So milling around in some spam while on another research project, I started noticing something strange… how so many seemingly unrelated domains appeared in the Reply To address of the same spam campaign. I began digging into the domains for multiple campaigns and I am currently monitoring the behavior and
Thanks for stopping by and checking out our blog. Please feel free to share your knowledge, experience, and other tips, tricks, comments on the blogs. They’ll be reviewed for professionalism and posted accordingly.
This blog post is meant to be short, sweet and to the point so please forgive the brevity if you were looking for something in depth this time…. *THE LITTLE FISH* Many of us are trained to get the big fish, find the next cutting edge threat, defend against the
In the first part of this article, I gave some various examples of how InfoSec teams are structured to fail or at the very least function very inefficiently. Next we’ll talk about how to achieve a more effective *INTEL* team – and how it will enable the development of intelligence
As someone who’s been working on an OSINT project lately, I’ve had many surprises and hurdles because there’s poor organization to our execution and little to no information sharing between security functions in the same department. I recently got access to a very important piece of information/tool that resulted in
If you’ve ever heard me talk on OSINT one of the points I drive home is one I learned early from a colleague, Ian Amit (@iiamit) that if what you present doesn’t cause a change in behavior, it isn’t threat intel, it is intel/information. Here’s a story on how I
One of the single most important techniques/activities when gathering intelligence (i.e. intel) from open source repositories is analytic reading. The second is properly presenting data/intel with relevant context. ANALYTIC READING This isn’t the kind of reading you do in the summer with a children’s book and litter of rug rats gathered