Threat Research

Threat Detection

Threat Research

Loginsoft’s System-41 offers advanced threat analytics to detect potential cyber threats. By adopting a threat-informed approach and encompassing the entire cyber operations process, from threat intelligence to threat detection, System-41 ensures that your team has access to the most up-to-date, expertly-crafted hunting content and tools to streamline and optimize the hunting process. With System-41, you can improve team efficiency, enhance threat detection capabilities, and protect your organization against the ever-evolving landscape of cybersecurity threats.

The world of cybersecurity is constantly evolving, with new threats emerging every day. One of the latest threats to emerge is the use of CVE-2023-27350 by…

IcedID, the notorious malware, is actively involved in several delivery campaigns, demonstrating versatility and adaptability. The latest IcedID variants indicate the malware’s continuous evolution, and…

Initially, Qakbot spreads using malicious email attachments, drive-by-download attacks, or other forms of social engineering. The recent variants of…

OneNote has been highly cherished by Threat Actors (TAs) in recent months. Unfortunately, many malware…

Aurora Stealer a non-friendly program in your neighborhood developed in Go-lang. The malware was developed for threat actors to steal victims’ sensitive data..

Incident Response is the action that you take to restore the ability to deliver organization business service. It is also known as IT incident, computer incident, or security incident. The main objective..

GitHub Repositories

zeek-scripts
zeek scripts for CVE detection and Threat Hunt
oval4malw
Using OVAL for Malware Detection
detection-rules
Threat Detection & Anomaly Detection rules for popular open-source components
OVAL-Repository
Loginsoft OVAL repository for the security content
  • Honeypots and reports abusive IP Addresses engaged
    Use our API to monitor various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor relevant log events to generate detection rules specific to a malware family or a threat actor.
  • Loginsoft-OSINT Transforms for Maltego
    Use our API to monitor various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor relevant log events to generate detection rules specific to a malware family or a threat actor.
  • Hunt for Malicious Documents targeting Microsoft
    Use our API to monitor various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor relevant log events to generate detection rules specific to a malware family or a threat actor. Use our API to monitor various adversaries […]
  • SOC analyst and first incident responder
    Use our API to monitor various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor relevant log events to generate detection rules specific to a malware family or a threat actor.
  • Use our API to monitor various
    Use our API to monitor various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor relevant log events to generate detection rules specific to a malware family or a threat actor. Use our API to monitor various adversaries […]
  • What’s New at Loginsoft Research
    Use our API to monitor various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor relevant log events to generate detection rules specific to a malware family or a threat actor.