Kenneth Kinion

• Reposted by Kenneth Kinion
  
  SentinelOne sentinelone.com · Sep 4, 2025
  Your cyber threat intel is part of the North Korean strategy: DPRK operators are abusing CTI platforms to see if they’ve been seen—and moving faster because of it. 👀
  
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels
• Reposted by Kenneth Kinion
  
  Tom Hegel hegel.bsky.social · Sep 4, 2025
  New research from @milenkowski.bsky.social (S1) and @kennethkinion.bsky.social (Validin): 🇰🇵 Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms Research: www.sentinelone.com/labs/contagi... Reuters story: www.reuters.com/world/asia-p...

  Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms

  DPRK-aligned threat actors abuse CTI platforms to detect infrastructure exposure and scout for new assets.

  sentinelone.com
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Jul 25, 2025
  🚨 New blog post 🚨 Hunting Laundry Bear: Infrastructure Analysis Guide and Findings How to enrich previous reporting with Validin to find dozens of indicators not previously reported. #LaundryBear #VoidBlizzard #APT www.validin.com/blog/laundry...
  

  Hunting Laundry Bear: Infrastructure Analysis Guide and Findings | Validin

  Hunting Laundry Bear: Infrastructure Analysis Guide and Findings

  validin.com
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Jun 20, 2025
  Hot on the heels of the researched published by @huntress.com, hunting for Zoom-themed lures from DPRK's #BlueNoroff 💥Learn hunting techniques 💥Leverage new Validin features and data 💥Full, unredacted indicator list (domains, IPs, hashes) www.validin.com/blog/zooming...
  

  Zooming through BlueNoroff Indicators with Validin | Validin

  Pivoting through recently-reported indicators to find BlueNoroff-associated domains

  validin.com
  1

  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Jun 20, 2025
  From @re.wtf: bsky.app/profile/re.w...
  • re re.wtf · Jun 18, 2025
    [Not loaded yet]
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Apr 24, 2025
  At @pivotcon.bsky.social, I'm presenting with @hegel.bsky.social and Sreekar Madabushi on the first public look at the full scope of a stealthy, long-running phishing network.
  
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Apr 17, 2025
  From on a report on X, we walk through proactive detection of a #booking #fakecaptcha #clickfix campaign delivering #asyncrat As always, full indicator list and detailed step-by-step repro included 🔥 ⤵️ www.validin.com/blog/finding...
  

  Finding Booking.com themed ClickFix domains using Validin | Validin

  Finding Booking.com themed ClickFix domains using Validin

  validin.com
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Apr 7, 2025
  @bushidotoken.net explored a Meta-themed credential phishing campaign (not "Reality"). From those indicators, I pulled the "Threads" & this is far from an isolated campaign. Found great pivots in registration "Meta"data. (I'll see myself out.) All 762 indicators 💥⤵️ www.validin.com/blog/not_rea...
  

  Not Reality: Exploring Meta-themed Phishing with Validin | Validin

  Not Reality: Exploring Meta-themed Phishing with Validin

  validin.com
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Kenneth Kinion kennethkinion.bsky.social · Mar 11, 2025
  Found these likely #Lazarus / #TraderTraitor domains w/ #Validin getcoinprice[.]info stocksindex[.]org wfinance[.]org stockinfo[.]io Read my how-to on leveraging Validin's exceptional visibility, history, and pivoting features for C2 infrastructure forensics: www.validin.com/blog/bybit_h...
  

  Lazarus Group Bybit Heist: C2 forensics | Validin

  An in-depth hunt for Lazarus APT group infrastructure related to the Bybit hack using Validin's host response and DNS databases.

  validin.com
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• Reposted by Kenneth Kinion
  
  PIVOTcon pivotcon.bsky.social · Mar 7, 2025
  Replying to PIVOTcon
  "Unmasking the FreeDrain Network" Tom Hegel, Principal Threat Researcher, SentinelLabs (@TomHegel , @hegel.bsky.social ) Sreekar Madabushi, Founding Engineer, Validin Kenneth Kinion, Founder, Validin ( @kennethkinion.bsky.social ) 16/18
  
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload image (1)Download image (2)Download image (3)Show all post labels
• Reposted by Kenneth Kinion
  
  Tom Hegel hegel.bsky.social · Mar 10, 2025
  Incredibly excited to drop some new research alongside @kennethkinion.bsky.social and Sreekar Madabushi at this years @pivotcon.bsky.social
  
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels
• Reposted by Kenneth Kinion
  
  PIVOTcon pivotcon.bsky.social · Mar 7, 2025
  📣 Oops!... They did it again!!! 61 Talks submitted and so many too good that, once again, we had to increase a bit the number of accepted talks.🔥 #PIVOTcon25 Agenda is finally here, and the caliber is insane!!! Check it out➡️ pivotcon.org/agenda-2025/ #CTI #ThreatIntel Talks and presenters in🧵⬇️ 1/18
  
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels