Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Elastic Security Labs

12 articles

Elastic Security Labs General May 1

DFIR: From alert to root cause using Osquery without leaving Elastic Security

Learn how to perform distributed, real-time Digital Forensics and Incident Response (DFIR) using Osquery and Elastic to investigate threats at scale without ...

Elastic Security Labs →

Elastic Security Labs General Microsoft GitHub GitLab Apr 29

CI/CD pipeline abuse: the problem no one is watching

How we built an open-source, drop-in CI template that uses signal extraction and LLM reasoning to catch CI/CD abuse in GitHub Actions, GitLab CI, and Azure D...

Elastic Security Labs →

Elastic Security Labs General Apr 25

Monitoring Claude Code/Cowork at scale with OTel in Elastic

How Elastic's InfoSec team built a monitoring pipeline for Claude Code and Claude Cowork using their native OTel export capabilities and Elastic's OTel inges...

Elastic Security Labs →

Elastic Security Labs General Apr 21

The Cost of Understanding: LLM-Driven Reverse Engineering vs Iterative LLM Obfuscation

Elastic Security Labs explores the ongoing arms race between LLM-driven reverse engineering and obfuscation.

T1027

Elastic Security Labs →

Elastic Security Labs Campaigns Apr 14

Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT

Elastic Security Labs uncovers a novel social engineering campaign that abuses the popular note-taking application, Obsidian's legitimate community plugin ec...

T1204

Elastic Security Labs →

Elastic Security Labs General Apr 9

Elastic on Defence Cyber Marvel 2026: A Technical overview from the Exercise Floor

An overview of the Elastic Security and AI infrastructure deployed to support the UK Ministry of Defence's flagship cyber exercise, Defence Cyber Marvel 2026.

Elastic Security Labs →

Elastic Security Labs General Apr 4

Elastic Security Integrations Roundup: Q1 2026

Elastic Security Labs announces nine new integrations for Elastic Security spanning cloud security, endpoint visibility, email threat detection, identity and...

Elastic Security Labs →

Elastic Security Labs General Apr 2

Prioritizing Alerts Triage with Higher-Order Detection Rules

Scaling SOC efficiency through multi-signal correlation and higher-order detection patterns.

Elastic Security Labs →

Elastic Security Labs Supply Chain Apple Apr 2

How we caught the Axios supply chain attack

Joe Desimone shares the story of how he caught the Axios supply chain attack with a proof of concept tool built in an afternoon.

T1195

Elastic Security Labs →

Elastic Security Labs Malware Linux Apr 2

Hooked on Linux: Rootkit Detection Engineering

In this second part of a two-part series, we explore Linux rootkit detection engineering, focusing on the limitations of static detection reliance, and the i...

Elastic Security Labs →

Elastic Security Labs Supply Chain Apple Apr 1

Inside the Axios supply chain compromise - one RAT to rule them all

Elastic Security Labs analyzes a supply chain compromise of the axios npm package delivering a unified cross-platform RAT

T1195

Elastic Security Labs →

Elastic Security Labs Supply Chain Apple Apr 1

Elastic releases detections for the Axios supply chain compromise

Hunting and detection rules for the Elastic-discovered Axios supply chain compromise.

T1195

Elastic Security Labs →

«Previous page 1 2
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA