Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI
How It Works This Uncoder AI feature generates a broad-spectrum KQL detection query for Microsoft Sentinel, based on indicators from…
Threats
Full Detection Logic for LITERNAMAGER in Cortex XSIAM via Uncoder AI
How It Works This Uncoder AI feature analyzes a complex CERT-UA#1170 threat report describing the LITERNAMAGER malware family and generates…
Instant Domain Matching Logic for Splunk via Uncoder AI
How It Works This feature in Uncoder AI ingests structured IOCs from threat reports — in this case, dozens of…
Domain-Based IOC Detection for Carbon Black in Uncoder AI
How It Works 1. IOC Extraction Uncoder AI scans the threat report (left panel) and identifies malicious network infrastructure associated…
CyberLock, Lucky_Gh0$t, and Numero Detection: Hackers Weaponize Fake AI Tool Installers in Ransomware and Malware Attacks
As GenAI continues to shape modern cybersecurity with its powerful advantages for strengthening defense mechanisms, it simultaneously introduces new risks…
APT41 Attack Detection: Chinese Hackers Exploit Google Calendar and Deliver TOUGHPROGRESS Malware Targeting Government Agencies
Threat actors often exploit cloud services for C2 to disguise their actions as normal, legitimate traffic. The nefarious Chinese state-backed…
AI-Generated Carbon Black Detection Rule for DarkCrystal RAT Campaign
How It Works Uncoder AI processes threat reports like CERT-UA#14045 on DarkCrystal RAT and generates Carbon Black-compatible detection logic. This…
AI-Powered SPL Rule Generation for WRECKSTEEL IOC Detection
How It Works Uncoder AI converts complex threat intelligence—like the CERT-UA#14283 report on the WRECKSTEEL PowerShell stealer—into Splunk’s Search Processing…
BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory
Following the disclosure of CVE-2025-4427 and CVE-2025-4428, two Ivanti EPMM vulnerabilities that can be chained for RCE, another critical security…
AI-Generated SentinelOne DNS Query for WRECKSTEEL Detection
How It Works Uncoder AI streamlines threat detection in SentinelOne by automatically transforming raw intelligence into executable event queries. In…