Page 33 – Silent Push

How To Outsmart Adversaries with Preemptive Threat Intelligence

February 19, 2025/in Blog/by Gareth Howells

We’ve previously looked at how Preemptive Threat Intelligence discovers and stops attacks before they’re launched, but how does a preemptive approach keep you one step ahead of adversaries as they evolve their strategies to evade detection?

In this blog, we’ll explore how Preemptive Threat Intelligence acts as an early warning system by using a threat actor’s own tactics against them, forming a comprehensive picture of how a threat campaign is prepped and launched, so that security teams can proactively defend themselves against known and hidden attacks using Indicators of Future Attack™ (IOFA)™.

How to stop an attack by knowing threat actor tactics and behavior

Preemptive Threat Intelligence allows security teams to locate and block the 98% of global threat infrastructure that’s yet to be discovered, and lurking under the surface.

Most importantly, it helps you head off any future attacks by knowing where threat actors are going to strike, based on how they behave.

Catching a criminal with preemptive threat intelligence

When a law enforcement agency needs to find and arrest a perpetrator, they gather as much information they can on the person to understand where they are, and where they’re going to strike next.

We’ve all watched crime shows where the agency builds a file to capture who a criminal associated with, what methods they use to commit a crime, what their motive is, and any other crimes they’re involved in. They also look for behaviors to document such as places they frequent, company they keep, and even what brand of cigarettes they smoke.

All of this enables the good guys to be one step ahead of the bad guys, and lay a trap to put them behind bars.

How does Silent Push profile attacker behavior?

At Silent Push, Preemptive Threat Intelligence works in a similar way, but in the digital world.

Instead of only relying on information that’s easily obtainable and available everywhere – such as a domain that’s already been involved in an attack – it’s essential to understand a threat actors’ motivation and modus operandi, and use their own methods as identifiers against them to anticipate and prevent any future attacks.

Silent Push achieves this through our unique digital behavioral fingerprinting process.

We go beyond stale lists of post-breach IOCs, and help security teams to proactively profile threat actor behavior in a way that makes it easy to understand how they set up their infrastructure before an attack, and where to expect the next digital assault.

Our digital behavioral fingerprint breaks down a domain, website or IP address into hundreds of searchable categories, and connects the dots between billions of datapoints across the Internet by giving security teams a comprehensive criminal profile of online threat activity, wherever it occurs and whoever is propagating it.

How does Silent Push provide a cyber early warning system to stop hidden attacks?

Behavioral fingerprints and IOFA™ are unique to Silent Push. No other threat intelligence provider has the same ability to scan, aggregate, and correlate global Internet data, and deliver it in a way that makes it immediately actionable, and easy to use, in the form of IOFA™.

Think of all the questions your team needs to answer as they track down malicious infrastructure targeting your organization…

What favicon is that brand impersonation site using that’s targeting your organization, and what are all the other domains that have ever used that favicon? What domains are linked with the same nameserver? How has that threat actor moved between different hosting providers? Where are they now, where have they been before, and where are they likely to go to next? How does that website interact with users, and what other sites behave in the same way?

All of this, and more, is available only within Silent Push.

Learn more about our unique approach to Preemptive Threat Intelligence

Find out how your organization can use Preemptive Threat Intelligence to outsmart adversaries and stop attacks before they’re launched.

Contact us here for more information.

Webinar – Infrastructure Laundering

February 18, 2025/in News, Webinars/by Charlotte Pawson

In the evolving landscape of cyber threats, attackers are increasingly exploiting legitimate cloud services to mask their malicious activities – a tactic we term “Infrastructure Laundering.”

By renting IP addresses from reputable providers like Amazon Web Services and Microsoft Azure, threat actors such as the FUNNULL content delivery network (CDN) can seamlessly integrate illicit operations into mainstream infrastructure. This approach not only complicates detection but also challenges traditional security measures.

