Informing Cyber Threat Intelligence through Dark Web Situational Awareness: The AZSecure Hacker Assets Portal

To increase situational awareness, major cybersecurity platforms offer Cyber Threat Intelligence (CTI) about emerging cyber threats, key threat actors, and their modus operandi. However, this intelligence is often reactive, as it analyzes event log files after attacks have already occurred, lacking more active scrutiny of potential threats brewing in cyberspace before an attack has occurred. One intelligence source receiving significant attention is the Dark Web, where significant quantities of malicious hacking tools and other cyber assets are hosted. We present the AZSecure Hacker Assets Portal (HAP). The Dark Web-based HAP collects, analyzes, and reports on the major Dark Web data sources to offer unique perspective of hackers, their cybercriminal assets, and their intentions and motivations, ultimately contributing CTI insights to improve situational awareness. HAP currently supports 200+ users internationally from academic institutions such as UT San Antonio and National Taiwan University, law enforcement entities such as Calgary and Ontario Provincial Police, and industry organizations including General Electric and PayPal.

Threats from the Dark: A Review over Dark Web Investigation Research for Cyber Threat Intelligence

From proactive detection of cyberattacks to the identification of key actors, analyzing contents of the Dark Web plays a significant role in deterring cybercrimes and understanding criminal minds. Researching in the Dark Web proved to be an essential step in fighting cybercrime, whether with a standalone investigation of the Dark Web solely or an integrated one that includes contents from the Surface Web and the Deep Web. In this review, we probe recent studies in the field of analyzing Dark Web content for Cyber Threat Intelligence (CTI), introducing a comprehensive analysis of their techniques, methods, tools, approaches, and results, and discussing their possible limitations. In this review, we demonstrate the significance of studying the contents of different platforms on the Dark Web, leading new researchers through state-of-the-art methodologies. Furthermore, we discuss the technical challenges, ethical considerations, and future directions in the domain.

The Implementation of Strategic Threat Intelligence for Business Organization

Nowadays strategic threat intelligence is very important to all the organization. Strategic cyber threat intelligence can determine who and why to provide key insights to the organization. It purpose is to determine who is behind a particular threat or threat family and addressing to evolving trends. The strategic level of cyber threat intelligence also included and explains about why. Why makes a company or an organization a target? Strategic Threat Intelligence offer the overview of the threat status of the organization. Therefore, the C-Suite include chief executive officer (CEO), chief financial officer (CFO), chief operating officer (COO) and chief information officer (CIO) of the organization use cyber threat intelligence data to understand the high-level trends and threats to the company or the organization. The C-Suite of the organization also need to know how to implement the strategic threat intelligence to prevent unexpected things happen. This research paper aims to discuss about the importance of the strategic threat intelligence to the company or organization and how to implement it. After knowing and understanding the implementation of strategic threat intelligence to the company or organization, this research paper also will discuss about the when of using strategic threat intelligence. The issue and challenges is also discussed in the article.

A Shared Cyber Threat Intelligence Solution for SMEs

Small- and medium-sized enterprises (SMEs) frequently experience cyberattacks, but often do not have the means to counter these attacks. Therefore, cybersecurity researchers and practitioners need to aid SMEs in their defence against cyber threats. Research has shown that SMEs require solutions that are automated and adapted to their context. In recent years, we have seen a surge in initiatives to share cyber threat intelligence (CTI) to improve collective cybersecurity resilience. Shared CTI has the potential to answer the SME call for automated and adaptable solutions. Sadly, as we demonstrate in this paper, current shared intelligence approaches scarcely address SME needs. We must investigate how shared CTI can be used to improve SME cybersecurity resilience. In this paper, we tackle this challenge using a systematic review to discover current state-of-the-art approaches to using shared CTI. We find that threat intelligence sharing platforms such as MISP have the potential to address SME needs, provided that the shared intelligence is turned into actionable insights. Based on this observation, we developed a prototype application that processes MISP data automatically, prioritises cybersecurity threats for SMEs, and provides SMEs with actionable recommendations tailored to their context. Subsequent evaluations in operational environments will help to improve our application, such that SMEs are enabled to thwart cyberattacks in future.