Clik here to view.
Wafiq Safa and Iran’s Cyber Outpost in Lebanon
Our recent analysis of the cyber attack against Saudi Aramco highlighted lingering questions about the culprit, and the origins of the attack are yet to be credibly verified. However, rumors of Iranian...
View ArticleClik here to view.
Patterns in Physical and Digital Protests
This post was originally published as Activism OSINT: Why Are Cyber and Physical Protests Out of Sync? at the Recorded Future blog. Below is an excerpt from that post: At Recorded Future, we collect...
View ArticleClik here to view.
Syrian Hackers Wage Misinformation War
It’s unnerving to see the anomaly dominating the picture at right (and the real world market value loss) and find out it was the result of a single bad tweet. But that’s exactly what happened earlier...
View ArticleClik here to view.
Rash of Cyber Threats on Japanese Targets Continues
Hacktivist collective Anonymous recently threatened 22 Japanese websites including prominent government agencies in protest against the annual Taiji dolphin hunt. Though action against these sites has...
View ArticleClik here to view.
How to Use STIX for Automated Sharing and Graphing of Cyber Threat Data
MITRE, a not-for-profit organization with offices near Boston and Washington, D.C., has developed several interrelated toolkits to enable sharing of cyber threat intelligence between trusted parties....
View ArticleClik here to view.
Navigating the Future With Web Data: Christopher Ahlberg at TEDxCambridge 2014
Is it really possible to know the future? Recorded Future CEO Christopher Ahlberg says yes, if we organize the web for analysis, rather than search. With those insights in hand, leaders can make...
View ArticleClik here to view.
Is it Possible to Use Web Intelligence to Forecast International Crisis?
By using Recorded Future in conjunction with traditional ethnographic techniques, it is possible for us to significantly increase our accuracy in forecasting international and diplomatic crisis. This...
View ArticleClik here to view.
Recap: Spring 2014 Product Improvements
Now that summer is here, let’s recap the Recorded Future product improvements we rolled out over the last three months. With our SaaS approach, we deliver improvements in weekly increments, along with...
View ArticleClik here to view.
4 Ways Alert Logic Leverages Open Source Intelligence
Last week, we were thrilled to present a webinar featuring threat intelligence expert Stephen Coty. Stephen is the Chief Security Evangelist of Alert Logic, a well-known managed security service...
View ArticleClik here to view.
Buk SAMs and the Downing of MH17
Analysis Summary Recorded Future web intelligence highlights multiple June/July reports that Ukrainian separatists had acquired Buk anti-aircraft missiles. With hindsight, it’s surprising that these...
View ArticleClik here to view.
Monitoring Arms Control Compliance With Web Intelligence
Can we find insights for defense against chemical and biological weapon threats by analyzing livestock disease outbreaks and public health crises? Research by Maynard Holliday of Sandia National Labs...
View ArticleClik here to view.
Assessing MH17-Themed Cyber Threats
In our webinar today we assessed the aftermath of the MH17 tragedy from a threat intelligence perspective. Together with our guest Rich Barger, Chief Intelligence Officer of Cyber Squared Inc., we...
View ArticleClik here to view.
How Al-Qaeda Uses Encryption Post-Snowden (Part 2) – New Analysis in...
Analysis Summary Al-Qaeda (AQ) encryption product releases have continued since our May 8, 2014 post on the subject, strengthening our earlier hypothesis about Snowden leaks influencing Al-Qaeda’s...
View ArticleClik here to view.
Al-Qaeda and Snowden: Correlation, Causation, and Temporal Analysis
Our recent research on Al-Qaeda encryption again generated a tremendous amount of interest which we were thrilled to see, with stories in NPR, Wall Street Journal, Ars Technica, ABC News, Washington...
View ArticleClik here to view.
The Power of the Web: Anticipating Cyber Attacks
IT security teams are under siege, constantly defending against data breaches, IP theft, cyber crime, and other threats in a long and costly war. Interpol estimates cyber crime costs people and...
View ArticleClik here to view.
Integrating Recorded Future With Maltego
The after-action report from Black Hat 2014… Paterva’s Maltego product is a great “Swiss army knife” for researching IT infrastructure – whether the context is performing recon for pen-testing, reverse...
View ArticleClik here to view.
Putting Data in Perspective With Web Intelligence
Summary Government and private sector threat intelligence analysts are awash in data: both proprietary and open source. The evaluation of both – all-source analysis – provides analysts the perspective...
View ArticleClik here to view.
How Asprox Malware Became an APT in 4 Phases
Analysis Summary Asprox has four distinct development phases, most recently taking on APT-style obfuscation techniques. Asprox diversified its TTPS, utilizing new languages and attachment filenames...
View ArticleClik here to view.
ISIS Jumping from Account to Account, Twitter Trying to Keep Up
The following analysis was done in collaboration with Sky News. Analysis Summary ISIS supporters will create a new account, usually under a very similar name, almost immediately after their profile is...
View ArticleClik here to view.
How to Use the Information-Seeking Mantra in Cyber Intelligence Dashboards
This is the second post in our blog series, “Visualizing Cyber Intelligence.” In the previous post, we got a glimpse of two important contributions of Edward Tufte to the field of data visualization:...
View Article