How I Got Busted for Loving the U.S in Cyberspace?

Guess who’s been busy setting them straight in cyberspace? Well that would be unfortunately throughout 2008–2013 when I was most active online making the headlines at unknown places online making my day and inspiring me to track down the Koobface botnet on a daily basis.

Keywords: Dark Web, Dark Web Onion, Hacking, Hacker, Hackers, Dancho Danchev, Intelligence, Intelligence Studies, Intelligence Community, NSA, GCHQ, Cyber Intelligence, Malicious Software, Malware, Cyber Surveillance, Eavesdropping, Wiretapping, Top Secret, Classified, Top Secret Program, Classified Program, Cybercrime, Data Mining, Big Data, Cybercrime Research, Threat Intelligence, Security Industry, Information Security, Information Security Industry, Computer Security, Computer Hacking, Network Security, Network Hacking, OSINT, Russia, Iran, Russian Hackers, Iranian Hackers, Russian Cybercriminal, Cybercrime Forum, Cybercrime Forum Community, Astalavista, Astalavista.box.sk, Box.sk, Box.sk Network, Cracks, Serials, Keygens, Key Generators, Hacker Search Engine, Cracks Search Engine, Serials Search Engine, Threat Intelligence, Cybercrime Research, Malware, Malicious Software, Botnet, Botnets, Reverse Engineering