Access Webinar

What we cover:

In this session, Silent Push Director of Threat Intelligence Kasey Best covers:

What is Infrastructure Laundering?
The evolution of adversaries: How and why threat actors are jumping on this trend
How to detect Infrastructure Laundering in real-time with Silent Push preemptive threat intelligence
Case Study: Triad Nexus and FUNNULL CDN Infrastructure Laundering
Ethical concerns for Big Tech
Mitigation and Q&A

Who should watch:

Anyone seeking cutting-edge strategies to preemptively detect and mitigate threats.

Ready to dive deeper into the world of preemptive threat intelligence? Begin your journey with the Silent Push free Community Edition today.

Ken Bagnall, CEO & Founder of Silent Push: $22 Million Raised to Transform Threat Intelligence Through Adversary

February 15, 2025/in News Front Lines/by Jaime Wong

Salt Typhoon Exploits Cisco Devices in Telco Infrastructure

February 14, 2025/in News Nate Nelson/by Jaime Wong

Apps sold location data for US military and intelligence personnel serving overseas

February 12, 2025/in News Ben Lovejoy/by Jaime Wong

What Is Preemptive Threat Intelligence?

February 11, 2025/in Blog/by Gareth Howells

Preemptive Threat Intelligence is the practice of identifying threat infrastructure as it’s being set up, and before an adversary launches an attack.

The data used in Preemptive Threat Intelligence provides teams with the ability to proactively respond to threats using enhanced insights, feeds and automated queries that reveal known and hidden infrastructure.

In this blog, we’ll explore the concept of preemptive threat intelligence by explaining how much of global threat infrastructure is know at any one time, and the need for organizations to adopt a preemptive approach to threat intelligence, before explaining how Silent Push is helping organizations to detect and block hidden threats quicker and more effectively with its unique Indicators of Future Attack™.

Did you know that only 2% of threat infrastructure is known?

Most security teams rely on inadequate threat intelligence data that does not reveal the full extent of an attack.

As little as 2% of the infrastructure used by a threat actor in an attack is being tracked at any given point in time, with the remainder lurking under the surface and out of reach of traditional detection methods.

This means that cyber defenders and threat hunters are operating mostly in the dark, as they attempt to understand where attacks originate from, and where they may appear next.

Organizations need to have the ability to go beyond the 2% that’s easily detectable, and dive under the surface of the water to establish just how far down the iceberg goes – and what it’s actually made of – to make sure they’re better positioned to prevent a breach.

Why is 98% of threat infrastructure hidden?

Like any criminal, threat actors continually change their attack strategies to cover their tracks, and avoid detection.

They understand and monitor traditional approaches to security that rely on stale lists (feeds) of domains and IPs that tell teams where an attack has BEEN, rather than where it’s coming FROM, and are constantly cycling through large amounts of infrastructure to cover their tracks.

These feeds do not contain all the linked infrastructure used by a threat actor, and only contain publicly known Indicators of Compromise (IOCs).

What if you could take one piece of infrastructure that is currently visible in an attack, and get insight on how it’s moved across the Internet, along with all the other pieces of Internet data it’s associated with, how its hosted (or has ever been hosted), and how it all fits together?

These are the elements that are impossible for teams to reveal using a standard approach, and this is what makes up the 98% that’s currently hidden to the rest of the security industry.

Why are organizations adopting Preemptive Threat Intelligence?

Let’s use an analogy. You’re lucky enough to own a large house, on a sprawling estate, with multiple potential entry points dotted around that need to be monitored and secured 24/7.

Would you rather rely on an alarm system that tells you when an intruder is at the door (or worse still, when they’re in your house), or would you prefer to get alerted when they’re on their way and before they get anywhere near your neighborhood, so that you can stop them before they get to you?

This is why security teams are pivoting away from legacy “at the gates” detection mechanisms.

Preemptive Threat Intelligence data needs to deliver a cyber early warning system that stops criminals before they arrive at your organization’s digital front door – wherever that may be.

