Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/bd/3d/11/bd3d1187-8de1-88c5-199c-8c4f13ffa0ae/mza_16560012528869136015.jpg/600x600bb.jpg

Everyday Cyber

Alex Reid

11 episodes

1 week ago

Everyday Cyber is your weekly guide to mastering cybersecurity — from real-world threats to real career growth. Hosted by cybersecurity analyst Alex Reid, this podcast delivers clear, actionable insights for anyone looking to stay safe online and break into the cyber industry. Whether you're a beginner exploring the field, prepping for certifications like Security+, SC-200, or aiming to land your first SOC analyst role — Everyday Cyber has your back. Each episode covers: Breaking down phishing attacks, ransomware, and real-world threats Blue team strategies and

Technology

RSS

All content for Everyday Cyber is the property of Alex Reid and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44019277/44019277-1751810299545-229344e93dc64.jpg

Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6

Everyday Cyber

50 minutes 43 seconds

4 months ago

Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6

🧠 Episode 6 – Everyday Cyber Podcast
In this episode, Alex Reid explores how cybersecurity analysts use timeline analysis to investigate intrusions, uncover malware, and detect threats at scale. This hands-on walkthrough reveals how modern blue teams reconstruct attacks across hundreds of endpoints using tools like log2timeline, YARA, capa, and more.

You’ll learn the full process from enterprise threat hunting to deep-dive forensic timeline building — including malware detection, IOC stacking, and how to pivot around suspicious activity.

🔍 Key topics covered:

The 3-phase model: Threat Hunting → Triage → Deep-Dive Forensics
Occurrence stacking, outlier detection, and IOC hunting
Detecting malware using tools like Sigcheck, maldump, and capa
Writing YARA rules and matching malware capabilities to MITRE ATT&CK
Filesystem timelines vs. super timelines — when to use each
Using log2timeline, Plaso, Timeline Explorer, and Timesketch
How to scale timeline analysis across multiple compromised systems
Practical insights for analysts, DFIR teams, and blue teamers

timeline analysis

threat hunting

malware detection

YARA rules

log2timeline

plaso forensic tool

capa malware analysis

digital forensics podcast

DFIR workflow

ioc hunting

sigcheck malware scan

timeline explorer

timesketch tutorial

fileless malware detection

endpoint forensics

blue team tactics

incident response timeline

cybersecurity tools

forensic timeline building

everyday cyber podcast