PinnedEfstratios LontzetidisCombining Cybersecurity Frameworks: An Alternative to Incident ReportingCombining Cyber Kill Chain (CKC), Diamond Model (DM), and ATT&CK for reporting.Feb 9Feb 9
PinnedEfstratios LontzetidisIntegrating TweetFeed into MISP using PythonIntegrating a variety of feeds into your Threat Intelligence Platform (TIP) is a continuous process for providing your security tools…Jan 22Jan 22
PinnedEfstratios LontzetidisCyber Threat Intelligence Sharing: making the investigation outcomes actionableIn continuation of the article: Cyber Threat Intelligence Pivoting: From a single alert to multiple IoCs, after an investigation has been…Nov 27, 20231Nov 27, 20231
PinnedEfstratios LontzetidisCyber Threat Intelligence Pivoting: From a single alert to multiple IoCsSecurity Operation Centers (SOCs) mainly deal with handling alerts from various security tools like Proxies, Antivirus software, Intrusion…Nov 9, 2023Nov 9, 2023
Efstratios LontzetidisExploring Pythia: A Generic Query Format for Discovering Malicious InfrastructureUniversal Malicious Infrastructure Hunting with Pythia: Use Case — Meduza StealerAug 7Aug 7
Efstratios LontzetidisCyber Threat Intelligence Lifecycle: Answering the CTI Analyst ChallengeIn this blog we analyze the Cyber Threat Intelligence — CTI Lifecycle, by performing intelligence analysis in a reactive scenario.Jun 18Jun 18
Efstratios LontzetidisUnderstanding the Ransomware EcosystemIn this article we discuss and analyze all the involved roles in the Ransomware-as-a-Service (RaaS) ecosystem.Feb 21Feb 21