Chapter 2 Exploring Cybersecurity Threats

Audio

Transcript

So this slide lists some more open source intelligence, so some of the vendor websites are Microsoft Threat Intelligence blog and then Cisco Security advisory sites. So both of those are major corporations. Microsoft and Cisco, both hardware a lot of hardware. Microsoft obviously is software as well.

But you know, Cisco makes a lot of the well used, well known routers and switches. So both of those sites, then some public sources and one called sans Internet Storm Center. 

One called virus share and virus total which I mentioned earlier. Spam House project and then of course there is the dark web.

So span house, let's talk about Sans Institute is isc.sans.org virus share contains details about malware uploaded to virus total. So if I upload to virus total it can get shared through virus share.

The Spam House project focuses on blacklists, including spam via the Spam House block list. So you can go online to spam house and it'll tell you if an IP address has been labeled blacklisted or if it's spam. It'll tell you when, give you all kinds of fun information to use.

And then obviously the dark web is out there and you know, if you choose to explore it, I wouldn't do it on your company.

That work, you know, but you could. You could, and I'm sure there's threat. Intelligence teams that do explore the dark web and they're looking to see if their information is out there. But if you're a sock one analyst, I wouldn't recommend that. Let that let the threat team or. 

A different team do that.