InQuest Blog

Posted on 2023-01-31 by Trevor Borden
ThreatIngestor is a flexible, configuration-driven, extensible framework for consuming threat intelligence. It can monitor Twitter, RSS feeds, and other sources, extract meaningful information like C2 IPs/domains and YARA signatures, then send that information to other systems for analysis.
Posted on 2022-12-29 by Isabelle Quinn
Email hygiene in the world of security has to do with configuring a set of email authentication and verification methods that prove to ISPs and mail services that your sending servers are, in fact, authorized to send out email from your domains.
Posted on 2022-12-13 by Chase Sims and Nick Chalard
Those who keep tabs on ransomware are no doubt aware of the Black Basta ransomware group. They’ve gained their share of notoriety since some of the group’s malicious code was first detected back in April of 2022. What is interesting here today is that in just the past two weeks, Black Basta deployments are on the rise.
Posted on 2022-11-28 by Chase Sims
InQuest Labs has observed an uptick in TOAD (Telephone-oriented attack delivery) threat actors targeting personal and business email addresses, presumably in line with the coming holiday shopping season. Based on our research efforts, we have observed that they employ multiple team members to execute this attack. The threat actors themselves refer to these components as “customer support” and “the security team”

Blog Archive

Subscribe to InQuest Insider


* indicates required