ShadowDragon Podcast #08 - Blake Butler Interview | Active Shooters, Actor Engagement, and Hack Back
Actor engagement and physical security intersect when active shooter situations or heightened security threats are targeted against executives or physical locations. Naturally, the topic of...
ShadowDragon Podcast #05 - Westward.AI,Incident Response, Long Time Investigations Need Story Telling & Innovation in Event Query Languages.
Incident Response and extended investigations need storytelling functionality. Westward.ai’s innovation in event query languages is discussed laced with candor, history, and strange hacker lore. The...
Exploring OSINT, War Stories & OSINT with (Nico Dekens) Dutch_OSINTguy
Nico, (dutch_osintguy) shares his origin story along with war stories old, and new. Topics the following: Leadership seems to want visualization, analyst don’t care. Discussions evolve about how...
What Will OSINT/PAI and Collection at Scale Look like for 2020?
2020 will be eventful and likely one of the most historical years containing change, balancing the tension between change, conflict, and hopefully peace in a long time. When reflecting on the...
Iran Hype - Past and Present Recollections and Historical Lore on Iranian Al-Qassam Cyber Fighters Assault on US Banks in 2012/2013
On September 11th, 2012, US embassies had been hit with attacks known as the “Benghazi Attacks.” In online correlation, attacks that had been referenced as “Operation Ababil” had begun as a supposed...
Timeline Analysis | Epstein Death Reported on 4Chan Before Announced
In my last entitled Illuminating Context with Timeline Analysis, I gave a rough sketch of the basics. In this post I will share a few specifics. The primary point to drive home is there won’t ever...
OSINT Challenges & Opportunities, Methodology on starting your Hunt.
Every investigation is different, but what never changes is how you have to treat an investigation much like the challenge of building something with a bucket of Legos. With each bread crumb, you...
DEF CON 26 Intel CTF Results! Congratulations to the DEF CON iCTF Winners
DEF CON 26, Intel CTF (iCTF) had more participants than any other capture the flag challenge. With over 100 teams showing up, a select few escalated to the top of the heap showing off their skills,...
Investigator Methodology | Strategic & Tactical Vs. a Hopeful Change
If the world has a plethora of investigators and the success of prosecutors is hovering around 90% success rate — why do we struggle with an increase in more complex crime, a rise in international...
Link Analysis Presentation No Nos and How Long Should I Deep Dive?
In “Understanding Link Analysis and Using it Investigations,” I detailed how to get started and some fundamentals on link analysis. What I didn’t cover was how long you should be involved in the...
Understanding Link Analysis and Using it in Investigations
I started using link analysis for investigations somewhere around 2009/2010 when we were developing the first version of SocialNet. A longtime friend, Roelof from Paterva, shared his vision for a...
Patchwork APT Group - Additional IOCs & Network Indicators
Yesterday, Matthew Meltzer, Sean Koessel, and Steven Adair @ Volexity released an excellent write-up on the Indian APT group known as Dropping Elephant. The Volexity article detailed attacks against...
Alabama Cyber Now: Disrupting Human Trafficking Using Digital Forensics & Social Media Forensics
When most security pros think of threat intelligence, they think of cyber crime – tracking down hackers and cyber criminals aiming to compromise networks to exploit credit card information,...
Before Threat Intelligence: How We Forged Tailored Monitoring and Alerting... Anonymous Investigations Inspired Innovation
It was the end of 2010. The Packet Ninjas’ team (the predecessor of ShadowDragon) had been making mad dashes on application assessments and penetration tests while deployed to a nowhere...