If cyber threats had a most-wanted list, Chip would be the detective cracking the case! My blog dives deep into the world of cyber intelligence, unraveling attacks, trends, and security tactics with a mix of wit and wisdom. Whether you’re a seasoned pro or just cyber-curious, expect insights that pack a punch—no fluff, just the good stuff!
-
Actor types
Following mind-map shows actor types Script Kiddie Unskilled individuals who use programs developed by others to attack computer systems Attributes : Attributes Internal/External: External to their target Level of Sophistication: Typically have limited resources. Resources/Funding: The amount, sophistication, and extent of their attacks is constrained. Intent/Motivation: Motivated by prestige. Hacktivist… Read More ⇢
-
Post #2 Intelligence Life Cycle – Collection
The collection phase helps respond to Intelligence requirements (including PIRs) and supports decision-makers and the Intelligence team. In this phase, the Intelligence team can develop a strategy to collect data directly related to the requirements. The data can either be sourced internally or externally. Question PIR IR Sources What or where… Read More ⇢
-
Post #1 Intelligence Life Cycle – Planning & Direction – Intelligence Requirements
Happy New Year to all, and let’s hope the year 2022 brings us good things. Unfortunately, 2021 was a bit hectic, which impacted my blog writing. So with this new year, I wanted to keep writing and start with one of my favourite topics – Intelligence. The post (hopefully others)… Read More ⇢
-
Marketplace Update #1 – An Australian logs based Fraud Store
Readers! Its been almost a year so apologies for not being proactive. Will now try and publish at-least once a week. Recently, I came across a marketplace or a store called A1 FRAUDSTORE offering multiple compromised/stolen data related to Australian individuals. Drivers Licence/Medicare/Passport Scans – Used heavily for identity takeover… Read More ⇢
-
Fake New Order on Hold serving Formbook Stealer
Our research team has identified a campaign in wild serving Formbook stealer. Based on the email content and sender it seems targeted towards UK. Below is the screenshot of the email body. Email Attachment – Scan 1722020 pdf.zip Hash – e5eb58f54fa93643b576611712afcf27 Zipped Exe – Scan 1722020 pdf.exe – Any.Run Hash… Read More ⇢
-
Gozi ISFB RM3 and Me : A Diamond Model Approach
Readers! Few weeks back I was invited to present at Malware and Reverse Engineering conference (MRE) and topic I chose to present is my understanding and research of Gozi ISFB over the years that is being noticed globally, with specific concentration on threat group operations in Australia. Purpose of my… Read More ⇢
-
Cyber Threat Intelligence. Is it for me?
Readers! I have been working as a Cyber Threat intelligence area from quite a long time and today I want to talk about a question that I often get asked. Do we need Cyber Threat Intelligence? With this article I will try to answer as much as I can based… Read More ⇢
-
Gathering Information about targets
Part II Once the target is identified/determined attackers begin their tasks. Now we must understand, to launch an attack or gather information, they will rely on the available tools and capabilities that they have. As per my previous post targets are also determined based on the tools that they can… Read More ⇢
-
Profiling the adversary : Target Determination
Readers! As mentioned on my recent LinkedIn update, this is the first blog article in this series about what our adversaries do and from their objectives/actions how a target can learn. Executives or higher management asks mostly following questions : What is current threat landscape ? How do we protect… Read More ⇢