Kenneth Kinion

Hunting Laundry Bear: Infrastructure Analysis Guide and Findings | Validin Hunting Laundry Bear: Infrastructure Analysis Guide and Findings

🚨 New blog post 🚨

Hunting Laundry Bear: Infrastructure Analysis Guide and Findings

How to enrich previous reporting with Validin to find dozens of indicators not previously reported.

#LaundryBear #VoidBlizzard #APT

www.validin.com/blog/laundry...

25.07.2025 12:13 — 👍 0    🔁 0    💬 0    📌 0

From @re.wtf:
bsky.app/profile/re.w...

20.06.2025 17:24 — 👍 0    🔁 0    💬 0    📌 0

Zooming through BlueNoroff Indicators with Validin | Validin Pivoting through recently-reported indicators to find BlueNoroff-associated domains

Hot on the heels of the researched published by @huntress.com, hunting for Zoom-themed lures from DPRK's #BlueNoroff

💥Learn hunting techniques
💥Leverage new Validin features and data
💥Full, unredacted indicator list (domains, IPs, hashes)

www.validin.com/blog/zooming...

20.06.2025 17:24 — 👍 2    🔁 2    💬 1    📌 0

At @pivotcon.bsky.social, I'm presenting with @hegel.bsky.social and Sreekar Madabushi on the first public look at the full scope of a stealthy, long-running phishing network.

24.04.2025 14:31 — 👍 7    🔁 5    💬 0    📌 0

Finding Booking.com themed ClickFix domains using Validin | Validin Finding Booking.com themed ClickFix domains using Validin

From on a report on X, we walk through proactive detection of a #booking #fakecaptcha #clickfix campaign delivering #asyncrat

As always, full indicator list and detailed step-by-step repro included 🔥 ⤵️
www.validin.com/blog/finding...

17.04.2025 10:54 — 👍 0    🔁 0    💬 0    📌 0

Not Reality: Exploring Meta-themed Phishing with Validin | Validin Not Reality: Exploring Meta-themed Phishing with Validin

@bushidotoken.net explored a Meta-themed credential phishing campaign (not "Reality"). From those indicators, I pulled the "Threads" & this is far from an isolated campaign. Found great pivots in registration "Meta"data. (I'll see myself out.)

All 762 indicators 💥⤵️

www.validin.com/blog/not_rea...

07.04.2025 14:49 — 👍 2    🔁 2    💬 0    📌 0

Lazarus Group Bybit Heist: C2 forensics | Validin An in-depth hunt for Lazarus APT group infrastructure related to the Bybit hack using Validin's host response and DNS databases.

Found these likely #Lazarus / #TraderTraitor domains w/ #Validin
getcoinprice[.]info
stocksindex[.]org
wfinance[.]org
stockinfo[.]io

Read my how-to on leveraging Validin's exceptional visibility, history, and pivoting features for C2 infrastructure forensics:
www.validin.com/blog/bybit_h...

11.03.2025 18:33 — 👍 5    🔁 2    💬 0    📌 0

"Unmasking the FreeDrain Network"

Tom Hegel, Principal Threat Researcher, SentinelLabs (@TomHegel , @hegel.bsky.social )
Sreekar Madabushi, Founding Engineer, Validin
Kenneth Kinion, Founder, Validin ( @kennethkinion.bsky.social )
16/18

07.03.2025 14:42 — 👍 4    🔁 1    💬 1    📌 1

Incredibly excited to drop some new research alongside @kennethkinion.bsky.social and Sreekar Madabushi at this years @pivotcon.bsky.social

10.03.2025 13:59 — 👍 7    🔁 1    💬 0    📌 0

📣 Oops!... They did it again!!!
61 Talks submitted and so many too good that, once again, we had to increase a bit the number of accepted talks.🔥

#PIVOTcon25 Agenda is finally here, and the caliber is insane!!! Check it out➡️ pivotcon.org/agenda-2025/
#CTI #ThreatIntel
Talks and presenters in🧵⬇️ 1/18

07.03.2025 14:42 — 👍 20    🔁 14    💬 1    📌 5

Really looking forward to my first @pivotcon.bsky.social in May. I'm super excited about doing this talk alongside @hegel.bsky.social and Sreekar!

07.03.2025 18:42 — 👍 0    🔁 0    💬 0    📌 0