It used to be quite a privilege when I originally attempted to publish an article which I proposed to one of my homeland’s primary technology magazine HiComm and when I got actually invited to publish a series of articles on a monthly basis. Among the first things which I did back then was to translate my extremely popular document “The Complete Windows Trojans Paper” to Bulgarian which was quite a success and the article got published and accepted which was originally published in the Christmas edition of the magazine. The original story behind my infamous “The Complete Windows Trojans Paper” was a major shift between my understanding and experience within the hacking Scene and the modern security industry where I really wanted and did my best to have a career which leads me to today’s leading expert in the field of cybercrime research and threat intelligence including security blogging and OSINT research and analysis on the bad guys including various international and well known cyber threat actors.
I originally wrote and released my “The Complete Windows Trojans Paper” on my own as part of a major marketing effort to promote my knowledge and expertise in the scene where the ultimate goal was to produce a high-quality and never released publication on the topic and basically make it easier for everyone to understand the ongoing trend that have to do with trojan horses back then where I later on originally published my publication on what used to be among my first independent contractor position at my first employer at the time which was Netherlands-based Frame4 Security Systems where I also did a marketing editorial on the company’s web site and has been supporting and working with the company ever since. The interesting part back then was that I also got a personal recommendation from the company owner for my university application which at the time was a Netherlands-based university where I had the ambition to relocate with my girlfriend and partner in life at the time which we eventually did with the idea to visit and actually go to study in that country.
While I was in Bulgaria during my teenage hacker years I was busy freelancing as an information security consultant while working with international security portals where I was busy offering advice and practical information security advice and practical solution recommendations including my work with CIO.bg where I once contributed with an article on Cyberterrorism and Cyber Jihad including a series of publications for HiComm.bg where I was running a popular information security rubric and participated with several articles in several of the magazine’s issues. 
At a later stage I somehow decided to go corporate an in a way find a way to enter the commercial information security industry with my knowledge potentially beginning to contribute with knowledge and information using my personal contacts at various information security portals on my way to land a possible job preferably as a writer security blogger or a journalist which I apparently succeeded in doing as I’ve been actively contributing with my own research and knowledge on a variety of h/c/p/a (Hacking/Cracking/Phreaking/Anarchy) portals at the time. At some point in time Dancho decide to approach the primary operator of one of his favorite security Web sites at the time — https://net-security.org for the purpose of contributing with an article for their newly launched forbidden.net-security.org project. 
My idea was to contribute with a security article for their recently launched Newsletter and the article in question was a good old-fashioned “How to use trojan horses” manual. The article eventually got accepted and Dancho felt proud of himself for making a contribution to the project and having his article published so that eventually more people will read it and send him an email with questions about trojan horses and the actual article. The primary Webmaster of net-security.org at the time was Berislav Kucan and the project still remains one of my favorite and most popular visited security Web site on a daily basis. At a later stage I decided to establish a working relationship with Frame4 Security Systems which is a Dutch-based company for the purpose of writing an improved version of the original “How to use trojan horses” paper which later on became the “The Complete Windows Trojans Paper” which quickly became one of the Scene’s most popular and highly read paper on modern trojan horses and how to use them and how to protect against them. 
With the summer coming to an end I got an offer to begin to work at the local office of his ISP (Internet Service Provider) which at the time was Digital Systems for the position of office assistant where he was responsible for introducing new clients to the ISP’s service offering and for processing invoices. Among the key benefits for working at the local ISP office was the actual bandwidth that he got access to allowing him to access the Internet without any sort of limitations which he used to visit some of his favorite Top50 and Top100 security and hacking Web sites where he eventually downloaded some of the most recently released hacking and security tools including trojan horses which he copied on a floppy disk and eventually brought back home during the lunch break for the purpose of exchanging the information with his second employer at the time which was an anti-trojans vendor using a publicly accessible FTP server for the purpose of helping his employer improve the detection rate for these type of programs and trojan horses. I would then receive a payment for having collected and actually shared these programs and trojan horses which he would use to pay the bills at the time and actually pay for using his ISP’s service.
At some point in time he eventually got approached by a guy known as HeLLfiReZ who was interested in working with him and actually sharing his collection of trojan horses which he would then also share with his employer which at the time was LockDownCorp and earn revenue in the process. It would later come to his attention that the guy that approached him was actually one of the key members of the infamous Sub7 trojan horse group which at a particual point in time was responsible for launching a DDoS (Distributed Denial of Service) attack against the researcher Steve Gibson who extensively profiled the campaign and actually had a conversation with HeLLfiReZ and his team members for the purpose of finding out how launched the attack and how it took place. He would eventually run a personal hacking and security Web site archive using hosting courtesy of his employer LockDownCorp and run a popular Hacking and Security Web site which he would then feature on Progenic.com’s Top100 Hacking and Security Web sites including to actually offer paid security consultations in terms of finding out ways to help people protect their home PCs from trojan horses and teaching them how to use a firewall and how they can secure their home PCs. 
At a later stage in his early Information Security career he would visit and join https://itsecurity.com’s Security Clinic where I would have his personal biography featured and actually respond to common security questions which users of the Web site will submit and have his response featured on the front page potentially driving traffic to his employer at the time which was Frame4 Security Systems and actually improving his knowledge and understanding of Information Security in general. Dancho was also known for having participated in the Blackcode Ravers hacking group which was running the popular https://blackcode.com Web site at the time and actually participated with two issues of a popular Security Newsletter at the time which were featured on the home page of the portal. During the glorious years of IRC (Internet Relay Chat) where Dancho was busy hanging on several IRC networks including DALNet and his local country’s IRC network he managed to obtain the /etc/shadow password file for his entire ISP (Internet Service Provider) which at the time was Digital Systems and shared a copy of it with his best friend at the time George Kadiyski for the purpose of using several popular and high-profile Wordlists including John the Ripper password cracker potentially obtaining access and brute-forcing the entire password list for hundreds of active dial-up Internet based accounts at the time.
Over a period of several days the results at the time were outstanding in the context of actually succeeding in the brute-forcing process potentially allowing Dancho and his friend to easily access free Internet based dial-up accounts which at the time cost money allowing them to use the Internet for free. At a later stage Dancho also managed to obtain access to his local town’s competing ISP (Internet Service Provider) which was known as BIANet /etc/shadow which was send to him by a friend and he also once again shared it with his friend who would once again begin brute-forcing the password file using a variety of Worldlists and the infamous John the Ripper passwor cracking tool at the time potentially allowing Dancho and his friend easy access to unlimited Internet based dial-up connectivity.
It would be fairly easy to assume how things got complicated with Dancho quickly obtaining access to Internet Relay Chat’s primary mIRC application including a variety of IRC-based “War Scripts” including a dozen of mail-bombers and various other ICQ-based type of Nukers and Flooders on his way to demonstrate a proper technical know-how to his friends and peers in the shady world of hacking. Among the first channels he tried to access were #hacker #hackers #hacking and the infamous #hackphreak on EFNet including to actually open several personal channels on the local IRC networks including #drugs #KGB and #linuxsecurity. At a later stage he actually managed to ask a friend for a possible operator status on the local town’s IRC channel where he was basically running a 24/7 online protection bot known as xploit including the active use of a Socks5 server which at the time was offered by his employer LockDownCorp where he was busy acting as Technical Collector of trojan horses/worms/viruses and VBS scripts for the purpose of improving the anti-trojan software’s signatures-based detection rates. 
Among the first thing that Dancho decided to do in his spare time is to actively research the local Webmaster of his hometown’s official Web site for the purpose of attempting to launch a social engineering attack against his local town’s official Web site which basically succeed and resulted in a “greeting” message being posted on the official Web site with no actual data destruction and data removal taking place in what would appear to be a professional approach when compromising a legitimate Web site for the purpose of greeting his personal friends and spread a message on behalf of “Trojan Hacking Group” which at the time basically consisted of one of his closest friends and another fellow hacker enthusiast. Among his responsibilities the time included the active collection of trojan horses/worms/viruses and VBS Scripts with the idea to share them with his employer which at the time was LockDownCorp one of the world’s leading anti-trojan vendors for the purpose of improving the detection rate for these publicly accessible trojan horses in what would later on mature into a successful Technical Collection operation which basically paid his bills and actually offered him a decent financial incentive to continue getting involved in security as a hacker enthusiast and actually improved his employer’s overall detection rate for some of the most prolific trojan horses at the time. 
The actual contractual agreement had to do with Dancho using a private FTP server where he would spend hours uploading collected trojan horses using his home-based dial-up connection and eventually earning a revenue in the process using Western Union where he was happy to have established direct working relationship with one of the world’s leading anti-trojans vendors which at the time was located at — http://proxy2.stealthedip.com/maniac/incoming/ Whenever Dancho would attempt to reach out to his friends he would attempt to find out whether they are online using a popular trojan horse including to actually check his email account for their recently changed passwords and other related information including their current IP so that he can properly connect to their home PC for educational purposes.

