Since I have time on my hands, I have decided to give this blog more of a framework around the CTI space, and the posts recently have been the catalyst. I have seen many downloading the PDF format versions of my CTI reports (made for that purpose and generic enough for anyone to use) so I thought perhaps I should expand the practice.

So, with that in mind, here is what I am planning:

Monday: Threat Landscape Overview

• Focus: Provide a summary of the current cyber threat landscape, highlighting significant events or trends observed over the weekend.
• Sources: Review updates from sources like DHS CISA, InfraGard, and AlienVault Open Threat Exchange, and other sources for any notable changes or alerts.

Tuesday: In-Depth Analysis of Selected Threats

• Focus: Deep dive into one or two specific threats identified earlier, offering detailed analysis and potential impact assessments.
• Sources: Utilize open source intelligence reporting.

Wednesday: Threat Mitigation Strategies

• Focus: Provide recommendations and strategies for mitigating the threats discussed on Monday and Tuesday.
• Sources: Utilize open source intelligence reporting.

Thursday: Emerging Threats and Trends

• Focus: Identify and analyze new threats and trends emerging in the cyber landscape.
• Sources: Utilize open source intelligence reporting.

Friday: Weekly Summary and Look Ahead

• Focus: Summarize the week’s findings and provide a forecast for what might be expected in the upcoming week.
• Sources: Review all sources, especially Metacurity and the Spamhaus Project, for a comprehensive week-in-review.

Weekend: Alert Monitoring

• Focus: Maintain vigilance for high-priority alerts or major incidents.
• Sources: Monitor real-time feeds from DHS CISA Automated Indicator Sharing (AIS), Abuse.ch, BlockList.de, etc for immediate threats.

That’s the plan for now.

Next, The Threat Landscape as it is Monday.

~K