Pulsedive Blog

Collection through Correlation: Operationalizing IP and Domain Indicators of Compromise

threat intelligence

Collection through Correlation: Operationalizing IP and Domain Indicators of Compromise

IP addresses and domains aren’t just for blocklists; when analyzed with the right tools, they can be operationalized to enrich alerts, support threat hunting, and uncover risk.

Albabat 2.0.0 Decoded: A Config-Driven Design

threat intelligence

Albabat 2.0.0 Decoded: A Config-Driven Design

This blog analyzes Albabat ransomware, exploring its config file, executed ransomware commands, and ransom note.

Rilide - An Information Stealing Browser Extension

Rilide - An Information Stealing Browser Extension

Learn about the information stealing browser extension Rilide, its delivery methods, and intrusion chain.

Work With Us: Technical Writer

Work With Us: Technical Writer

Pulsedive is looking for a technical writer on a contract basis to create clear, concise, and user-friendly content.

Compromised Browser Extensions - A Growing Threat Vector

threat intelligence

Compromised Browser Extensions - A Growing Threat Vector

Learn how threat actors leverage browser extensions as an attack vector, including examples for Cyberhaven and GraphQL Network Inspector.

Assemblyline 101 - Open Source Malware Triage

threat intelligence Featured

Assemblyline 101 - Open Source Malware Triage

Learn how to install and use Assemblyline, the open-source malware triage tool. This 101 includes an overview, deployment walkthrough, example use case, and resources.

2024 In Review

A rewind of the year across the threat landscape and at Pulsedive.

Black Friday 2024

Black Friday 2024

This Black Friday, get 30% off Pulsedive Pro to boost your threat intelligence research and analysis flows.

Leveraging Threat Intelligence in Security Operations

threat intelligence

Leveraging Threat Intelligence in Security Operations

Explore the essential role of Cyber Threat Intelligence (CTI) in understanding and mitigating cybersecurity threats - detailing its types, processes, and effective implementation in enhancing security operations and incident response.

Cronus: Ransomware Threatening Bodily Harm

threat intelligence

Cronus: Ransomware Threatening Bodily Harm

This technical research analyzes Cronus Ransomware. We examine how the ransomware encrypts files, establishes persistence, and deviates from other ransom notes.

CrowdStrike BSOD Outage: What We Know

threat intelligence

CrowdStrike BSOD Outage: What We Know

What we know about the CrowdStrike BSOD outage.

Phishing Kits 101 & V3B Phishing Kit

threat intelligence

Phishing Kits 101 & V3B Phishing Kit

Phishing kits are "as-a-service" tools that help threat actors rapidly deploy phishing pages and campaigns. This blog examines key components, how they work, helpful resources, and a dive into the V3B phishing kit.

Sharing, Compared Part 4: Where Do We Go From Here?

threat intelligence

Sharing, Compared Part 4: Where Do We Go From Here?

Quantitative and qualitative insights inform our roadmap and best practices to achieve success in CTI networking.

Latrodectus Loader

Latrodectus Loader

This research examines the distribution mechanisms, C2 traffic patterns, and functionality of Latrodectus loader.

Update: Pulsedive Add-On

Update: Pulsedive Add-On

Pulsedive's latest V3 update to our Chrome, Firefox, and Edge add-on include new features and improved user experience.

Sharing, Compared. Part 3: How Can We Improve?

threat intelligence

Sharing, Compared Part 3: How Can We Improve?

In part 3, we examine the challenges, organizational context, and issues with methods used for cyber threat intelligence sharing.

Sharing, Compared Part 2: Where Do We Share?

threat intelligence

Sharing, Compared Part 2: Where Do We Share?

In part 2 of this series, discover where practitioners share during CTI collaboration - from peer to peer trust groups to paid memberships.

Tool Guide: CyberChef 101

threat intelligence Featured

Tool Guide: CyberChef 101

Learn how to use the versatile, open source utility CyberChef. This 101 includes an overview, operations, real-world walkthrough, and resources.

Sharing, Compared Part 1: How and Why Do We Connect?

threat intelligence

Sharing, Compared Part 1: How and Why Do We Connect?

In the first of our four-part series, learn why practitioners prioritize human-to-human sharing and its benefits.

Pulsedive Plan Updates

Pulsedive Plan Updates

Pulsedive is rolling out plan and pricing updates to Community products starting on March 11, 2024.

Balada Injector

threat intelligence

Balada Injector

Dive into how Balada exploits vulnerabilities within WordPress plugins. This research blog analyzes how Balada injects malicious code and the functionality of the scripts used in the campaign.

CTI Networking Report 2024

threat intelligence

CTI Networking Report 2024

"Sharing, Compared: A Study on the Changing Landscape of CTI Networking" is now available online.

MFA Now Available for All Community Users

MFA Now Available for All Community Users

Multi-factor authentication (MFA) is now available to all Pulsedive Community users.

threat intelligence

PikaBot Rising

Dive into the distribution methods and capabilities of Pikabot, a loader that has been growing in prevalence since early 2023.

Advanced Notice: Plan and Pricing Adjustments

Advanced Notice: Plan and Pricing Adjustments

Around March 2024, Pulsedive will be adjusting our plan offerings.