RobinReach

APT28 harvested Microsoft Office tokens from 200+ organisations by redirecting router DNS. No malware, no direct breach, no alerts. The stolen tokens end up inside your environment. The only way to catch it is by hunting for what the attacker does next.

Never Hunt Alone.

#ThreatHunting #APT28

RobinReach

APT37 ran a months long espionage campaign that started with a Facebook friend request, built trust, then delivered malware inside legitimate software. No email to filter, no link to block. Automated defences catch technical indicators, not trust.

Never Hunt Alone

#Cyber #ThreatHunting #APT37

RobinReach

Nation state group TA416 changed attack approaches multiple times per campaign and stayed hidden for 600+ days.

Can autonomous SOCs keep up? Analysts can, with the right tools guiding them. That is what Huntbase was built for.

Never Hunt Alone

#Dwell #Cyber #ThreatHunting

RobinReach

Happy Easter to those that celebrate!

From all at Huntbase ❤️

Never Hunt Alone

#CyberSecurity #InfoSec #ThreatHunting #HappyEaster

RobinReach

A new RSAC report maps eight phases of modern intrusions. One thing is consistent: attacks aren't at the perimeter anymore. They exploit the gap between what your tools see and what's actually happening.

That's a threat hunting problem.

#ThreatHunting #InfoSec #CyberSecurity

RobinReach

GlassWorm hides behind trusted dev accounts, legit services and a fake Google Docs extension. Every stage looks clean on its own. The attack only surfaces when you connect the dots.

That's a threat hunting problem.

#ThreatHunting #GlassWorm #InfoSec

RobinReach

90 zero-days exploited last year.

Nearly half targeted firewalls, VPNs and security appliances; devices that don't run endpoint detection.

Once compromised, they're invisible.

If your tools can't see it, you're already exposed.

Never Hunt Alone

#cybersecurity #threathunting

RobinReach

New blog from Jeff Hamm tracing threat hunting back to before the term even existed. What it really entails and why structure and frameworks matter now more than ever.

Never Hunt Alone

#ThreatHunting #CyberMarketing #InfoSecs #CyberSecurity

Blog Link in comments

RobinReach

A state-linked campaign breached 50+ telcos across 42 countries using cloud features as C2 — one backdoor used Google Sheets. No SIEM catches this.

Finding it takes hypotheses and telemetry. That's threat hunting.

Never Hunt Alone

#threathunting #nationstate #cloudsecurity

RobinReach

1.8B credentials stolen by infostealers in H1 2025. They harvest cookies, tokens and metadata — then live off the land. No malware, no alerts.

The only way to find them? Hunt.

Never Hunt Alone

#cybersecurity #threathunting #infostealers #SOC

RobinReach

*New Blog Alert*

At Huntbase, we believe humans must always be in the loop against the most elusive threats. Jeff's blog explores why intuition, adversary empathy, and reading attacker intent remain central to the SOC.

#CyberSecurity #ThreatHunting
Link in comments

RobinReach

86% of ransomware attacks in 2025 launched encryption from unmanaged devices with no EDR or logging.

By the time it starts, it's too late. The window to intervene is earlier, during staging.
That takes proactive hunting, not alerts. Huntbase is built for this.

#NeverHuntAlone #Cyber #AI

RobinReach

One hacker used off-the-shelf AI to compromise 600+ FortiGate devices across 55 countries this month. Hundreds breached simultaneously, some slipped past perimeter defences. Don't wait for an alert that may never come. Proactively hunt for threats in your environment.

#cyber #threathunting

RobinReach

Nation-states have pre-positioned in critical infrastructure worldwide. They're not deploying malware yet, they're mapping systems, blending in. They won't trigger an alert until they act. The only way to find them is to hunt. Fortunately, that's what we do.

#threathunting

RobinReach

99% of SOCs use AI but alert overload persists. Threat hunting is the first casualty yet the most dangerous threats don't generate alerts.

Huntbase provides an operational model that makes proactive investigation a standing capability.

Never Hunt Alone.

#cybersecurity #SOC #Threathunting

RobinReach

Huntbase has been built analyst first from the very first line of code.

Guided investigations and the ability to draw context across all tools and environments makes threat hunting super rewarding, and the more you hunt the better you'll get.

Never Hunt Alone

RobinReach

Huntbase harnesses and unleashes an analyst’s creativity and intuition to create cool and effective hunts.

Never Hunt Alone

#CyberSecurity #ThreatHunting #SOCAnalyst #InfoSec

RobinReach

Huntbase helps anyone hunt for threats that currently go unnoticed...

Never Hunt Alone

#CyberSecurity #ThreatHunting #SOCAnalyst #InfoSec

RobinReach

Huntbase is the platform that guides every analyst through their environment to investigate clues quickly and easily.

Analyst intuition + Huntbase = effective threat hunting.

Never Hunt Alone

#Threathunting #Cybersecurity #AISOC #SOCAnalyst

RobinReach

Huntbase believes that the bad actors after your important information are getting smarter.

Scout can help even inexperienced threat hunters make better decisions.

Never Hunt Alone

#ThreatHunting #Cybersecurity #InfoSecs #SOC #AI

RobinReach

AI doesn't do curious.

Good threat hunting starts with an analyst who notices something odd and doesn't let it go, follows their gut, and turns up threats automated systems miss.

Never Hunt Alone

#ThreatHunting #Cybersecurity #InfoSecs #SOC #AI

RobinReach

Your tools sees authorized activity whilst your attackers are acting maliciously inside your infrastructure.

Human-AI threat hunting helps find what's hiding in plain sight.

Never Hunt Alone

#ThreatHunting #Cybersecurity #InfoSecs #SOC

RobinReach

Threat hunting can reveal these attackers before they execute their plans.

Never Hunt Alone

#ThreatHunting #Cybersecurity #InfoSecs #SOC

RobinReach

Undetected attackers cause escalating damage; more theft, more lateral movement, harder removal.

#CyberSecurity #ThreatHunting #InfoSec #SecOps

RobinReach

Happy New Year from everyone at Huntbase!


#CyberSecurity #ThreatHunting #InfoSec #SecOps #HappyNewYear

RobinReach

Find the threats inside your system which don't announce themselves.

Huntbase, coming soon in 2026.

#CyberSecurity #ThreatHunting #InfoSec #SecOps

RobinReach

Merry Christmas from everybody at Huntbase. May your logs be clean and your alerts be merry!

#MerryChristmas #ThreatHunting #CyberSecurity #InfoSecs #SecOps

RobinReach

Because every threat is easier to find with a guide.

Huntbase, coming soon.

#CyberSecurity #ThreatHunting #InfoSecs #AISOC #SecOps

RobinReach

We can't wait to make our debut at BSides tomorrow as a gold sponsor.

If you're going, do come say hello, and we can share with you what the team has been proudly putting together these last few months.

1 more sleep!

#BSidesLDN2025 #ThreatHunting #NeverHuntAlone

RobinReach

The No.1 AI security capability prioritised by security leaders is threat hunting - PwC, 2026

Never Hunt Alone

#ThreatHunting #Cybersecurity #InfoSecs #AISOC