Security news aggregator

Latest coverage for Threat Hunting

Threat hunting searches for hidden attacker activity that evades alerts, helping limit dwell time and damage through evidence-led detection.

45 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat hunting is the proactive search for signs of compromise that automated alerts, signatures, or routine monitoring may miss. Analysts form hypotheses from threat intelligence and observed attacker tactics, techniques, and procedures, then examine endpoint, identity, network, cloud, and application telemetry for unusual behavior. The work may uncover unauthorized persistence, credential use, or lateral movement before an attacker’s objective is reached.

In a threat model, hunting addresses adversaries who already have—or may have obtained—an initial foothold and are deliberately avoiding detection. Its value depends on usable, time-synchronized logs, adequate visibility, and disciplined investigation rather than isolated anomalies. Effective practice prioritizes high-risk assets and attack paths, tests hypotheses against historical data, turns validated findings into detections, and preserves evidence for containment and scoping. Access to detailed user and system data should also be limited and governed because hunting can expose sensitive information.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 45
Bank Info Security 1 month, 3 weeks ago

OMB Scraps Biden-Era Cyber Logging Rules

New Memo Replaces SolarWinds-Era Rules With Risk-Based ModelThe White House issued a new memo replacing SolarWinds-era logging mandates with a narrower framework focused on risk, threat hunting and forensic readiness as agencies confront faster artificial intelligence-enabled intrusions across federal networks.

Driftnet Acquisition Adds Real-Time Visibility Into Exposed Assets and AI RisksSecurityScorecard acquired internet reconnaissance startup Driftnet to expand real-time visibility into hidden infrastructure, exposed assets and AI-driven third-party risks while strengthening threat hunting, attribution and internet-scale intelligence capabilities.

AI helped send weekly threat signal count from 80 million to 400 billion, then helped response time shrink from two days to 30 minutes Australia’s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop tools that can cope with emerging AI-powered threats, according to General Manager of Cyber Defence Operations Andrew Pade.…

My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now? My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (

Bank Info Security 5 months, 3 weeks ago

Congress Proposes Steep Cuts to CISA

Nearly $270M Cut From CISA Despite Mounting Foreign CyberthreatsCongress is proposing cuts of nearly $270 million from the Cybersecurity and Infrastructure Security Agency's budget for fiscal year 2026, reducing funding for threat hunting and vulnerability management as officials warn foreign adversaries are escalating cyber operations targeting U.S. systems.

Trend Micro Research, News and Perspectives 7 months, 1 week ago

AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows

In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis.

Bank Info Security 9 months, 4 weeks ago

Vega Secures $65M to Scale SecOps, Take On Traditional SIEMs

Funding Supports Threat Hunting, Natural Language to Replace Legacy DetectionVega aims to replace patchwork AI integrations with an analytics layer that enables real-time, natural language detection across distributed data. Backed by Accel, the company will double headcount, improve detection tuning and reduce false positives without a SIEM rip-and-replace required.

Invest in Preparation and Training During the Calmer Times Between AttacksCyberattacks may make headlines, but the daily discipline of security - patching routines, threat hunting, tabletop exercises and user education campaigns - is where resilience is forged. These tasks might not feel heroic, but they build technical and human infrastructure to handle the next crisis.

Invest in Preparation and Training During the Calmer Times Between AttacksCyberattacks may make headlines, but the daily discipline of security - patching routines, threat hunting, tabletop exercises and user education campaigns - is where resilience is forged. These tasks might not feel heroic, but they build technical and human infrastructure to handle the next crisis.

Loading more headlines...