Kenneth Kinion
@kennethkinion.bsky.social
📤 39
📥 81
📝 8
Founder, Validin
pinned post!
🚨 New blog post 🚨 Hunting Laundry Bear: Infrastructure Analysis Guide and Findings How to enrich previous reporting with Validin to find dozens of indicators not previously reported.
#LaundryBear
#VoidBlizzard
#APT
www.validin.com/blog/laundry...
loading . . .
Hunting Laundry Bear: Infrastructure Analysis Guide and Findings | Validin
Hunting Laundry Bear: Infrastructure Analysis Guide and Findings
https://www.validin.com/blog/laundry_bear_infrastructure_analysis/#conclusion
4 months ago
0
0
0
reposted by
Kenneth Kinion
SentinelOne
2 months ago
Your cyber threat intel is part of the North Korean strategy: DPRK operators are abusing CTI platforms to see if they’ve been seen—and moving faster because of it. 👀
1
7
8
reposted by
Kenneth Kinion
Tom Hegel
2 months ago
New research from
@milenkowski.bsky.social
(S1) and
@kennethkinion.bsky.social
(Validin): 🇰🇵 Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms Research:
www.sentinelone.com/labs/contagi...
Reuters story:
www.reuters.com/world/asia-p...
loading . . .
Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
DPRK-aligned threat actors abuse CTI platforms to detect infrastructure exposure and scout for new assets.
https://www.sentinelone.com/labs/contagious-interview-threat-actors-scout-cyber-intel-platforms-reveal-plans-and-ops/
0
7
5
🚨 New blog post 🚨 Hunting Laundry Bear: Infrastructure Analysis Guide and Findings How to enrich previous reporting with Validin to find dozens of indicators not previously reported.
#LaundryBear
#VoidBlizzard
#APT
www.validin.com/blog/laundry...
loading . . .
Hunting Laundry Bear: Infrastructure Analysis Guide and Findings | Validin
Hunting Laundry Bear: Infrastructure Analysis Guide and Findings
https://www.validin.com/blog/laundry_bear_infrastructure_analysis/#conclusion
4 months ago
0
0
0
Hot on the heels of the researched published by
@huntress.com
, hunting for Zoom-themed lures from DPRK's
#BlueNoroff
💥Learn hunting techniques 💥Leverage new Validin features and data 💥Full, unredacted indicator list (domains, IPs, hashes)
www.validin.com/blog/zooming...
loading . . .
Zooming through BlueNoroff Indicators with Validin | Validin
Pivoting through recently-reported indicators to find BlueNoroff-associated domains
https://www.validin.com/blog/zooming_through_bluenoroff_pivots/
5 months ago
1
2
2
At
@pivotcon.bsky.social
, I'm presenting with
@hegel.bsky.social
and Sreekar Madabushi on the first public look at the full scope of a stealthy, long-running phishing network.
7 months ago
0
7
5
From on a report on X, we walk through proactive detection of a
#booking
#fakecaptcha
#clickfix
campaign delivering
#asyncrat
As always, full indicator list and detailed step-by-step repro included 🔥 ⤵️
www.validin.com/blog/finding...
loading . . .
Finding Booking.com themed ClickFix domains using Validin | Validin
Finding Booking.com themed ClickFix domains using Validin
https://www.validin.com/blog/finding_booking_themed_clickfix/
7 months ago
0
0
0
@bushidotoken.net
explored a Meta-themed credential phishing campaign (not "Reality"). From those indicators, I pulled the "Threads" & this is far from an isolated campaign. Found great pivots in registration "Meta"data. (I'll see myself out.) All 762 indicators 💥⤵️
www.validin.com/blog/not_rea...
loading . . .
Not Reality: Exploring Meta-themed Phishing with Validin | Validin
Not Reality: Exploring Meta-themed Phishing with Validin
https://www.validin.com/blog/not_reality_meta_phishing/
7 months ago
0
2
2
Found these likely
#Lazarus
/
#TraderTraitor
domains w/
#Validin
getcoinprice[.]info stocksindex[.]org wfinance[.]org stockinfo[.]io Read my how-to on leveraging Validin's exceptional visibility, history, and pivoting features for C2 infrastructure forensics:
www.validin.com/blog/bybit_h...
loading . . .
Lazarus Group Bybit Heist: C2 forensics | Validin
An in-depth hunt for Lazarus APT group infrastructure related to the Bybit hack using Validin's host response and DNS databases.
https://www.validin.com/blog/bybit_hack_infrastructure_hunt/
8 months ago
0
5
2
reposted by
Kenneth Kinion
PIVOTcon
8 months ago
"Unmasking the FreeDrain Network" Tom Hegel, Principal Threat Researcher, SentinelLabs (@TomHegel ,
@hegel.bsky.social
) Sreekar Madabushi, Founding Engineer, Validin Kenneth Kinion, Founder, Validin (
@kennethkinion.bsky.social
) 16/18
1
4
2
reposted by
Kenneth Kinion
Tom Hegel
8 months ago
Incredibly excited to drop some new research alongside
@kennethkinion.bsky.social
and Sreekar Madabushi at this years
@pivotcon.bsky.social
0
7
1
reposted by
Kenneth Kinion
PIVOTcon
8 months ago
📣 Oops!... They did it again!!! 61 Talks submitted and so many too good that, once again, we had to increase a bit the number of accepted talks.🔥
#PIVOTcon25
Agenda is finally here, and the caliber is insane!!! Check it out➡️
pivotcon.org/agenda-2025/
#CTI
#ThreatIntel
Talks and presenters in🧵⬇️ 1/18
1
20
19
Really looking forward to my first
@pivotcon.bsky.social
in May. I'm super excited about doing this talk alongside
@hegel.bsky.social
and Sreekar!
add a skeleton here at some point
8 months ago
0
0
0
you reached the end!!
feeds!
log in
