Silent Push Blog

Enrichment Ideas For Threat Feeds

We'll share our ideas here and please contact us and share your ideas with us.

High Value Malicious Domains

I was due to write a post outlining the characteristics we were seeing of what we call “High Value Malicious Domains” when a perfect set of examples hit the news  related to the Solarwinds breach.

 

I am using indicators here outlined …

Read More

Featured Post

Investigating Suspicious NameServers

Investigating Name Servers- evolving domains from suspicious to malicious. TeamTNT

 

Very few security products and services give enough consideration to the reputation and quality of the Name Server associated with domains they are looking at. We pick here a High Value Suspicious Domain and check what else …

Read More

Featured Post

Pivoting: finding malware domains without seeing malicious activity

It is part of the job of a threat actor to ensure the domains used in their campaigns blend in with the crowd and stay undetected for the duration of the campaign. It is part of the job of an analyst to spot such domains …

Read More

Featured Post

Threat Hunting using new characteristics for IOCs

 

TAGS: Threat Hunting, Actor Profiling, Pivoting, Building Threat Feeds

 

Intelligence Analysts as well as Security Analysts lost a lot of information when GDPR changed the content of WHOIS information by obscuring claimed registrant details.

 

In order to reclaim some characteristics to help build attacker TTP …

Read More

Featured Post

More LodaRAT infrastructure targeting Bangladesh uncovered

More LodaRAT infrastructure targeting Bangladesh uncovered

Last week, Cisco Talos published a blog post with new research on LodaRAT. Apart from updates to the Windows version of this malware, the …

Read More

Featured Post

Mission and Policy

Silent Push Mission

The mission of this organization is to improve the use and usefulness of threat intellligence across the security space. We wish to help organizations defend themselves in a clearer manner and with more information to help them understand the intelligence they are using and its …

Read More

Featured Post