Thirdeye Intelligence

If cyber threats had a most-wanted list, Chip would be the detective cracking the case! My blog dives deep into the world of cyber intelligence, unraveling attacks, trends, and security tactics with a mix of wit and wisdom. Whether you’re a seasoned pro or just cyber-curious, expect insights that pack a punch—no fluff, just the good stuff!

Bob and Chip Talks Cyber Comics
The 5W Wire
LinkedIn

  • Ho Ho Ho – Here comes the spam/phish

    Merry Christmas and Happy New Year to all ! I thought to start the new year with a blog with regards to spam from Australian Giants – Woolworths, JB HiFi, Flight Centre, Bunnings etc. Although, we are on holidays, attackers/hackers are not. Holiday time is in fact very good time… Read More ⇢

  • Heap Spray attempts : Compromised site http://www.efendim.net

    On a Saturday evening I spent some time in upgrading my MacBook Pro with an SSD. The only SSD I had was having security Onion built on it. So I fired up the best NSM OS and tested. Is that during the test I found a compromised site – http://www.efendim.net. My SQUIL… Read More ⇢

  • Information Gathering – Then, Now and Why ?

    Information gathering is considered first and most important part before launching any types of attacks, hacking or penetration testing. Information gathering is known by several names – Reconnaissance, Intelligence assessment, surveillance etc. The better an attacker/analyst is in information gathering with regards to the target the better he/she can exploit… Read More ⇢

  • Installing/running TOR on Linux distros

    TOR – The onion routing – famous for anonymity. TOR browser gives user an edge to be anonymous while browsing. Installing TOR on windows box is easy but in linux especially as  root user there are some issues. Following errors I faced to execute or open TOR browser : 1.… Read More ⇢

  • A interesting email – FROM field empty

    Received a interesting email yesterday from Mr. Gordon Hills from London who wanted me to be partner and 5 Million dollars will be released to me. Sometimes does feel like someone should give me money 🙂 The email seems to be a template and this could be a broadcast on… Read More ⇢

  • Comand line use to check IP reputation

    Looking for reputation of an IP address is one of the most frequent task of an SOC analyst. There are number of online tools and script that does the task. However, I always used command line to identify whether a IP address is blacklisted on any blacklist. The reason is… Read More ⇢

  • Westpac Spam and an approach to STIX language

    In my previous post regarding Westpac phishing mail, I mentioned associated domain and IP address. Recently, I am diving into the threat intelligence and especially how to share information about my finding with the rest of the world beside the blog. I ventured into understanding STIX – Structured Threat Intelligence… Read More ⇢

  • Westpac spam email – You have new notification

    Malicious or spam emails are frequent but one of the best ways to get a system/host infected. Recently I received an email from one of the Big 4 banks of Australia – Westpac. Very first thing was I am not a customer so definitely it was a phishing scam. Actual… Read More ⇢

  • An email from UN – attachment ATM_CARD_1.doc – IRREVOCABLE PAYMENT ORDER VIA ATM CARD

    Received an email from UN@ – no email domain on the sender list and that’s why my email identified as spam. Attachment was a doc file – ATM_CARD_1.doc – Checked various websites (malwr.com, virustotal, shodun) but no information about mentioned DOC file. MD5 : 2134a6afb12a5a2bcdd77b09e43a8e29 – not reported. Uploaded the… Read More ⇢