Resources

Blog

April 13, 2026
Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria

A phishing email landed in an employee's inbox. SPF passed. DKIM passed. DMARC passed. Spam score: 0.085/1.0. What started as a routine triage turned into a multi-day offensive hunt.

threat intelligenceOSINTphishingAiTMPhaaSincident response
Read more
March 1, 2026
Bybit Hack Considerations

Analysis of the cryptocurrency exchange breach, highlighting supply chain security and browser-based attack vulnerabilities.

threat intelligencesupply chainincident analysis
Read more
February 18, 2026
APT38's New Game: Targeting Devs with Fake Coding Challenges

North Korean threat actors are leveraging GitHub to target software developers through fake job opportunities and technical interviews.

threat intelligenceAPTsupply chain
Read more
February 5, 2026
Conversion from Sigma Community to KQL That Works

Our functional Sigma-to-KQL conversion utility compatible with the Sigma Community repository.

detection engineeringtoolingopen source
Read more
January 25, 2026
Managing Threat Hunting Content via APIs in Microsoft Sentinel

API tools designed to streamline content management for threat hunting operations within Microsoft Sentinel.

detection engineeringMicrosoft Sentineltooling
Read more