Thirdeye Intelligence

If cyber threats had a most-wanted list, Chip would be the detective cracking the case! My blog dives deep into the world of cyber intelligence, unraveling attacks, trends, and security tactics with a mix of wit and wisdom. Whether you’re a seasoned pro or just cyber-curious, expect insights that pack a punch—no fluff, just the good stuff!

Bob and Chip Talks Cyber Comics
The 5W Wire
LinkedIn

  • Cyber Threat Intelligence. Is it for me?

    Readers! I have been working as a Cyber Threat intelligence area from quite a long time and today I want to talk about a question that I often get asked. Do we need Cyber Threat Intelligence? With this article I will try to answer as much as I can based… Read More ⇢

    Cyber Threat Intelligence. Is it for me?

  • Gathering Information about targets

    Part II Once the target is identified/determined attackers begin their tasks. Now we must understand, to launch an attack or gather information, they will rely on the available tools and capabilities that they have. As per my previous post targets are also determined based on the tools that they can… Read More ⇢

  • Profiling the adversary : Target Determination

    Readers! As mentioned on my recent LinkedIn update, this is the first blog article in this series about what our adversaries do and from their objectives/actions how a target can learn. Executives or higher management asks mostly following questions : What is current threat landscape ? How do we protect… Read More ⇢

  • Yet another WanaCry Ransomware – Analysis

    Recently, organizations are being targeted with new ransomware labelled as WanaCry. Being curious, I downloaded the sample to understand how the malware actually behaved. The tests were performed on VM connected to internet and NOT connected to the internet. In both tests, machine was successfully infected. Sample analysed : 84c82835a5d21bbcf75a61706d8ab549… Read More ⇢

  • PowerShell : Tool for Admins and Adversaries

    Readers! From last couple of weeks I have been doing some analysing of malware. Mostly, are via phishing attempts. What our adversaries are doing is to first gain easy access to the machine via phishing and creating background processes that calls the compromised domains that downloads the executable, packed with… Read More ⇢

  • Finding Evidence of Data Exfil – USBStor artefacts

    Readers! Last year one of the member on SANS DFIR posted a question with regards to identifying whether there was any data leakage occurred in the environment via a USB thumb drive. As for the evidence investigator had USBStor artefacts. Shell bag analysis(TZ Works sbag) showed a large number of… Read More ⇢

  • Hash Values – A Trivial Artefact

    Readers! Merry Christmas and Happy new year to all. The days of holiday spam and vendor predictions are here. Here I am spending summer afternoon watching TV and writing on my blog. As I am bit lazy during holidays I am posting something simple. The post is about HASH values… Read More ⇢

  • SANS FOR578 Cyber Threat Intelligence – Course Review

    Readers!!! Advanced greetings for Christmas. Before I start make sure to check out SANS Holiday Hack Challenge here. Recently, I was honoured to attend one of the SANS course For578 – Cyber Threat Intelligence. SANS instructor was one of the best in business Robert M. Lee. My reason to attend… Read More ⇢

  • Evoltin POS Malware – Kill Chain Mind Map

    Readers!!! Its been quite a while I have updated my blog posts, due to me spending  some quality time off the work and being with family. Recently, was honoured to attend SANS FOR578 Cyber Threat Intelligence course taught by Robert M. Lee and it was excellent. I will be writing… Read More ⇢