Page 20 – Silent Push

Workshop – Scanning Dark Web Infrastructure to Detect Hidden Threats With Silent Push

May 13, 2025/in News, Webinars/by Charlotte Pawson

Join us for an interactive online session designed for those new to threat hunting in the Silent Push platform.

You know the dark web is full of threats — but can you turn what you find into actionable intel?

Join us for a live workshop on how to scan (not just monitor) the dark web with the Silent Push free Community Edition. Learn how to uncover hidden criminal infrastructure, link .onion sites to real-world activity, and trace APT behavior across the open and dark web.

Date: 29 May 2025
Time: 12pm ET
Location: Online – Zoom
Requirements: Silent Push free Community Edition | Sign-up here

Ready to dive deeper into the world of preemptive threat intelligence? Begin your journey with the Silent Push free Community Edition today.

What is Proactive Threat Hunting?

May 13, 2025/in Blog/by Gareth Howells

In the modern threat landscape, reacting to cyber attacks AFTER they’ve occurred is simply not good enough. Waiting for alerts to drop, and chasing incidents, leaves critical gaps in an organization’s cyber defenses. SOC and IR teams need to take a proactive approach to threat hunting, and focus on anticipating and neutralizing threats before they cause harm. This, however, is not an easy fix.

Let’s look at proactive threat hunting in an operational capacity, and how Silent Push facilitates early attack detection.

Reactive vs. Proactive Threat Hunting

Traditional IOC-based security models rely heavily on detection-and-response workflow – a system triggers an alert, analysts investigate, mitigation steps follow. While important, this process is inherently reactive – the attack is already underway, or worse, already successful.

Proactive threat hunting flips the script.

It’s about actively searching for unknown threats, identifying adversarial infrastructure, and disrupting attack campaigns early. It involves deep analysis of external signals – such as newly registered domains, anomalous certificate issuances, and links between hosting clusters – long before a threat actor launches a phishing campaign, spins up a malware server, or exploits a vulnerability.

Adopting a proactive stance shortens the attack window dramatically, and can prevent incidents altogether.

Proactive Threat Hunting as a Preventative Measure

Most cybersecurity strategies today are like smoke detectors in a building. They’re important – they alert you when something bad has already started, like a fire breaking out. But by the time the alarm sounds, smoke is filling the room, and damage is already being done. The best you can hope for is a fast response to minimize loss.

Proactive threat hunting, on the other hand, is more like fire prevention.

It’s about identifying and fixing the faulty wiring, removing flammable materials, and enforcing safety measures before a fire ever ignites. Rather than waiting for the warning signs of an active threat, proactive hunters are focused on detecting the early indicators – the unsafe conditions – and stopping incidents from happening at all.

At Silent Push, we empower organizations to practice this kind of cyber “fire prevention”, by offering the most comprehensive DNS and content-based threat intelligence database available anywhere in the world.

Our first-party dataset delivers finished SOC and IR intelligence across your organization’s security stack, that minimizes the need for manual pivots and provides high-confidence telemetry that helps to reveal the full extent of any given attack surface.

By monitoring newly registered domains, on-page content and domain metadata, malicious hosting activity, and other signs of infrastructure deployment, we help organizations detect the conditions for an attack while it’s still in the planning stage – long before traditional tools would trigger any alerts.

Why settle for reacting to fires when you can stop them from ever starting?

Key Elements of Proactive Threat Hunting

External Visibility: Proactive hunters look outside the perimeter to monitor attacker activity in the wild. They track threat infrastructure across the open internet to catch adversaries in their preparation phases.

Threat Attribution: By analyzing patterns in domain registration, hosting choices, SSL certificate use, and other artifacts, SOC and IR teams can attribute infrastructure to specific threat actors or malware families.

Automation and Scale: Threats evolve quickly, and across massive scale. Effective proactive hunting depends on automated analysis and data enrichment to spot connections human analysts might miss.

Preemptive Disruption: The goal is not just to detect but to neutralize threats before they can mature into full-blown attacks – blacklisting infrastructure, notifying partners, or otherwise hardening defenses in advance.

