This is a review of one of the new generation continuous security monitoring solutions. They have been evolving from a reactive to a proactive approach, today we call them threat hunting platforms. Sqrrl combines outstanding visualization capabilities and strong cyber analytics models to make threat hunting and incident detection a walk in the park. To…
Category: Theat Intelligence
How to define and build an effective Cyber Threat Intelligence Capability by Henry Dalziel and Eric Olson.
Have you heard all the buzz around threat intelligence? This book will explain CTI in plain english. It is a very simple book to read and I believe it is not only useful for technical people but also for Managers and Sales. Whether you need to implement a threat intelligence program or sell your organization’s…
Memory Forensics with Vshot and Remnux (rogue process identification,2)
We start this post where we left the first one, we are moving now into the analysis phase once we have parsed the memory dump with Volatility and the Vshot script included in Remnux. The current script version 4.01 is running 44 plugins against the memory dump. Let’s have a quick look at the plugins…
Paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
This is an 11 page white paper that goes through the current challenges faced by researchers to attribute cyber attacks. It goes through the current techniques such as, Timestamps Strings, debug and metadata Malware families, code reuse Threat infrastructure used It also present some of the most advance APT’s and their potential origin and techniques believed…
