Threat Intelligence – Hot Pursuit

Threat intelligence is a rapidly evolving field, and staying up-to-date is crucial for protecting yourself and your organization from cyber threats.

The nature of cyber threats is constantly changing, and new vulnerabilities and attack techniques are being discovered all the time. In order to stay ahead of the curve, it’s important to stay informed about the latest trends and developments in threat intelligence.

This means staying on top of the latest research, attending conferences and workshops, and building a network of like-minded professionals.

In this blog, we’ll explore the importance of staying current in the field of threat intelligence and provide tips and resources for staying informed and prepared.

Informers Ecosystem

Staying on top of things is not an easy task, especially if you are not used to this world. Now of course, no one expects you to be 24/7 on Darknet forums social engineering threat actors, but we do have to adopt a sort of an ecosystem that will surround ourselves with, that feeds us important things we need to know in our day to day pursuit for intelligence.

Social Media

One of the most important, yet risky sources is social media, especially Twitter.

We want to adopt some sort of mindset to get into Twitter couple of times a day to keep up with what people talks about, and by people i certainly means reporters, other researchers, developers, cyber enthusiasts, cyber security “celebs” and threat actors of course.

As a platform, Twitter gives us a lot of searching options that we can apply to find valuable information such as IOCs, news, threat actors compromised servers, overall opinions and much more.

In addition, in my personal experience, a lot of well know figures in our community are very friendly and will gladly share knowledge and explain things they write about. We can always engage with a conversation, asking questions and try to add to the topic for others to grow as well.

Another nice platform, that is more “formal” is LinkedIn, we can also find many resources, tools and conversations that may help us become more aware about anything that goes around us.

Podcasts

I highly encourage you to search for great podcasts that focuses on cyber security, espionage, and warfare in general. I know that cyber sec is not necessarily being used only at wars between countries, but the mindset of being able to read your opponent and play the mind games we need to play, is a great thing to adopt with time, and the best way to do it is by learning from others, and learning from history.

Two really great podcasts are The Ransomware Files, and the Lex Fridman Podcast. The latter is not always regarding cyber security and warfare, but the ones who do are really exciting and interesting.

Telelgram

Telegram is without a doubt the best platform to know things before they happen and to sometimes see things that threat actors are not willing to share in social platforms and such.

These days, Telegram became a great tool for threat actors and threat groups to announce things, recruit members, share leaks and much more.

It gives us the opportunity to talk and see who is behind the campaigns and operations we read about in the mainstream media – now of course that there are more exclusive Telegram groups and channels than others, but it is still a great place to start snuffing around our way to the truth, or at least what seems to be the truth.

Community

This is a tricky one. Community is a very generic things to say, we can have communities on Telegram, Twitter, Discord, Redit, wherever.

The idea is to stick to community that is driven by knowledge sharing and are ego free. What i mean by that is that there is a lot of cyber-focused communities that share personal blogs, cool findings, mutual projects, OSINT investigations, etc.

Try to find the one that is most resonated with you and contribute as much as you learn from it.

Marketplaces

This approach is more “hands on” as you can go to underground marketplaces and visit the darkweb to look for interesting findings, threat groups announcements and more.

The best way to know what’s going on in the underground is to visit the underground. In addition, some information will probably only be available there, we can’t always count on the cyber security community to surface interesting things from the darkweb on Twitter or Telegram. Some gems should be discovered alone.

To top