Lightnews — Scholar-powered news

Reposted by LP

sydney @letswastetime.bsky.social · 8d

Threat hunting falls apart when your “docs” live in Slack threads.

Part 2 of the @thorcollective.bsky.social Dispatch Agentic Threat Hunting series covers the first step to scaling: put your hunts in a GitHub repo and give your AI bestie memory.

dispatch.thorcollective.com/p/agentic-th...

1 2 2

LP @jotunvillur.bsky.social · 10d

We at @thorcollective.bsky.social are waking you up before September ends, because a new Ask-a-Thrunt3r episode just dropped with:

2K subscriber milestone 🎉
15 baseline examples
The great data vs. data debate
Plus: Is Git the future of hunting collab?

🎧: dispatch.thorcollective.com/p/ask-a-thru...

Ask-a-Thrunt3r: September 2025 Recap 🐏

Mainly ramblings. And maybe some wisdom.

dispatch.thorcollective.com

2 2

LP @jotunvillur.bsky.social · 17d

You can’t find weird if you don’t know normal.

@thorcollective.bsky.social
just dropped 10 baseline hunts you can shine in the dark parts of your env and magnify the adversaries from the noise.

Join us for all the thrunting 👉: open.substack.com/pub/thorcoll...

#threathunting #infosec

2 2

Reposted by LP

sydney @letswastetime.bsky.social · 25d

Cybersecurity needs more than hackers in hoodies.

In this week’s @thorcollective.bsky.social Dispatch, Courtney Shar shares how project management skills like risk alignment, process design, and team coordination directly strengthen security programs.

👉 dispatch.thorcollective.com/p/beyond-hac...

dispatch.thorcollective.com

1 3 6

LP @jotunvillur.bsky.social · 28d

🚨 Think your browser extensions are harmless?

Join @johntuckner.me for @thorcollective.bsky.social
and learn how to hunt the dangerous ones before they hunt you:

thorcollective.substack.com/p/even-if-ma...

#cybersecurity #infosec #threathunting #thrunting

Even if many plugins are fine, the bad ones are BAD

Sydney recently wrote a great piece about extensions and hunting for IDE plugins.

thorcollective.substack.com

2 3

Reposted by LP

tuckner @johntuckner.me · 28d

Not subscribed to the THOR Collective Dispatch yet? You might've missed my guest piece on hunting for bad browser extensions. Check if the extension your CFO installed to change text to Comic Sans is also taking screenshots of his Salesforce reports.

dispatch.thorcollective.com/p/even-if-ma...

1 2

LP @jotunvillur.bsky.social · Sep 9

📻 Ask a Thrunt3r August is here!

DEF CON wisdom unlocked:
🔓 Why your SecOps model isn't working anymore
🎯 Supply chain attacks via AI coding tools
🛠️ One tool
@THOR_Collective
wishes you knew about (hint: it's Sliver)

dispatch.thorcollective.com/p/ask-a-thru...

#threathunting #cybersecurity

Ask-a-Thrunt3r: August 2025 Recap 🐏

Mainly ramblings. And maybe some wisdom.

dispatch.thorcollective.com

1 3

Reposted by LP

tuckner @johntuckner.me · Sep 7

Six malicious extensions listed in Cursor and hosted on Open VSX. All are squatting on other packages and are showing above the safe versions they target.

2 3 15

Reposted by LP

Ben Goerz @bengoerz.bsky.social · Aug 9

If you are around DEF CON today, join me at 5pm for “Sh*t Show Triage: An Honest Panel on Incident Response” btv-dc33.sessionize.com/session/966539

Sh*t Show Triage: An Honest Panel on Incident Response

You can start with the best intentions, solid tools, and all the right policies, but what happens when your network moves from “effing around” straight into “finding out”? Join a panel of variously tr...

btv-dc33.sessionize.com

1 3

Reposted by LP

THOR Collective @thorcollective.bsky.social · Aug 4

Shoutout to our fam Elipscion, who's spinning live at DEF CON 33 this Friday at 8pm on the DEF CON stage.
🎧 Listen here: open.spotify.com/artist/2tgPZ...

🔥 Join our @thorcollective.bsky.social meetup during his set. Say hi, talk hunts, and grab some free swag. See you there!

ELIPSCION

Artist · 10 monthly listeners.

open.spotify.com

1 3 3

Reposted by LP

archwisp @archwisp.bsky.social · Aug 3

Oh hey! Did I mention I’m speaking on Saturday? I’ll be in track 1 at 2:30!

defcon.org/html/defcon-...

DEF CON® Hacking Conference - Speakers

defcon.org

1 2 3

Reposted by LP

sydney @letswastetime.bsky.social · Jul 31

🌵 Calm before the Hacker Summer Camp storm.

July’s Dispatch Debrief is light on posts, heavy on hot takes — from agentic AI to making pentest findings sting.

Catch up before Vegas 👉 dispatch.thorcollective.com/p/dispatch-d...

Dispatch Debrief: July 2025

Consider this the calm before the Hacker Summer Camp storm.

dispatch.thorcollective.com

1 1 1

Reposted by LP

sydney @letswastetime.bsky.social · Jul 27

Threat hunting is broken.
We can’t out-query adversaries who automate everything.
Enter the agentic threat hunter. An AI that thinks, hypothesizes, investigates, and scales.

In the latest @thorcollective.bsky.social Dispatch, we explore this shift:

📌 dispatch.thorcollective.com/p/the-agenti...

1 3 3

Reposted by LP

Ann Johnson @ajohnsocyber.bsky.social · Jul 20

msrc.microsoft.com/blog/2025/07...

Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. The attacks are exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770.

SharePoint Online in Microsoft 365 is not impacted

Customer guidance for SharePoint vulnerability CVE-2025-53770 | MSRC Blog | Microsoft Security Response Center

Customer guidance for SharePoint vulnerability CVE-2025-53770

msrc.microsoft.com

3 11

Reposted by LP

sydney @letswastetime.bsky.social · Jul 3

THRUNTING isn’t just a buzzword. It’s a mindset. 🐑

Inspired by Tim Peters’ 19 aphorisms for Python, @thorcollective.bsky.social Dispatch introduces "The Zen of Thrunting."

dispatch.thorcollective.com/p/the-zen-of...

Stay curious. Happy thrunting.

The Zen of Thrunting

Abstract

dispatch.thorcollective.com

1 3 4

Reposted by LP

sydney @letswastetime.bsky.social · Jun 24

🔌 That browser extension? That IDE plugin? Might not be doing what you think.

New on @thorcollective.bsky.social Dispatch: five hunt ideas + a PEAK deep dive into sneaky plugin abuse.

Start with visibility. Hunt what blends in.

📖 dispatch.thorcollective.com/p/your-plugi...

Your Plugins and Extensions Are (Probably) Fine. Hunt Them Anyway.

Five hunt ideas (and one deep dive) for abuse hiding in plain sight.

dispatch.thorcollective.com

1 2 2

Reposted by LP

sydney @letswastetime.bsky.social · Jun 19

New guest post on thorcollective.bsky.social Dispatch from infosecsherpa.bsky.social:

Don’t Let Mis(s) Information Take the Crown 👑

This post shows how to apply the Intelligence Cycle to news and help you filter bias.

Read it here: dispatch.thorcollective.com/p/dont-let-m...

Don't Let Mis(s) Information Take the Crown

Sherpa Intelligence: Your Guide Up a Mountain of Information!

dispatch.thorcollective.com

1 4 4

LP @jotunvillur.bsky.social · Jun 10

⚡ New @thorcollective.bsky.social Dispatch drop

No hallucinations here. Just TTPs that quietly defined Q1 2025.

🔐 OAuth abuse
📦 Malicious packages
🖥️ SimpleHelp RMM exploits

Stay ahead with what to hunt & where to look.

👉 dispatch.thorcollective.com/p/from-the-f...

#THORCollective
#threathunting

From the Fire: Q1FY25

TTPs that sparked, spread, and still burn for those paying attention.

dispatch.thorcollective.com

3 4

LP @jotunvillur.bsky.social · May 27

✨ New THOR Collective post ✨

Introducing Threat Hunting Relevancy Factors (THRF!) These factors can help you create relevant hunts and tangible impact for your organization. Show your business that you mean bzns. 📈

Join us at 👉: dispatch.thorcollective.com/p/threat-hun...

#threathunting

Making Your Hunts Matter: Introducing Threat Hunting Relevancy Factors

Don’t just hunt, hunt with purpose.

dispatch.thorcollective.com

4 5

Reposted by LP

THOR Collective @thorcollective.bsky.social · May 22

🐏 Ask a Thrunter AMA + Giveaway!

Join @thorcollective.bsky.social live next THORsday, May 29th @ 7pm PT in Discord. We’ve got a special announcement + we’ll reveal the monthly giveaway winner (all paid Dispatch subscribers automatically entered!).

Submit your questions early👇

2 3

Reposted by LP

sydney @letswastetime.bsky.social · May 22

Introverts rewrite detection rules repeatedly, while extroverts demo them mid-draft.
In cybersecurity, you need both.
Today's @thorcollective.bsky.social Dispatch features Alex Hurtado, highlighting how embracing differences strengthens SOC teams.

👉 : dispatch.thorcollective.com/p/quiet-loud...

Quiet, Loud, and in the Logfiles: The Detection Duo You Didn’t Know You Needed

Filed under: Things your agent can’t do but Linda from SecOps does without breaking a sweat.

dispatch.thorcollective.com

2 1

LP @jotunvillur.bsky.social · May 16

Sierra Ferrell, yeehaw! 🤠

Reposted by LP

drterdnugget.bsky.social @drterdnugget.bsky.social · May 15

🚨 New guest drop on @THOR_Collective Dispatch! 🚨

"Exploring Cybersecurity Career Paths and How They Work Together" by Audra Streetman

Whether you're into offense, intel, or cyber defense, there's a path for you!

Read it here: dispatch.thorcollective.com/p/exploring-...

3 2

Reposted by LP

sydney @letswastetime.bsky.social · May 8

💡 New guest drop on @thorcollective.bsky.social Dispatch: "Detection-in-Depth" by Day Johnson.

Day covers how to build resilient detection systems that handle real-world challenges, from fine-tuning rules to threat emulation and kill chain coverage.

dispatch.thorcollective.com/p/detection-...

Detection-In-Depth

Eliminating detection blind spots through a multi-layered defense approach

dispatch.thorcollective.com

1 3 2

Reposted by LP

sydney @letswastetime.bsky.social · May 1

🔥 Dispatch Debrief: April 2025 is live 🔥
Explore star sign-inspired hunting techniques, organizing your hunt squad, and the value of finding "nothing."

Discover this month's insights from @thorcollective.bsky.social Dispatch - dispatch.thorcollective.com/p/april-debr...

Dispatch Debrief: April 2025

What We Hunted, Learned, and Loved This Month

dispatch.thorcollective.com

1 4 4