Joe Słowik

Another bit of research I'm proud of, that I'm not sure if it ever gained any traction because of pandemic, was my 2021 #VirusBulletin #CTI research into #BerserkBear #Dragonfly #CrouchingYeti. I think taking a "long view" of persistent threat actors is extremely beneficial in seeing now just how they evolve over time, but how past campaigns are reflected in current operations.

You can find the paper here:
https://vblocalhost.com/uploads/VB2021-Slowik.pdf

Nov 21, 2022 at 7:29pmWeb
Show threadMarkNReprisalNov 21, 2022
@jfslowik I wish there was some sort of vendor agnostic repo of historical reporting. People change companies, companies change naming conventions, researcher's work tends to vanish into the void a few weeks after pub. Feels like historical meta-analysis could yield crazy good insights if we as a field ever did it #threatintel
Show threadJoe SłowikNov 21, 2022
@KBTechEnt FWIW that's why I save hardcopies locally on my own website (pylos.co) to make sure they never get "erased." Seeing things like Symantec and old Mandiant/FireEye blogs get nuked is incredibly sad.
Show threadVissNov 21, 2022
@jfslowik congrats, man!