Termite – D E C E I V E R . I O

Deceive, Detect, Engage

Hunt for Termite

The threat actor gains initial access, likely via phishing or exploitation, then moves laterally to encrypt files on the network.

Engage Report: Termite Ransomware

The Termite ransomware attempts to delete all Shadow Copies on the victim’s machine by executing the vssadmin.exe process with the necessary arguments. This is done to prevent the victim from recovering their system to a state before the files were encrypted.

Tag: Termite

Hunt for Termite

Engage Report: Termite Ransomware

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense