Semi-Automated Cyber Threat Intelligence (ACT) is a research project led by mnemonic as with contributions from the University of Oslo, NTNU, Norwegian Security Authority (NSM), KraftCERT and Nordic Financial CERT. The main objective of the ACT project is to develop a platform for cyber threat intelligence to uncover cyber attacks, cyber espionage and sabotage. […]
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats. The structuration of the data is performed using a knowledge schema based on the STIX2 standards. It has been […]
An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources, extract meaningful information such as malicious IPs/domains and YARA signatures, and […]
Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in network and applications. It helps for the collection and analysis of information about current and potential attacks that threaten the safety of an organization or its assets. Here you can find the Comprehensive Threat Intelligence Tools list that covers Performing […]
FireEye released a Free automated analysis tool FLASHMINGO, which enables malware analysts to detect suspicious flash samples and to investigate them. The tool integrates various analysis workflows as a stand-alone application or as a powerful library and it can be extended via Python plug-ins. Adobe flash remains as the most exploited software by attackers, it […]
With 4.312 billion users in the world, comprising 55.6% of the global population, the Internet has become an everyday center hub for almost all human events and actions. Be it for entertainment, information, remote computing, communication and many aspects of 21st century lifestyle. Across the board the most common operating systems with consumer devices in […]
OSINT tool, CLI Tool For Open Source And Threat Intelligence Install You can simply pip install the tool: pip3 install git+http://[email protected]/Te-k/harpoon –process-dependency-links Optionally if you want to use the screenshot plugin, you need phantomjs and npm installed: npm install -g phantomjs To configure harpoon, run harpoon config and fill in the needed API keys. Then run […]
Threat intelligence chat bots are useful friends. They perform research for you and can even be note takers or central aggregators of information. However, it seems like most organizations want to design their own bot in isolation and keep it internal. To counter this trend, our goal was to create a repeatable process using a […]
gOSINT is a small OSINT framework in golang, it’s actually in development and still not ready for production if you want, feel free to contribute! What gOSINT can do Find mails from git repository Find Dumps for mail address Search for mail address linked to domain/mail address in PGP keyring Retrive Info from domain whois (waiting to […]
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don’t have to. Yeti provides an interface for humans (shiny Bootstrap-based UI) and one for machines (web API) so that […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
The telecommunications industry keeps the world connected. Telecoms providers build, operate and manage the complex network infrastructures used for voice and data transmission – and they communicate and store vast amounts of sensitive data. This makes them a top target for cyber-attack. According to PwC’s Global State of Information Security, 2016, IT security incidents in […]
Is America’s new Cyber Threat Intelligence Integration Center a step forward? Or a duplication of the National Cybersecurity and Communications Integration Center at DHS?
The White House is creating a new agency to help counter cyberthreats, analyzing intelligence from around the government so it is better equipped to deal with attacks.
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case […]
Google has announced that it’s expanding its Vulnerability Rewards Program (VRP) to compensate researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. “Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or […]
RITA is an open source framework for network traffic analysis. The framework ingests Bro/Zeek Logs in TSV format, and currently supports the following major features: Beaconing Detection: Search for signs of beaconing behavior in and out of your network DNS Tunneling Detection Search for signs of DNS based covert channels Blacklist Checking: Query blacklists […]
The Anonymous is on the warpath. This time, however, the battle is between the Indonesian and Australian division of the group. In a video posted this weekend on YouTube where Anonymous Australia left a message for Indonesian hackers, expressed in following words: Indonesian, cease attacks on civilian sites in Australia and there will be a cyberwar. “And you do not want that, […]