As correctly stated by @pmelson , intelligence analysis is not an inherently technical discipline, but by its very nature, cyber threat intelligence is. To be good at CTI requires both the competence to understand raw technical data in context as well as the analytical rigor to draw sound conclusions from it. The telltale sign of a classically trained intel analyst moving into CTI unprepared is an over-reliance on other reporting and analysis without challenging technical details or supporting prior reports with additional technical artifacts collected independently.

Samples of #WhisperGate (VXUG) aka #attack13 (DG) aka DEV-0586 (MSTIC) - the MBR Overwriter targeting Gov #Ukraine https://samples.vx-underground.org/APTs/2022/2022.01.15/Samples/ (pass "infected")

In short, they are proposing to break the internet totally. https://crowdsec.net/log4j-tracker/

#VXUnderground published a first worm sample that uses a #Log4Shell to install Monero-miner.
Self-propagating #Mirai-bot identified by security researcher [email protected]