I started to write a post about malware analysis in the context of OSINT and threat intelligence for a long time. It is one of the most widely used sources of information and a common goal of analyst research, but at the same time a technically complex issue. If we are talking about advanced static analysis (of the file itself) and dynamic (observing the behavior of the file after running), it is [...]
In the previous post, I tried to present what types of cyber operations accompany military actions and how different types of operations are supposed to achieve their goals by different means. Some may have expected much more intense cyber activities in Ukraine, attacks on industrial networks or the massive use of wipers. Although there are no signals indicating [...]
Recent related events clearly show the intentions of the Kremlin, which decided to invade Ukraine, potentially threatening the entire territory of the state. In the context of military operations, there is often talk of the role of cyber operations as supporting or even replacing kinetic operations. Especially the latter use awakens the imagination - the media and commentators point out [...]
One of the most polarizing and imaginative issues in the practice of analyzing hostile activity is attribution, i.e. an attempt to define specific entities, organizations or persons responsible for the operation. The interest in "who did it" should come as no surprise - the process of analyzing cyber activity often takes the exact opposite of investigating "ordinary" crimes. […]
One of the most common tasks related to OSINT and threat intelligence is the analysis of Internet domains in terms of infrastructure behind them and information about entities responsible for their creation. Domains are an important element of cyber operations, when they can be used for C2 communication, malware delivery and information operations, providing [...]
After traveling around the globe, we move on to the vast world of operations in cyberspace - specifically how they are analyzed and how it helps in defense. One of the inspirations for the name of this blog - counterintelligence.pl - was that the activity known as Cyber Threat Intelligence (CTI) is, in my opinion, the activity of [...]
Hello to all readers in the new year! I hope it started positively for you and will be calmer for all of us than the passing one. So, to have some fun, we're going to play games today. Not just any games, certainly well-known to fans of both military and civil aviation. They will be [...]
Santa Claus aka Gwiazdor - one of the most famous and mysterious characters in the world. Every year, he provides gifts to children around the world, and therefore, in one day, he has to visit, according to various estimates, from 240 to 600 million homes (depending on what assumptions we make about [...]
In previous posts, we dealt with OSINT information gathering in various fields, this time we will look at a specific tool. Not just any tool, because it is a real combine that greatly facilitates both data collection and its interpretation. Malt is definitely one of my favorite OSINT tools here. It combines the functions of [...]
Nowadays, OSINT is most often associated with the analysis of threats, journalistic investigations and verification of information, for example, from places subject to military operations. However, if we zoom out a bit and look at the phenomenon of collecting publicly available information and analyzing it in order to achieve specific results, it forms the basis of one of the most important contemporary institutions [...]
English 
Polish