How Silent Push Empowers Proactive Threat Hunting

Silent Push was founded on the belief that the future of cybersecurity lies in preemptive intelligence.

Our platform is built specifically to support proactive threat hunting at scale, with IOFA™ and proprietary attacker fingerprinting that uses an adversary’s own TTPs against them to reveal pre-attack patterns and management techniques.

Here’s how we enable defenders to stay ahead of emerging threats:

Comprehensive Attack Surface Monitoring

We provide SOC and IR teams with unmatched visibility into emerging infrastructure – domains, subdomains, IPs, SSL certificates, and more – tied to adversarial activity. Silent Push tracks changes across the internet in real-time, helping you spot an attacker’s behavior before they target your organization.

Threat Infrastructure Attribution

Silent Push correlates global infrastructure signals with historical threat actor patterns, campaign fingerprints, and malware infrastructure to anticipate adversary deployment patterns, and provide teams with a cyber early warning system.

This allows defenders to not only detect risky assets, but attribute them to specific actors or attack trends – a critical advantage in proactive threat modelling.

Finished IOFA™ Intelligence

Rather than feeding you yesterday’s news, Silent Push delivers forward-looking IOFA™ intelligence (including curated IOFA Feeds™) that’s designed to be immediately actionable across a range of cybersecurity workflows.

Our first party datasets reveal emerging threats weeks or even months before traditional threat feeds catch them, giving your teams the time and space they need to neutralize risks before exploitation occurs, without endless pivots and secondary investigations.

Custom Threat Hunting and Discovery

Our flexible APIs and enrichment tools allow SOC and IR teams to run custom queries against massive datasets, pivot between artifacts, and uncover hidden infrastructure links that traditional monitoring would miss.

Whether you’re tracking a specific malware family, ransomware group, or suspicious TTP, Silent Push gives you the proactive threat hunting tools to locate infrastructure smarter and act faster.

Speed and Scale

In a world where attackers move fast, you need data at machine speed. Silent Push is engineered for rapid threat discovery at scale – empowering even small security teams to perform work that once required entire threat intel units.

Get in touch and learn how you can close critical gaps in your cyber defenses

Attackers today are faster, more automated, and are increasingly leveraging modern Internet services (e.g. Ransomware-as-a-Service platforms and cloud hosting) to deploy and launch their campaigns

Relying solely on post-incident response means that you’re always playing catch-up. Organizations that invest in proactive threat hunting are not just defending themselves – they are building resilience, reducing costs, and protecting their brand reputation.

Contact us to learn how Silent Push can transform your proactive defense strategy, and help you stop attacks before they’re launched.

Tim Cook’s Apple iToken Ad Is A Con, X Users Warned

May 13, 2025/in News Davey Winder/by Jaime Wong

Scattered Spider Malware Targets Klaviyo, HubSpot, and Pure Storage Platforms

May 9, 2025/in News Aman Mishra/by Jaime Wong

Risky Bulletin: France says Russian influence operations are getting better, achieving results

May 9, 2025/in News Catalin Cimpanu/by Jaime Wong

TCP #86: Top Startups, Events, Swag, and Booths at RSAC 2025

May 9, 2025/in News Darwin Salazar/by Jaime Wong

New Attack Exploits X/Twitter Ad URL Feature to Deceive Users

May 9, 2025/in News Aman Mishra/by Jaime Wong

New Attack Exploiting X/Twitter Advertising Display URL Feature to Trick Users

May 9, 2025/in News/by Jaime Wong

Silent Push Events: April 2025

May 8, 2025/in Blog/by Gareth Howells

RSA, San Francisco, April 28-May 1

Last week, we were at the Moscone Center in San Francisco for the world’s largest cybersecurity event, RSA, along with 45,000 professionals from across the globe, to explore emerging threats, share innovations, and shape the future of digital defense.

Our conversations with CISOs, industry leaders, threat analysts, and security architects, expressed a growing need for earlier visibility into adversary infrastructure.

RSAC 2025 featured the latest trends in threat intelligence, AI-driven security, and proactive defense strategies.

