Penetrating Real-Time Threat Behaviour: Cyber Analytics and the Pen Tester

It’s the wild, wild west out there in cyberspace, except the feral camels[1] that once roamed Texas are the hackers, and they’re roaming beyond borders and through firewalls on the daily.

At present, cyber threat intelligence gathering is a mish-mash of intrusion detection system logs, port scans, IP addresses, information sharing platforms, Twitter feeds and traditional write-ups. There is no one consistent language used across these platforms to refer to attacks, techniques or procedures and there’s no one single source of data. Much like post-truth America, you’ve got to look in all the right places to piece together the whole story and even then it’s hard to know if you’ve put the puzzle together the way it was intended. What this means is while there’s massive complexity when trying to understand the path an attacker has taken, it also means that there’s huge potential when it comes to leveraging the data or bits (pun intended) of evidence a hacker leaves behind.

What The Actual (Fuck) is Blockchain?

The idea for blockchain came from a now germinal paper written in 2008 by the man known as Satoshi Nakamoto, what his or their real name is, no-one knows which just adds to the mystery and intrigue around the whole community.

Nakamoto referred to “blocks” and “chains” which has evolved into the now more common usage of blockchain. A blockchain is quite literally a chain of blocks tied together. A block as a single entity or data structure is made up of a numerical identifier starting from block number 1, a nonce which is an abbreviation for the term Number Only used oNCE, data such as, the amount being sent, the address being sent from and to, a signature, a time stamp and transactions fees.