THREAT ACTORS

These articles are all related to our work or commentary focused on the revelations or examinations of parties actively involved in malicious activity.

How to use social media to identify a person of interest

How to use social media to identify a person of interest On September 6th news broke regarding the release of Islamic States new magazine entitled Rumiyah… While early detection is key such events also present additional opportunities to identify persons of interest (POIs) that may not have previously been known. OSINT solutions provide that ability. In this blog post we will see how social [...]

How social media can be used to discover credible sources of intelligence

How social media can be used to discover credible sources of intelligence   In this blog entry we will explore how to quickly identify credible sources of information using social media and location based intelligence. In the world of Open Source Intelligence there can be a lot of “noise”. This is particularly true during an event, or directly after an event. Identifying a credible source of [...]

Tracking ship movements with social media

Tracking ship movements with social media Use case The intent of this exercise was three-fold: Can Russian naval vessel movements be detected/monitored using social media? Can chatter from Russian Naval personnel be found, particularly posts made onboard a vessel with location services enabled; and Can intelligence about the vessel’s capabilities, mission or crew be derived from OSINT. Methodology Our tools were configured to detect [...]

Using social media to identify bot nets

Using social media to identify bot nets In this blog entry we will look at how to use social media to identify bot-nets and other coordinated activity. The subject matter for this test case will be the US political landscape and attempts, both foreign and national to influence voters using coordinated messaging. While we are using this to explore threats to National political landscapes [...]

Detecting zero day vulnerabilities with social media

Detecting zero day vulnerabilities with social media Last week we picked up a significant increase in chatter about Joomla and SQL Injection attacks as can be seen in Figure 1 below. Figure 1 – Overall weekly cyber chatter Drilling down into this information as seen in Figure 2 below identifies that most the chatter is in relation to the Joomla Store for K2 3.8.2 [...]