Following our company announcement outlining significant updates to our Threat Intelligence module, our executives met with journalists from the Wall Street Journal, CSO Magazine, and ChannelE2E/MSSP Alert to discuss the cybercrime landscape, our work with the World Economic Forum Cybercrime Atlas Group, and the challenges organizations face to locate and block malicious infrastructure as it’s being set up.

Read about our RSA media coverage in various outlets:

Security Infowatch

MSPAlert

Security Week

Security Brief

BSides, San Francisco, April 26-27

Held at City View at the Metreon in San Francisco, this year’s BSides was themed “Here Be Dragons” – a perfect fit for the kinds of tough, uncharted challenges security teams are facing right now.

Our Senior Threat Analyst, Zach Edwards, gave a talk titled “A Deep Dive into the Triad Nexus Pig Butchering & Money Laundering Network.” He demonstrated how Silent Push helps security teams spot the infrastructure behind major fraud operations as it’s being built, giving defenders a much earlier shot at stopping attacks.

Read Zach’s research here.

It was awesome to connect with so many red teamers, blue teamers, and threat researchers throughout the weekend. The conversations we had highlighted how critical it is to move faster and detect bad infrastructure before it’s fully operational.

FIRST Berlin, Germany, April 21-23

We were at the Mercure MOA Hotel Berlin, for FIRST Berlin. Our Chief Revenue Officer, David Troha, delivered a welcome speech, setting the tone for three days of technical discussions and community building.

As a premier gathering of global incident response and threat intelligence professionals, the event promotes collaboration, innovation, and the sharing of best practices to strengthen the cybersecurity community’s ability to detect and stop threats.

David emphasized the growing importance of early detection and the critical role of infrastructure intelligence in staying ahead of increasingly sophisticated adversaries, which is central to what we’re trying to achieve at Silent Push.

Throughout the event, our conversations with CSIRTs, PSIRTs, and intelligence teams reinforced the urgency of proactive threat detection.

SANS Nationals, Orlando, April 13-18

SANS Nationals is the SANS Institute’s flagship cybersecurity training and networking event, that aims to build stronger, more resilient security teams.

During the event in Orlando, our Threat Analyst João Ferreira gave a well-attended seminar on “Advanced Techniques for Detecting New Malicious Infrastructure”, which showcased how Silent Push empowers security teams to proactively identify adversary infrastructure at the earliest stages – as it is being deployed, not after an attack has already occurred.

Our platform’s ability to map and detect emerging threat infrastructure resonated strongly with attendees. Conversations with security engineers, threat hunters, and SOC leaders revealed a growing demand for solutions that move beyond reactive detection.

Engaging with the SANS community provided us with valuable feedback on how organizations are evolving their security postures, and reinforced the critical need for TTP-led detection strategies.

National Cybersecurity Show, UK, 8-10 April

We started off the month at the National Cyber Security Show 2025, which took place at the National Exhibition Centre (NEC) in Birmingham, UK.

The event brought together cybersecurity professionals, industry leaders, and technology innovators to explore the latest solutions, trends, and strategies in cybersecurity.

Our CEO, Ken Bagnall, delivered a keynote speech on “Finding Adversary Infrastructure before the attack: Future-based threat intelligence”.

Our team had the opportunity to network, participate in insightful seminars, and discuss cutting-edge technologies, such as our own platform, that are designed to protect UK businesses and individuals from evolving cyber threats.

Come and see us at Healthcare ISAC in Florida, at Booth 49

The Silent Push team will be at the Health-ISAC 2025 Spring Americas Summit, from May 19 -23 at the Naples Grande Beach Resort in Naples, Florida.

Themed around “Creating Safe Harbors”, the summit serves as the premier gathering for healthcare cybersecurity professionals, focusing on enhancing the security and resilience of the healthcare sector.

Stop by Booth 49 to see the Silent Push platform in action, with our Chief Revenue Officer, David Troha, and Director of Sales Engineering, Maulik Limbachiya.

Join our community and start revealing unknown threats today. Get in touch here to schedule a meeting.

Novel scam spoofs CNN and impersonates Apple within one ad on X

May 8, 2025/in News Ernestas/by Jaime Wong