It’s been a while since I wrote the first post on Threat infrastructure and I believe it will be beneficial for you to first go through it, if you have not done it yet. This will set the context to understand the issues we are trying to solve here. The first post explained how attackers…
Tag: threat infrastructure
Hunting down Threat Infrastructure (1)
In this two article series, I am going to explain how to spot anomalous activity in proxies and DNSÂ queries coming out of your network. Additionally, I am also explaining how to recognize suspicious threat infrastructure, what elements you need to pay attention to, how this infrastructure behaves, what are the challenges for the defender and…
Security Intelligence: A Practitioner’s Guide to Solving Enterprise Security Challenges
This is another awesome book I recently found trying to validate some knowledge for my next blog post. This is the definitive book to understand today’s malware distribution networks and how they operate. I have spent a considerable amount of time researching and working with technologies aimed at recognizing Malware Delivery Networks and this is…