Additional Insights into Iranian Cyber Espionage | APT33

Additional Insights into Iranian Cyber Espionage | APT33

By Daniel Clemens | Apr 24, 2020 12:00:00 AM

Earlier this week FireEye/Mandiant had released a blog entitled “Insights into Iranian Cyber Espionage”detailing the targets within the Aerospace and Energy sectors being targeted. To compliment...

What Will OSINT/PAI and Collection at Scale Look like for 2020?

What Will OSINT/PAI and Collection at Scale Look like for 2020?

By Daniel Clemens / Jan 11, 2020 12:00:00 AM

2020 will be eventful and likely one of the most historical years containing change, balancing the tension between change, conflict, and hopefully peace in a long time. When reflecting on the...

Iranian Watering Holes. Target Centric Analysis & Looking for Additional IOCs Related to clear.co.ir | 79.127.125.179 with ShadowDragon MalNet & ProofPoint Data

Iranian Watering Holes. Target Centric Analysis & Looking for Additional IOCs Related to clear.co.ir | 79.127.125.179 with ShadowDragon MalNet & ProofPoint Data

By Daniel Clemens / Dec 1, 2019 12:00:00 AM

Additional information is always needed on initial indicators for a SOC analyst or incident handler. In this case, initial indicators point to [ clear. co. ir and 79.127.125.179 ] engaging in...

Link Analysis Presentation No Nos and How Long Should I Deep Dive?

Link Analysis Presentation No Nos and How Long Should I Deep Dive?

By Daniel Clemens / Aug 3, 2018 12:00:00 AM

In “Understanding Link Analysis and Using it Investigations,” I detailed how to get started and some fundamentals on link analysis. What I didn’t cover was how long you should be involved in the...

Patchwork APT Group - Additional IOCs & Network Indicators

Patchwork APT Group - Additional IOCs & Network Indicators

By Daniel Clemens / Jun 8, 2018 12:00:00 AM

Yesterday, Matthew Meltzer, Sean Koessel, and Steven Adair @ Volexity released an excellent write-up on the Indian APT group known as Dropping Elephant.   The Volexity article detailed attacks...

Buckle up for Step-by-Step Insight into Charming Kitten Cyberespionage Attacks

Buckle up for Step-by-Step Insight into Charming Kitten Cyberespionage Attacks

By Daniel Clemens / Jan 26, 2018 12:00:00 AM

The horrors of cybercrime can make even the savviest tech person shudder. Much like an accident on the side of the road, however, we just can’t help rubbernecking. That’s why the Clear Sky...

ShadowDragon MalNet - ProofPoint Maltego Transforms | Vietnamese Victims 1937CN

ShadowDragon MalNet - ProofPoint Maltego Transforms | Vietnamese Victims 1937CN

By Daniel Clemens / Aug 28, 2017 12:00:00 AM

Votiro Labs and ClearSky CyberSecurity both based out of Israel, through use of MalNet have uncovered a slew of interesting TTPs and infrastructure believed to be used by the 1937CN group. Votiro...

Scroll to Top