Intelligence Tradecraft

Show
Return of the Worm: A Red Hat Analysis
September 7, 2017

A computer worm is a piece of malware that is designed to replicate itself in order to spread to other …

read more

All That Twitterz Is Not Gold: Why You Need to Rely on Multiple Sources of Intelligence

August 9, 2017

Twitter has become an extremely valuable tool for security researchers; experts including Kevin Beaumont and PwnAllTheThings frequently post research findings …

read more

What is a Threat Model, and Why Organizations Should Care

July 31, 2017

Many organizations are exquisitely aware that they are the target of a wide-range of cyber-attacks: from targeted intrusions to mere …

read more

The Future of Marketplaces: Forecasting the Decentralized Model

July 17, 2017

Last week we wrote about the disappearance of AlphaBay dark web marketplace and assessed three potential scenarios to look out …

read more

AlphaBay Disappears: 3 Scenarios to Look For Next

July 14, 2017

The AlphaBay dark web marketplace has been inaccessible since 05 Jul 2017. With no substantive explanation from the site’s owners, …

read more

Threat Led Penetration Testing – The Past, Present and Future

July 10, 2017

What is Threat Led Penetration Testing? Threat led penetration testing is, in essence, using threat intelligence to emulate the tactics, …

read more

WannaCry: An Analysis of Competing Hypotheses – Part II

June 7, 2017

Following the furore of last month’s WannaCry ransomware attacks, Digital Shadows produced an Analysis of Competing Hypotheses (ACH) table to …

read more

WannaCry: An Analysis of Competing Hypotheses

May 18, 2017

On 12 May 2017, as the WannaCry ransomware spread across computer networks across the world, a variety of explanations also …

read more

All Sources Are Not the Same; Why Diversity Is Good for Intelligence

April 11, 2017

As we all know, if you listen to just one side of the story, very often you don’t get the …

read more

Step by Step: The Changing Face of Threat Led Penetration Testing

February 28, 2017

Organizations are increasingly adopting the threat led approach to penetration testing. This approach essentially advances the boundaries of conventional penetration …

read more

F3EAD: Find, Fix, Finish, Exploit, Analyze and Disseminate – The Alternative Intelligence Cycle

February 8, 2017

The F3EAD cycle (Find, Fix Finish, Exploit, Analyze and Disseminate) is an alternative intelligence cycle commonly used within Western militaries …

read more