Adversaries don’t stand still, and neither do we…
It’s a new year. That means a new set of attack vectors to analyse and combat, so that we’re always able to provide a solution which takes into account evolving attacker TTPs, and reveals unknown threat infrastructure as it’s being set up.
We’re on a constant mission to make sure that organizations are aware of our approach to preemptive threat intelligence, and the value of an TTP-led cyber defense strategy. One of the ways we achieve this is to remain active within the cyber intelligence community across the yearly event schedule.
The Silent Push team has been busy throughout Q1 disseminating our research in global events, and revealing how the latest trends in cyber attacks are being formulated and launched, so that security teams are best placed to locate and stop them.
Monaco FIRST Regional Symposium Europe, January 14-16
Held at the beautiful Le Méridien Beach Plaza, the FIRST Regional Symposium was a unique setting for exchanging ideas with cybersecurity experts around the globe, bringing together national incident response centers (CERTs), and private and academic sectors.
At the event, our Senior Threat Analyst, Zach Edwards, gave a well-attended talk entitled “Investigating Triad Nexus and Pivoting from a Pig Butchering Investment Scam Website into an Entire Malicious Network”, based off our research into the Triad Nexus published late last year.
You can view Zach’s presentation here.
Our investigation into the FUNNULL CDN has revealed an enormous cluster of malicious infrastructure and exposed the pivotal role it plays in facilitating a wide array of cyber-criminal activities, many of which are orchestrated by Chinese Triad groups.
Zach’s talk also made it into local news coverage. Included was our findings on the various criminal networks involved, and how threat hunters can map them, and look at the various retail phishing scams hosted on FUNNULL CDN that target some of the world’s largest brands.
SANS CTI Summit, Jan 27-28
SANS events are a great way for cybersecurity professionals to obtain fresh perspectives and insights from leading practitioners in the field, in the form of case studies, innovative techniques, and practical solutions designed to challenge assumptions and deepen a security teams’ understanding of any given problem.
Our Solutions Engineer, Noah Plotkin, was on-hand to talk to attendees about how Indicators of Future Attack (IOFAs) achieve all of this and more, by allowing teams to proactively locate the 98% of threat infrastructure lurking under the surface that isn’t being tracked by the industry at any given time.
IOFAs solve a huge problem faced by security teams worldwide, who are forced into a reactive security stance by using stale lists of post-breach IOCs that only indicate where an attack has BEEN, rather than where it’s coming FROM.
Cyber Policy Awards Dinner, Feb 6-8
Next up was our sponsorship of the Cyber Policy Awards Dinner, held at the US Chamber of Commerce in February, which recognized members of the cyber policy community whose work shaped the cybersecurity landscape in 2024.
The Silent Push Leadership Team – including our CEO Ken Bagnall, Chief Customer Officer, Brad Arnold, and Chief Revenue Officer, David Troha – chatted with senior policy leaders, veteran cyber experts, and eminent members of the industry about how our IOFA-led approach is enabling security teams to re-think their cyber defense strategies and pivot towards preemptively locating attacker infrastructure.
Congratulations to all the award winners! We’ll see you again in 2025.
RISE Finland, Feb 10-12
Regional Information Security Events (RISE) are centered on threat intelligence, cybercrime and general cyber security issues, with a range of TLP Amber and TLP Red case studies for attendees to take in and use to inform their own security postures.
This year, RISE Finland was held on a cruise ship – the Tallink Silija Symphony – where our Director of Sales Engineering, Maulik Limbachiya, and Solutions Engineer, Noah Plotkin, delivered a workshop on how to use Silent Push IOFAs to unmask the APT group Sapphire Sleet, including advanced detection of North Korean-sponsored threats to the cryptocurrency community.
Our Threat Analyst team has recently published a TLP Amber report on Sapphire Sleet, available to Enterprise users, that performs a deep dive into the North Korean APT group’s use of hosting providers to evade detection.
Attendees were extremely interested in the value that Silent Push provides security teams in their quest to identify emerging APT and stop attacks before they’re launched, and as always, had lots of questions on what the platform is capable of and how it could be used within their own organizations.
ITSDI Partner Summit, Feb 11
In February we hosted a preemptive threat intelligence summit with Information Technology Security Distribution (ITSD) – a cybersecurity reseller in the Philippines with over 90 years combined experience in the information and communications technology industry.
Chief Customer Officer, Brad Arnold, and Senior Director APJ, Anthony Ng, provided an exclusive platform preview to 40 partner companies that demonstrated how Silent Push exposes attacker behavior before a strike occurs using IOFAs, and showed how security teams can use the platform to block unknown attacks, stop breaches, and avoid financial loss.
The partnership between ITSDI and Silent Push represents a commitment to providing cutting-edge solutions, and we’re confident that IOFAs will revolutionize how APJ partners protect their organizations.
Come meet us at the FS-ISAC Summit, Mar 9-12
Let’s connect in New Orleans at the upcoming FS-ISAC Americas Spring Summit.
This year’s theme is Safeguarding Trust. With a track on intelligence, attendees will be exploring ways to better defend their organizations. We’re looking forward to those conversations and sharing how we expose threat actor infrastructure as it’s being set up using IOFAs.
It’s going to be a great opportunity to meet with our customers in the global financial industry, and getting to know new security leaders.
Let’s set up a time to meet at the event. Contact us below, and note the day and time that is best for you.
