Actor engagement and physical security intersect when active shooter situations or heightened security threats are targeted against executives or physical locations. Naturally, the topic of...
Incident Response and extended investigations need storytelling functionality. Westward.ai’s innovation in event query languages is discussed laced with candor, history, and strange hacker lore. The...
Nico, (dutch_osintguy) shares his origin story along with war stories old, and new. Topics the following: Leadership seems to want visualization, analyst don’t care. Discussions evolve about how...
2020 will be eventful and likely one of the most historical years containing change, balancing the tension between change, conflict, and hopefully peace in a long time. When reflecting on the...
On September 11th, 2012, US embassies had been hit with attacks known as the “Benghazi Attacks.” In online correlation, attacks that had been referenced as “Operation Ababil” had begun as a supposed...
In my last entitled Illuminating Context with Timeline Analysis, I gave a rough sketch of the basics. In this post I will share a few specifics. The primary point to drive home is there won’t ever...
Every investigation is different, but what never changes is how you have to treat an investigation much like the challenge of building something with a bucket of Legos. With each bread crumb, you...
DEF CON 26, Intel CTF (iCTF) had more participants than any other capture the flag challenge. With over 100 teams showing up, a select few escalated to the top of the heap showing off their skills,...
If the world has a plethora of investigators and the success of prosecutors is hovering around 90% success rate — why do we struggle with an increase in more complex crime, a rise in international...
In “Understanding Link Analysis and Using it Investigations,” I detailed how to get started and some fundamentals on link analysis. What I didn’t cover was how long you should be involved in the...
I started using link analysis for investigations somewhere around 2009/2010 when we were developing the first version of SocialNet. A longtime friend, Roelof from Paterva, shared his vision for a...
Yesterday, Matthew Meltzer, Sean Koessel, and Steven Adair @ Volexity released an excellent write-up on the Indian APT group known as Dropping Elephant. The Volexity article detailed attacks against...
When most security pros think of threat intelligence, they think of cyber crime – tracking down hackers and cyber criminals aiming to compromise networks to exploit credit card information,...
It was the end of 2010. The Packet Ninjas’ team (the predecessor of ShadowDragon) had been making mad dashes on application assessments and penetration tests while deployed to a nowhere...