I was due to write a post outlining the characteristics we were seeing of what we call “High Value Malicious Domains” when a perfect set of examples hit the news related to the Solarwinds breach.
I am using indicators here outlined …
… Read MoreI was due to write a post outlining the characteristics we were seeing of what we call “High Value Malicious Domains” when a perfect set of examples hit the news related to the Solarwinds breach.
I am using indicators here outlined …
… Read More
Very few security products and services give enough consideration to the reputation and quality of the Name Server associated with domains they are looking at. We pick here a High Value Suspicious Domain and check what else …
… Read MoreIt is part of the job of a threat actor to ensure the domains used in their campaigns blend in with the crowd and stay undetected for the duration of the campaign. It is part of the job of an analyst to spot such domains …
… Read More
TAGS: Threat Hunting, Actor Profiling, Pivoting, Building Threat Feeds
Intelligence Analysts as well as Security Analysts lost a lot of information when GDPR changed the content of WHOIS information by obscuring claimed registrant details.
In order to reclaim some characteristics to help build attacker TTP …
… Read MoreLast week, Cisco Talos published a blog post with new research on LodaRAT. Apart from updates to the Windows version of this malware, the …
… Read MoreSilent Push Mission
The mission of this organization is to improve the use and usefulness of threat intellligence across the security space. We wish to help organizations defend themselves in a clearer manner and with more information to help them understand the intelligence they are using and its …
… Read More