One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
This article discusses the use of automated pivoting and graph neural networks (GNN) to proactively discover malicious infrastructure used by threat actors. The approach leverages the tendency of attackers to reuse, rotate and share infrastructure when setting up campaigns. Three case studies are presented: a postal services phishing campaign, a credit card skimmer campaign, and a financial services phishing campaign. The research demonstrates how defenders can use this method to uncover new indicators and block infrastructure before it is weaponized. The article highlights the benefits of continuous monitoring and correlation in detecting evolving threat actor behavior and infrastructure.
OPENCTI LABELS :
phishing,anunak,carbanak,threat hunting,automated detection,aranuk,domain analysis,graph neural networks,web skimming,infrastructure discovery
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks