The number of cybersecurity related blogs and websites is on the rise. These posts usually cover topics such as security guidelines, cutting-edge cyber attack techniques, and malware descriptions. Aside from these, social media is also an important source of updates. Reputable security organizations regularly post feeds on Twitter.
One of the most useful features of the darknet is its richness in documents and scripts. This makes it a great source of CTI-related information. It can also give you strategic insight into emerging cyberthreat-related issues.
Researchers have taken advantage of this wealth of information by developing machine learning models and data mining algorithms. In particular, they have applied clustering to identify and aggregate similar text segments. Their results reveal that the largest number of extracted IoCs have the type lPortItem/remoteIPz.
Another method is to use reinforcement learning to detect semantic relationships among cyberthreat entities. For example, a CTI could be generated from a graph data structure that represents the relationship between hackers and resources. Such a format would not require a significant human intervention.
Cyberthreat researchers have also studied the utility of CTI extraction from the textual descriptions of cyber attacks. This information can be used to build tools that can help IT organizations prevent or mitigate malicious attempts. By combining texts that contain the most relevant information, security experts can get an up-to-date snapshot of the latest cyber threats.
The most impressive cybersecurity-related piece of news is the emergence of new techniques and products that can provide cybersecurity practitioners with better tools to defend against a variety of attackers. Such tools include SophosLabs Intelix, a cloud-based threat intelligence platform.