheday! Source: @cyfirma cyfirma.com/research/apt-p… A nice collection of #TTPs and #behaviors associated with #VoltTyphoon! Enjoy and #HappyHunting @Intel471Inc @CyborgSecInc #ThreatIntel #ThreatHunting

LockBit 4.0 enhances its stealth with PowerShell abuse, security feature bypasses, and obfuscated exfiltration. Intel 471 tracks its evolving tactics, read the full report here: hubs.la/Q03bP3sK0 #emergingthreat #lockbit #threathunting #threatintel

Threat hunting is about focus. Knowing where to spend your time is what sets tactical hunters apart. Join Out of the Woods live tomorrow for an interactive discussion on what drives real results. Our hosts will be engaging in real time on Discord. 🔗 hubs.la/Q03bpV4F0