How Silent Push Preemptive Threat Intelligence exposes threats and minimizes the risk of an attack

Silent Push was started in 2020 by security industry veterans to improve the world’s ability to counteract global cybercrime.

Our founders are determined to provide the most innovative solution to address the growing imbalance of security teams wasting time and resources fumbling around for information on hidden threat infrastructure, and increasing their organization’s exposure to an attack.

Silent Push is the first and ONLY cybersecurity platform to deliver Indicators Of Future Attack (IOFA)™ – immediately actionable preemptive threat intelligence data that informs teams where attacks are coming FROM, in addition to where hey have been.

Our early warning system stops the burglar from ever entering your neighbourhood, let alone your property, by giving your teams the ability to locate the 98% of threat infrastructure that they aren’t currently able to pinpoint.

We do this by mapping out the relationship between billions of Internet data points using proprietary technology that gives security teams a 360-degree picture of any given attack landscape.

Learn more about our unique approach to Preemptive Threat Intelligence

Find out how your organization can use Preemptive Threat Intelligence to reveal hidden infrastructure and stop attacks at source.

The Murky Ad-Tech World Powering Surveillance of US Military Personnel | WIRED

February 11, 2025/in News Bryan Wolfe/by Jaime Wong

Microsoft IIS Servers Targeted For Malware Deployment | ChannelE2E

February 11, 2025/in News Joseph Cox/by Jaime Wong

ITSDI Partners with Silent Push Offering Preemptive Global Threat Intelligence to Avoid Loss

February 10, 2025/in News, Press Releases/by Charlotte Pawson

Attacker Behaviors are Exposed Before They Strike Through Indicators of Future Attack (IOFA) Data from Silent Push

Manila, Philippines, February 10, 2025. Information Technology Security Distribution, Inc. (ITSDI), a cybersecurity distributor, announced today its partnership with Silent Push to offer early global threat detection services to its customers to block unknown attacks, stop breaches and minimize financial risk.

Organizations find it’s difficult to stay ahead of cyber threats. Without preemptive cyber defense, they’re exposed and vulnerable to hidden adversary infrastructure. Silent Push provides a complete view of emerging threat infrastructure in real-time, revealing cyber-attackers and malicious intent all within a single platform.

Luichi Robles, President of ITSDI, stated, “Silent Push shares in our mission to ensure the freedom and safety of cyberspace by strengthening our customers cyber security posture. The unique approach from Silent Push is a game changer for our customers. It’s TTP-led cyber defense acts as an early warning system so our customers can gain visibility and quickly action to protect their organization.”

“All too often legacy solutions just rely on Indicators of Compromise (IOC) with limited visibility and missing data. We go beyond IOCs and expose Indicators of Future Attack through our proprietary behavioral threat modeling; allowing security teams to identify detailed and unique patterns that reveal attacker campaigns before they even start—neutralizing threats and avoiding loss,” said Ken Bagnall, Silent Push CEO. “We welcome this partnership with ITSDI in Philippines to help organizations quickly pinpoint malicious actors and disrupt their plans,” added Ken Bagnall.

ITSDI encourages its customers to experience the power and effectiveness of the Silent Push preemptive threat intelligence solution through the free community edition. Learn more here.

About ITSDI

Information Technology Security Distribution, Inc. (ITSDI) is a cybersecurity distributor in the Philippines. With over 90 years of combined information and communications industry experience, it delivers the most innovative and cutting-edge cybersecurity solutions available to help its customers strengthen their security posture. ITSDI is committed to meeting the demands of the evolving cyber threat landscape. It offers a holistic approach to cybersecurity enabling organizations to proactively protect against threats and adversaries and comply with the Data Privacy Act of 2012. For more information, visit www.itsdi.com.ph.

Ready to dive deeper into the world of preemptive threat intelligence? Begin your journey with the Silent Push free Community Edition today.

DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects

February 10, 2025/in News Staff/by Jaime Wong