You can’t throw a rock these days without hitting a security threat intelligence feed. There is a veritable cornucopia of feeds provided by security solution vendors, vendors who focus solely on security research and, of course, public / open source agencies. Here at InQuest, we harvest hundreds of internal/proprietary, public, and private 3rd party threat intel sources for insight into today’s attack types including sophisticated malware, ransomware, phishing lures, scams, fraud and other forms of malicious content.

When it comes to stopping the latest and most dangerous cybersecurity threats, your team needs one thing above all else: powerful threat intelligence. Leverage our curated InSights feed to stay on top of the newest IOCs from our proprietary intelligence and Command and Control (C2) information.

Here at InQuest, we do the heavy lifting for you with InQuest Insights.

InQuest Email Attack Simulation
This month we harvested 354 samples from the wild capable of bypassing either Microsoft or Google. Of those, Microsoft missed 276 (78%), and Google missed 290 (82%). InQuest, MailTAC for reference, missed only 17 (.05%). The distribution of misses by file type is depicted below:
InQuest EAS includes samples sourced from 50+ industry leading blogs. This month, we sourced 408 samples from these blogs for inclusion in attack simulation.
Want to validate the efficacy of your email security stack? InQuire here for a one-month free email attack simulation
Lab's IOC Lead Time
Every month, we conduct an analysis to ascertain the lead time for our C2 (Command and Control) and TI (Threat Intelligence) compared to public blogs. Over the past 30 days, we've examined a total of 999 indicators. Our findings reveal 8 instances of C2 victories and 47 successes in Threat Intelligence and Dark Web (TIDB) across 19 distinct sources. This data points to an average lead time of 172 days for these indicators, covering only 5% of the observed IOCs.
InQuest Latest Blog Posts

InQuest Presents "The Twelve Days of Maliciousness"

Posted on 2023-12-06 by InQuest TI Team

In the spirit of raising awareness about cybersecurity threats during the festive season, we’re excited to introduce our unique and thought-provoking holiday series, “The Twelve Days of Maliciousness.” This list creatively highlights a different cyber threat for each of the twelve days, mirroring the traditional holiday song structure.

Read more

2023 Cybersecurity Year in Review

Posted on 2023-12-19 by Katie Brown

As we reflect on 2023, it’s evident that the cybersecurity landscape continues to evolve rapidly. This past year’s events, trends, and breaches have reshaped our understanding and approach to digital security. Discover key developments from over the last twelve months and some of our recommended strategic cybersecurity measures.

Read More
InQuest Labs Research Spotlight


VSIOC is a real-time Visual Studio Code extension for extracting IOCs, including domains, URLs, emails, mac addresses, and more from the currently open editor.

Read more


NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home.

Read more

YARA Forge

YARA Forge specializes in delivering high-quality YARA rule packages for immediate integration into security platforms. This tool automates the sourcing, standardization, and optimization of YARA rules from a variety of public repositories shared by different organizations and individuals.

Read more
Global Security Events

4-year campaign backdoored iPhones using possibly the most advanced exploit ever

Researchers on Wednesday presented intriguing new findings surrounding an attack, that over four years, backdoored dozens, if not thousands of iPhones – many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.

Read more

GTA 5 source code reportedly leaked online a year after Rockstar hack

​The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. Links to download the source code were shared on numerous channels, including Discord, a dark web website, and a Telegram channel that the hackers previously used to leak stolen Rockstar data.

Read more

How Cybercriminals Will Sway 2024 US Elections, or Try To

Foreign interference actors, mostly operating out of Russia, Iran, and China, are ramping up efforts to influence US audiences ahead of 2024's national elections. One prime example is Doppelganger, a Russia-based influence operation that has established several inauthentic news sites and social media accounts to disseminate stories designed to stoke political and social divisions in the US in the run-up to the elections.

Read more
InQuest Insider - Your monthly resource for the latest in cyber security news, trends, tips, and tools. Subscribe here.
Copyright © InQuest 2023

This email was sent to *|EMAIL|*
why did I get this?    unsubscribe from this list    update subscription preferences