Archive - CYINT Analysis Blog

Returning to CYINT Analysis Blog

It’s been more than six years since I last wrote a blog post. Going into 2017, I let the domain registration on my original blog, cyintanalysis.com…

Jan 30, 2022 •

Christian Paredes

December 2016

My Favorite Threat Intel Tweets of 2016

Last year I put together My Favorite Threat Intel Tweets of 2015. And now it’s time for another round-up of threat intel tweets! The tweets I gathered…

Dec 25, 2016 •

Christian Paredes

September 2016

TekDefense PCAP Challenge Write-Up

Earlier this week TekDefense posted a cool network challenge. The instructions were basic: investigate an IDS alert by analyzing the provided PCAP…

Sep 25, 2016 •

Christian Paredes

A Simple, Free, and Fast Open Source Workflow For Processing Indicators

Open sources provide a wealth of valuable intelligence and, often times, network- and host-based indicators to enable detection and further…

Sep 11, 2016 •

Christian Paredes

All The Rosetta Stones!

The ancient Rosetta Stone provided an approximate translation between Egyptian hieroglyphics, Egyptian Demotic script, and Ancient Greek. In threat…

Sep 7, 2016 •

Christian Paredes

August 2016

Examining Recent Ransomware Infection Techniques (And Some Thoughts on Consuming Intelligence)

Even though ransomware is one of the threats du-jour, it’s not something I’ve closely studied. So I decided that this weekend was as good a time as any…

Aug 22, 2016 •

Christian Paredes

July 2016

An Important Internal Intelligence Source to Add to Your Collection Plan

Earlier this week Scott Roberts provided a useful list of intelligence collection sources for threat intelligence and security teams. His list included…

Jul 30, 2016 •

Christian Paredes

April 2016

Strategic Threat Intelligence: Communicating to Non-Technical Audiences

In a recent article in War on The Rocks, More Art Than Science: Intelligence and Technical Topics, authors Brian Holmes and Max Greenlee write about…

Apr 27, 2016 •

Christian Paredes

A Fun Saturday Analysis: Comment Spam Attack!

A wave of comment spam has been hitting my blog today. Gross! The volume of spam (up to 50+) piqued my curiosity. So let’s check it out! I receive an…

Apr 9, 2016 •

Christian Paredes

February 2016

More PCAP Analysis Practice

It’s time to tackle another PCAP analysis exercise from Brad Duncan. I’ve only done a couple of these (I posted one of my write ups here), and would…

Feb 28, 2016 •

Christian Paredes

Themes, Personal Notes, & Resources From SANS CTI Summit 2016

This year’s SANS CTI Summit was my first security conference ever. And I loved it. It was a chance to meet great people, absorb new ideas, and engage in…

Feb 9, 2016 •

Christian Paredes

January 2016

Intelligence Technology and Tradecraft in 2015

With 2015 wrapped up, I wanted to reflect on some of the changes I noticed in the cyber threat intelligence (CTI) field over the course of the year. I…

Jan 3, 2016 •

Christian Paredes

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts