Introduction This is the second blog in the ‘Classifying Malicious Domains’ series, which aims to give insight into how to we at Tiberium use our knowledge of attacker’s techniques, tactics, and procedures to detect attacks before they occur. Today we’re going to talk about ‘dodgy’ looking domains – that is a domain that looks more like a plate of alphabet soup than a bona fide website. An early tl;dr … Read more
Microsoft has identified (more) Nation-State supply chain attacks We all know about supply chain attacks, the most recent example being the Solarwinds/FireEye debacle in which parties third, outed as the Russian state-sponsored APT-29 group (also called Nobelium) by none other than the FBI and associated American Government departments (they have so many, it’s too confusing). The long and short of these … Read more
How will SASE, SOAR, Zero Trust and SIEM technologies shake out? If you have been reading this blog regularly, read our note on, or visited Microsoft, Cisco etc. conferences you will be aware of the terms Zero Trust, SASE, SOAR and SIEM. In this blog, we explain (in summary, trying not to fall asleep) what … Read more
At least if you get patching The start of Autumn is always a quiet time for us Cyber bloggers. Presumably having taken time off over the summer to rest and recuperate on their islands with flip-top Volcano lairs or Yachts with a submarine, plane and another boat inside therm, we think that this must be planning … Read more
Using TTP-based intel to classify malicious domains Introduction This blog series will show how Tiberium harnesses intel around attackers’ tactics, techniques, and procedures to classify malicious domains as part of our FROST and MYTHIC 24/7 MSSP services. Preventative security is cool. Having the ability to think several moves ahead of an attacker, identifying their presence while they still think they are invisible, and manning the barricades … Read more
I can’t call Grandma! Facebook was down Apart from members of the Sentinelese, the most isolated people on the planet, and we are pretty sure that at least one of them will be on TikTok or YouTube, you will have noticed that Facebook, WhatsApp, and Instagram were down on 04/10/21 from about 15:50 UTC until 21:20 UTC. That would be a pretty major … Read more