Tag Archives: Threat Intelligence

Beyond compliance: How GDPR can give hackers the upper hand

Published:

Since the implementation of the EU’s General Data Protection Regulation (GDPR) in May, media reports of data breaches have skyrocketed. British Airways, Facebook, Ticketmaster, and Cathay Pacific are all organisations that have made headlines over the last months showing the breadth of sectors affected worldwide by data compromises.

Compliance-driven pieces have been a relatively common occurrence in the media since the application of GDPR. We however aim to look in this blog post at GDPR from a threat actors’ perspective. With GDPR bringing in major changes on the management and transfer of data, threat actors are likely to find innovative ways to exploit and benefit from these changes.

Continue reading
Save the date! Timing the hack for the biggest impact.

Save the date: Timing the hack for the biggest impact

Published:

There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)

Over the last two decades, the scale and severity of cyber attacks has been very variable. It  is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:

  • An Adversary
  • The Capabilities of the Adversary
  • A Victim
  • Infrastructure over which the attack occurs
Continue reading

Event: ILTA – What Is Cyber Intelligence and How Is It Leveraged by Law Firms

Published:

Reserve your complimentary seat

 

On September 28th, Rob Dartnall, Director of Cyber Intelligence, Security Alliance will be presenting to ITLA members at the London offices of Freshfields Bruckhaus Deringer. Join us for Away from the Hype: What Is Cyber Intelligence and How Is It Leveraged by Law Firms

Continue reading
The Market of Malware

The Market of Malware: Buying, Selling and Collaborating in the Criminal Underground

Published:

The Dark Web is a fascinating, confusing and for some, a shocking place. Amongst the plethora of forums discussing, selling and sharing drugs, guns, pornography, credit cards (the list goes on), cybercriminals of all levels of sophistication also seek to acquire, enhance, and profit from a variety of hacking tools. This post provides examples of trading and collaboration that lie behind development of malicious software (malware), as well as providing examples of how it can be rapidly upgraded and changed.

Continue reading

Security Alliance achieves CBEST Threat Intelligence provider status

Published:

CBEST

Security Alliance has achieved CBEST Threat Intelligence provider status. CBEST is a ground-breaking and targeted cyber assessment scheme, created and run by the Bank of England.

This accreditation recognises Security Alliance’s competency in delivering cyber threat intelligence services to the Finance sector.

Continue reading
The Role of IOCs in Threat Intelligence

The Role of Indicators of Compromise in Threat Intelligence

Published:

“Not everything that can be counted counts, and not everything that counts can be counted.”

Albert Einstein

The application of traditional threat intelligence to the field of information security is a relatively young one. As the ability of the community to collect and share intelligence grows, the techniques we use to analyse it become more sophisticated. Assuming we have access to a “firehose” of big data, how can we model and analyse security threats most effectively? This question has led to many organisations attempting to standardise the process and provide a consistent way of distributing threat data. How effective are they at doing this, and how could they be better? How can we better use these imperfect sources of intelligence to inform our analyses?

Continue reading