Author Archives: Emin Baylarov

Introduction Cyber Threat Intelligence (CTI) analysts bring a variety of backgrounds and experiences, and their specific roles often differ widely depending on the organization they work for. Paths to becoming a CTI analyst are diverse, with some entering from Security Operations Centers (SOC) or other cybersecurity roles, some coming directly from academia, and others transitioning […]

Cyber threat intelligence largely involves the tracking and studying of the adversaries outside of your network. Gaining counterintelligence about your adversaries’ capabilities and weaponry is one of the final building blocks for managing a strong cyber defense. In the pursuit of performing this duty, I have been studying how to discover adversary infrastructure on the internet. One […]

I recently came across a cool GitHub repo from Zscaler’s ThreatLabz team (see here) which contains a whole array of ransom notes from known and new ransomware families. I imagine that Zscaler has some sort of malware hunting capability (potentially LiveHunt YARA rules in VirusTotal) and they manually check for ransom notes uploaded to VT containing […]

I wanted to do something a bit different and fun so I created a new site hackerfiction.medium.com with one purpose: Telling fictional short stories about hacking using AI. I’ve explained why and how I’m doing this in my Introduction blog, I recommend checking it out first. Ultimately, I made these stories for me. But think others may enjoy […]

Online and at conferences, people ask me how to get started in threat intel. What I usually offer as advice to budding analysts starting out is to practise analysing things in the wild. And by ‘analysing things in the wild’ I mean looking for live reports of cybercriminal activity by others online. One of my […]