Posts
11.1.23
TCP SYN Scanning and the Problem of AI Hallucinations in Cybersecurity
Todd Kemmerling illustrates the risk of compounding AI hallucinations for security teams as he uses an LLM to build a TCP SYN scan detector.
Todd Kemmerling
9.12.23
ExtraHop Shares Huge Dataset for Detecting Domains Generated by Algorithm on GitHub
Learn how a newly released domains generated by algorithm (DGA) dataset from ExtraHop can protect your organization against malware and botnet attacks
Todd Kemmerling
1.20.21
Sunburst Origin Story Part 2: A Forensic Examination of SUNBURST After Detection
Read a reconstruction of the timeline of the SUNBURST attack and insights on how to improve threat detection in the future.
Todd Kemmerling
1.6.21
SUNBURST: An Origin Story
Get a forensic examination of the Sunburst attack from ExtraHop and learn how the attack went undetected for so long.
Todd Kemmerling
12.16.20
Analyzing the SUNBURST SolarWinds Attack Campaign For Threat Intelligence
SolarWinds attack: ExtraHop is sharing 1700+ suspicious IP addresses (for threat hunters and data scientists) that were associated with the Sunburst backdoor attack.
Todd Kemmerling