Threat Data and Intelligence online resources
Opent Source Intelligence (OSINT)
Open Source Threat Information Sources:
- senki.org provides a list
- The Open Threat Exchange operated by AT&T is part of a global community of security proffesionals and threat researchers: Open Threat Exchange operated by AT&T.
- The MISP Threat Sharing project, misp-project.org/feeds, provides standardized threat feeds from many sources, with community-driven collections.
- threatfeeds.io hosts a list of open source threat intelligence feeds, with details of when they were added and modified, who maintains them, and other useful information.
Government Sites:
- The US Cybersecurity and Infrastructure Security Agency (CISA) us-cert.gov.
- The US Department of Defense Cyber Crime Center: dc3.mil.
- The CISA’s Automated Indicator Sharing (AIS) program, dhs.gov/cisa/automated-indicator-sharing-ais, and their Information Sharing and Analysis Organizations program, dhs.gov/cisa/information-sharing-and-analysis-organizations-isaos.
Vendor Websites:
- Microsofts threat intelligence blog: microsoft.com/security/blog/tag/threat-intelligence.
- Cisco’s threat security site: tools.cisco.com/security/center/home.x, includes an experts' blog with threat research information, as well as the Cisco Talos reputation lookup tool: talosintelligence.com.
- The SANS Internet Storm Center: isc.sans.org.
- VirusShare contains details about malware uploaded to VirusTotal: virusshare.com.
- Spamhaus focuses on block lists, including spam via the Spamhaus Block List (SBL), hijacked and compromised computers on the Exploits Block List (XBL), the Policy Block List (PBL), the Don’t Route or Peer lists (DROP) listing netblocks that you may not want to allow traffic from, and a variety of other information: spamhaus.org.
this list was typed by Dave, but all credit goes to the source from whom the content was copied:
Sybex CompTIA Security+ Study Guide - Exam SYO-601 - Eighth Edition by Mike Chapple and David Seidl
Buy it here, I highly recommend it.