CTI

Cyber Threat Intelligence: A Product Without A Process?

Abstract not available as the journal does not use it. Read the full article [here](https://doi.org/10.1080/08850607.2020.1780062) and the accompanying blog post [here](https://krisk.io/post/cti/).

What's wrong with Cyber Threat Intelligence

Over the last decade the field of Cyber Threat Intelligence (CTI) has emerged, which aims to preempt cyber threats by combining aspects from Computer Science and the Intelligence field. Something like Risk Management, but less dusty, practical, operational and able to deal with a highly dynamic environment.

BNR Cryptocast

Cryptocasters! Het valt voor @Misssbitcoin en @hmblank @BNR niet altijd mee een podcast te maken vanuit huis, met gasten op afstand. Maar toch weer mooi als het lukt. Met @f00th0ld, die onderzoek deed @tudelft naar gehackte #exchanges.

From Hodl to Heist

How and where do you buy your Bitcoin? Via a P2P marketplace, decentralized exchange, or rather through Coinbase, Binance and the likes? Most people do so via the latter ones. Centralized exchange platforms are compelling to most users as they are easy to use.

From Hodl to Heist: Analysis of Cyber Security Threats to Bitcoin Exchanges

Bitcoin is gaining traction as an alternative store ofvalue. Its market capitalization transcends all other cryptocurrencies in the market. But its high monetary value also makes it an attractive target to cyber criminal actors. Hacking campaigns …

SoK: ATT&CK Techniques and Trends in Windows Malware

In an ever-changing landscape of adversary tactics, techniques and procedures (TTPs), malware remains the tool of choice for attackers to gain a foothold on target systems. The Mitre ATT&CK framework is a taxonomy of adversary TTPs. It is meant to …

ATT&CK Techniques and Trends in Windows Malware

Most cyber security practitioners are by now aware of the Mitre ATT&CK framework and the tremendous potential it holds for increasing the understanding and mitigation of adversary TTPs. Within the Computer Science realm however, the framework has caught less altitude than in the infosec blogosphere.