T1547 – D E C E I V E R . I O

Deceive, Detect, Engage

Threat Hunting Scenario: Lazarus Group’s Evolved Infection Chain

Lazarus group actors are actively targeting specific industries with tailored spearphishing attacks, utilizing trojanized remote access tools and a complex infection chain involving multiple malware stages and C2 communication for persistent access and data exfiltration.

Exploitation of Firefox and Windows zero-day vulnerabilities

The RomCom threat actors are actively exploiting Firefox and Windows zero-day vulnerabilities to compromise systems, escalate privileges, establish persistence, and exfiltrate sensitive data.

Tag: T1547

Threat Hunting Scenario: Lazarus Group’s Evolved Infection Chain

Exploitation of Firefox and Windows zero-day vulnerabilities

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense