LightNews
drterdnugget.bsky.social
@drterdnugget.bsky.social
5 followers 11 following 6 posts
Posts Media Videos Starter Packs
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · 1d
In this week’s @thorcollective.bsky.social Dispatch, Sam Hanson lays out how to move beyond indicator-based hunting and build detection muscle that actually scales.

👉 dispatch.thorcollective.com/p/hunting-be...
1 1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · 2d
If tstats gives you speed and eventstats gives you context...timechart gives you shape.

This week’s @thorcollective.bsky.social SPL Dispatch breaks down how to use timechart to uncover rhythm, automation, and the a cron job masquerading as “normal.”

dispatch.thorcollective.com/p/the-shape-...
dispatch.thorcollective.com
1 1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · 8d
Threat hunting falls apart when your “docs” live in Slack threads.

Part 2 of the @thorcollective.bsky.social Dispatch Agentic Threat Hunting series covers the first step to scaling: put your hunts in a GitHub repo and give your AI bestie memory.

dispatch.thorcollective.com/p/agentic-th...
1 2 2
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · 14d
From temporal to behavioral, baselines are the thrunter’s compass. September’s Dispatch from @thorcollective.bsky.social shows how to use them to sharpen the hunt and includes ten baseline hunts you should be running now.
🔗 dispatch.thorcollective.com/p/dispatch-d...
1 2 3
Reposted
jotunvillur.bsky.social
LP @jotunvillur.bsky.social · 17d
You can’t find weird if you don’t know normal.

@thorcollective.bsky.social
just dropped 10 baseline hunts you can shine in the dark parts of your env and magnify the adversaries from the noise.

Join us for all the thrunting 👉: open.substack.com/pub/thorcoll...

#threathunting #infosec
2 2
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · 24d
Cybersecurity needs more than hackers in hoodies.

In this week’s @thorcollective.bsky.social Dispatch, Courtney Shar shares how project management skills like risk alignment, process design, and team coordination directly strengthen security programs.

👉 dispatch.thorcollective.com/p/beyond-hac...
dispatch.thorcollective.com
1 3 6
Reposted
jotunvillur.bsky.social
LP @jotunvillur.bsky.social · 28d
🚨 Think your browser extensions are harmless?

Join @johntuckner.me for @thorcollective.bsky.social
and learn how to hunt the dangerous ones before they hunt you:

thorcollective.substack.com/p/even-if-ma...

#cybersecurity #infosec #threathunting #thrunting
Even if many plugins are fine, the bad ones are BAD
Sydney recently wrote a great piece about extensions and hunting for IDE plugins.
thorcollective.substack.com
2 3
drterdnugget.bsky.social
drterdnugget.bsky.social @drterdnugget.bsky.social · Sep 5
🚨New post on @thorcollective.bsky.social Dispatch 🚨

Certis Foster didn't hunt for it.
It revealed itself.

The key? Plotting behavior in 3D space:

🕒 Time
🗺️ Terrain
🎯 Behavior

Outliers can’t hide in 3D.

dispatch.thorcollective.com/p/cant-hide-...

#threathunting #thrunting #THORcollective
Can't Hide in 3D
In a sea of millions of security events, one workstation literally stood out, floating high above all the others when I transformed flat logs into a 3D visualization.
dispatch.thorcollective.com
1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Sep 2
If you don’t know what “normal” looks like in your environment, you’re not hunting...you’re hoping.

Our latest @thorcollective.bsky.social Dispatch post breaks down 5 baselines every thrunter needs.

Map normal. Track drift. Catch threats.

Read here: dispatch.thorcollective.com/p/you-cant-f...
You Can't Find Weird If You Don't Know Normal
Five baselines with hunt queries you can run today
dispatch.thorcollective.com
1 1 2
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Aug 28
Summertime sadness hit the Dispatch hard: sunscreen > screen time. 🌞
But the hunts never stopped, and this month we’re back with fresh chaos, AI wisdom, and a noob’s-eye view of DEF CON.

👉 Catch the @thorcollective.bsky.social August Dispatch: dispatch.thorcollective.com/p/dispatch-d...
1 1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Aug 21
The Quiet War isn’t loud breaches or ransomware. It’s subtle. AI-driven adversaries are blending in and evading detection.

Hunters must shift: hunt intent, not just indicators.

👉 New guest post by Damien Lewke on @thorcollective.bsky.social Dispatch: dispatch.thorcollective.com/p/the-quiet-...
1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Aug 19
What happens when you throw yourself into DEFCON for the very first time? You get Line Con, Noob Village wisdom, hacker merch battles, Flipper Zero impulse buys, Hacker Jeopardy chaos, and the realization that DEFCON is not just a con, it is a community.

dispatch.thorcollective.com/p/my-first-d...
1 1 3
Reposted
thorcollective.bsky.social
THOR Collective @thorcollective.bsky.social · Aug 4
Shoutout to our fam Elipscion, who's spinning live at DEF CON 33 this Friday at 8pm on the DEF CON stage.
🎧 Listen here: open.spotify.com/artist/2tgPZ...

🔥 Join our @thorcollective.bsky.social meetup during his set. Say hi, talk hunts, and grab some free swag. See you there!
ELIPSCION
Artist · 10 monthly listeners.
open.spotify.com
1 3 3
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jul 27
Threat hunting is broken.
We can’t out-query adversaries who automate everything.
Enter the agentic threat hunter. An AI that thinks, hypothesizes, investigates, and scales.

In the latest @thorcollective.bsky.social Dispatch, we explore this shift:

📌 dispatch.thorcollective.com/p/the-agenti...
1 3 3
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jul 24
Heading to hacker summer camp?

I wrote a survival guide for DEF CON, Black Hat, etc.

- Pick your purpose
- Villages > talks
- Hallway track is real
- You belong here

👽 dispatch.thorcollective.com/p/con-101-ho...

@thorcollective.bsky.social will be out there with thrunting stickers—come say hi.
1 1 2
drterdnugget.bsky.social
drterdnugget.bsky.social @drterdnugget.bsky.social · Jul 22
🚨New post on @thorcollective.bsky.social Dispatch🚨
Tired of getting ignored after dropping a valid XSS vuln?
Stop showing alert(1) pop-ups & start stealing sessions.
Make it real. Bring a bit of pain.
Read it here 👉 open.substack.com/pub/thorcoll...
Make It Hurt (a Little): Why Showing Real Impact in Pentest Findings Matters
“Cool alert box, bro. Now what?”
open.substack.com
1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jul 15
New from @thorcollective.bsky.social Dispatch: If You Like It Then You Should’ve Put a timechart on It

We’re diving into why timechart is a threat hunter’s best friend. From beaconing to privilege spikes, baselines, and more.

Read it here 👉 dispatch.thorcollective.com/p/if-you-lik...
If You Like It Then You Should've Put a timechart on It
Hey thrunters, gather ’round: timechart’s up
dispatch.thorcollective.com
1 3 3
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jul 3
THRUNTING isn’t just a buzzword. It’s a mindset. 🐑

Inspired by Tim Peters’ 19 aphorisms for Python, @thorcollective.bsky.social Dispatch introduces "The Zen of Thrunting."

dispatch.thorcollective.com/p/the-zen-of...

Stay curious. Happy thrunting.
The Zen of Thrunting
Abstract
dispatch.thorcollective.com
1 3 4
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jun 26
Dispatch Debrief: June 2025

Everything’s fine… until it isn’t.

This month’s @thorcollective.bsky.social Dispatch served up a spicy mix of threat hunting, plugin paranoia, purple teaming insights, and a few thrunting curveballs to keep you sharp.

🌶️ dispatch.thorcollective.com/p/dispatch-d...
Dispatch Debrief: June 2025
Because "Everything's Fine" is Just Another Way of Saying "I Haven't Looked Yet"
dispatch.thorcollective.com
1 2 3
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jun 24
🔌 That browser extension? That IDE plugin? Might not be doing what you think.

New on @thorcollective.bsky.social Dispatch: five hunt ideas + a PEAK deep dive into sneaky plugin abuse.

Start with visibility. Hunt what blends in.

📖 dispatch.thorcollective.com/p/your-plugi...
Your Plugins and Extensions Are (Probably) Fine. Hunt Them Anyway.
Five hunt ideas (and one deep dive) for abuse hiding in plain sight.
dispatch.thorcollective.com
1 2 2
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · Jun 19
New guest post on thorcollective.bsky.social Dispatch from infosecsherpa.bsky.social:

Don’t Let Mis(s) Information Take the Crown 👑

This post shows how to apply the Intelligence Cycle to news and help you filter bias.

Read it here: dispatch.thorcollective.com/p/dont-let-m...
Don't Let Mis(s) Information Take the Crown
Sherpa Intelligence: Your Guide Up a Mountain of Information!
dispatch.thorcollective.com
1 4 4
Reposted
jotunvillur.bsky.social
LP @jotunvillur.bsky.social · Jun 10
⚡ New @thorcollective.bsky.social Dispatch drop

No hallucinations here. Just TTPs that quietly defined Q1 2025.

🔐 OAuth abuse
📦 Malicious packages
🖥️ SimpleHelp RMM exploits

Stay ahead with what to hunt & where to look.

👉 dispatch.thorcollective.com/p/from-the-f...

#THORCollective
#threathunting
From the Fire: Q1FY25
TTPs that sparked, spread, and still burn for those paying attention.
dispatch.thorcollective.com
3 4
drterdnugget.bsky.social
drterdnugget.bsky.social @drterdnugget.bsky.social · Jun 3
🚨 New post on @thorcollective.bsky.social Dispatch🚨
Red with Benefits: Purple Teaming with Sliver Beacons
Sliver isn’t just for flexing during pentests, it’s your new favorite detection engineering wingman.

👇
dispatch.thorcollective.com/p/red-with-b...
Red with Benefits: Purple Teaming with Sliver Beacons
How to turn a modern post-exploitation tool into your next detection engineering best friend.
dispatch.thorcollective.com
1 1
Reposted
letswastetime.bsky.social
sydney @letswastetime.bsky.social · May 29
The May Dispatch is live.

Fresh insights from @thorcollective.bsky.social and guest contributors on detection in depth, AI in the SOC, career overlaps, and making your hunts actually matter.

Plus memes. Obviously.

👉 dispatch.thorcollective.com/p/dispatch-d...
Dispatch Debrief: May 2025
Quiet logs, loud analysts, and AI besties. Just another month in the hunt.
dispatch.thorcollective.com
1 2 3
Reposted
jotunvillur.bsky.social
LP @jotunvillur.bsky.social · May 27
✨ New THOR Collective post ✨

Introducing Threat Hunting Relevancy Factors (THRF!) These factors can help you create relevant hunts and tangible impact for your organization. Show your business that you mean bzns. 📈

Join us at 👉: dispatch.thorcollective.com/p/threat-hun...

#threathunting
Making Your Hunts Matter: Introducing Threat Hunting Relevancy Factors
Don’t just hunt, hunt with purpose.
dispatch.thorcollective.com
4 5