Starlink down. Anybody will to do the math of the economic impact by the minute? No online shopping/ consuming for millions.

Download the query: github.com/axon-git/rapid-re…

In #ADFS, attackers can manipulate the service process Microsoft.IdentityServer.ServiceHost.exe to execute payloads for persistence activity. A possible #threathunting thesis is to detect anomaly child process execution under the AD FS service host process.

⚡️ Supercharge your ability to discover whether an Indicator of Compromise is present in your network. Join Erik Goldman on February 14th to learn how Hunters’ new IOC Search is setting a new standard for investigation tools. linkedin.com/video/event/urn…

Hunting and detecting malicious #OneNote notebook executions! Detecting direct child process execution of abused binaries under the OneNote host process (onenote.exe) can cause FPs due to control policies that involve running existing scripts from disk or public shares.

We couldn't be prouder of our @ybardayan!

We are happy to share the Hunters is now officially a @CrowdStrike store partner! Go on and check it out. #RSAC #hreathunting #xdr

Update: @CrowdStrike emphasizes #MSSP relationships. Unveils developer portal and store offerings. @SafeguardCyber & @hunters_ai engage. #Cybersecurity #RSAC #RSAC20 #RSAC2020 ow.ly/KI3w30qkD6z