Identify High Value Malicious Domains
We'll share our ideas here and please contact us and share your ideas with us.
Very few security products and services give enough consideration to the reputation and quality of the Name Server associated with domains they are looking at. We pick here a High Value Suspicious Domain and check what else …… Read More
It is part of the job of a threat actor to ensure the domains used in their campaigns blend in with the crowd and stay undetected for the duration of the campaign. It is part …… Read More
TAGS: Threat Hunting, Actor Profiling, Pivoting, Building Threat Feeds
Intelligence Analysts as well as Security Analysts lost a lot of information when GDPR changed the content of WHOIS information by obscuring claimed registrant details.
In order to reclaim some characteristics to help build attacker TTP …… Read More
Silent Push Mission
The mission of this organization is to improve the use and usefulness of threat intellligence across the security space. We wish to help organizations defend themselves in a clearer manner and with more information to help them understand the intelligence they are using and its …… Read More
Earlier this week, the DFIR Report published an interesting analysis of an intrusion with the notorious SodinokibiREvil ransomware. The intrusion used IcedID as the initial access broker: many ransomware actors use another malware campaign to gain access to an internal …… Read More