PassiveTotal Hubot 2.0

It’s hard to believe, but just nine months ago, we rolled out our first version of Hubot scripts using Slack as an example of how you could further your analysis. Back then, we were working with limited amounts of data and could only provide passive DNS. Today, we are in a much different place and felt it was time to really build out our bot capabilities. Released on our Github repository and the NPM

read more

Self Driving Transforms: Maltego Machines for the Win!

With the launch of our updated Maltego transform set three weeks ago, PassiveTotal made even more of our functionality and data available to the Maltego community. With this new functionality came a significant increase in the number of transforms available for querying the PassiveTotal platform and while we all know more is better, it can be cumbersome to sift through all the transform options available.

In an effort to aid our analyst community we have

read more

ScarletCitizen: Defense Through Indirect Sharing

Earlier today, the Citizen Lab released a blog post outlining a technical shift in the tactics used by the Scarlet Mimic threat actor. Scarlet Mimic (SM) was first reported on by Palo Alto Networks in January, and the Citizen Lab report provides additional context on the actors, and their targets.

The researchers report that SM has repurposed parts of their malware command and control infrastructure to serve phishing attacks that mimic popular online providers, like

read more

Maltego Transforms Reloaded

This week we released an update to our PassiveTotal Maltego transform set, which takes advantage of our updated API and newly released proprietary data sets to provide our community with even more insight into suspicious and malicious infrastructure. With today’s release, PassiveTotal puts more than 100 transforms at our users finger tips, makings it easier than ever to harness the full power of our data within Maltego.

How Do I Get Them?

PassiveTotal transforms

read more

Triage Faster in CRITs with PassiveTotal

For the past several years, CRITs has provided analysts with a free, open source alternative to a hosted threat intelligence platform. When support for external services went public, PassiveTotal was quick to draft up a service and release it to the community. A lot has changed since then, both in CRITs and most notably, the data that PassiveTotal provides. With our new API released, we felt it was time to update our existing service which

read more