In July 2025 threat actors exploited zero-day vulnerabilities in on-premises Microsoft SharePoint servers in an incident known as ToolShell. In this case study, we conduct a threat hunt for ToolShell-related activity.
Guided Threat Hunts offers a library of Pivot Queries for hundreds of hunt packages that enable your threat hunters and analysts to overcome uncertainty and boost productivity. Guided Threat Hunts is a set of packages that assists users modify their result set to decide their next step and filter out noise from extraneous results.
The Lumma infostealer malware collects highly sensitive data including logins and session tokens. Here's how to conduct a threat hunt leveraging up-to-date tactics, techniques and procedures used by Lumma.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.