Collaborate Disseminate
Dear blog readers,I’ve decided to let everyone know that I just released an official security research compilation for all the blog posts that I did for ZDNet’s Zero Day blog circa 2008-2012 with the idea to make it easier for everyone to catch up in t… Continue reading Dancho Danchev’s Security Research for ZDNet’s Zero Day Blog – Official Multiple E-Book Formats Compilation
Dear blog readers,Do you remember my work for Webroot Inc. which was my ex-employer 2012-2014? Great news. I’ve decided to make an official offline multiple E-book formats official security research compilation of all the blog posts that I did for Webr… Continue reading Dancho Danchev’s Security Research for Webroot Inc – Official Multiple E-Book Formats Compilation
It has recently became evident that the Solarwinds enterprise which is basically an IT monitoring and management tool suffered a major backdoor attack where malicious attackers managed to obtain access to and actually backdoor a decent portion of Solar… Continue reading Exposing the Solarwinds Malware Campaign – An OSINT Analysis
In this post I’ll provide actionable intelligence on some of the currently active publicly accessible IPs which are known to have been hosting publicly accessible web shells for the purpose of empowering the cybercriminals behind the campaigns to estab… Continue reading Historical OSINT – A Compilation of Publicly Accessible Web Shells – An Analysis
Surprise, surprise! The U.S DoJ has recently released a detailed “Legal Considerations when Gathering Online Cyber Threat Intelligence” guide which aims to educate security practitioners on their way to gather threat intelligence and how to actually ut… Continue reading U.S Justice Department Releases “Legal Considerations when Gathering Online Cyber Threat Intelligence” – Where’s the Meat?
The International Institute For Counter-Terrorism is known to have served malicious software to its targeted user base back in 2013.In this post I’ll provide actionable intelligence behind the campaign and discuss in-depth the tactics technique and pro… Continue reading Historical OSINT – International Institute For Counter-Terrorism Serving Malware – An Analysis
Dear blog readers,I’ve decided a diverse portfolio of fast flux name servers which basically act as a bulletproof botnet C&C communication technique allowing the cybercriminals behind the campaigns to increase the average time for which their campa… Continue reading Exposing a “Fast-Flux” Name Server Based Rogue Fraudulent and Malicious Online Infrastructure – An Analysis
Dear blog readers,I’ve decided to share a massive and diverse portfolio of rogue and potentially malicious domains portfolio utilized by cybercriminals while participating in a blackhat SEO tax forms themed rogue and malicious software serving campaign… Continue reading Exposing a Massive and Diverse Portfolio of “Tax Forms” Themed Malware and Blackhat SEO Serving Domains
Dear blog readers,In this post I’ve decided to share a diverse portfolio of fraudulent and malicious name servers circa 2008 that are known to have participated in various rogue and malicious software serving campaigns. Sample portfolio of rogue fraudu… Continue reading Exposing a Diverse Portfolio of Malicious and Fraudulent Name Servers – An Analysis
Dear blog readers,This is the seventh post part of my “Exposing Modern Client-Side Exploits Serving Kits – An AV and Snort IDS MD5 List Compilation – Part Six” blog post series where I intend to share actionable threat intelligence with vendors and org… Continue reading Exposing Modern Client-Side Exploits Serving Kits – An AV and Snort IDS MD5 List Compilation – Part Seventh