While Dancho was busy studying in the Netherlands he was busy persistently checking one of the World’s most popular and high-trafficked Web sites for hackers and security experts – Astalavista.com – and sticking to the common wisdom circa the 90‘s where everyone was busy making contributions and launching new groups – he decided to approach the company behind the portal with a possible business proposal that basically consisted of having him monitor and actually maintain the portal in terms of content including the actual production of a high-profile Security Newsletter where we would produce security and hacking articles including a featured Security Interview with key members from the Scene and the Security Industry.

What used to be a daily routine to work for ZDNet’s Zero Day blog for four productive years on a daily basis as a security blogger in between publishing personal research on my blog and later on receiving a direct offer to work with Webroot for the position of a security blogger was a dream come true where on both places I had the privilege to work and contribute with knowledge and research with some extremely knowledgeable and popular folks including my corporate citizenship passport which at the time was the crown jewel of my experience which was to visit InfoSec Europe 2012 in Earls Court in London with my company Webroot where knowing everyone and working with everyone from day one was quite a success and I’m extremely grateful for contributing to the growth of the company with my own knowledge and expertise and for basically that I have up to present day which was the highlight of my research at the time namely to join the company and enter the corporate world of information security and security blogging which I know so well up to present day and highly miss the productive days back then.

Prior to getting a confirmation from a Team Member of the actual owner of the portal at the time Dancho quickly began entering into negotiations about a possibly paid including a free venture at the time where he could earn a small commission for producing a high-quality security newsletter and actually be responsible for all the security and hacking content at Astalavista.com on a monthly and daily basis. As he began working on the monthly newsletter the first issue including the remaining twenty six issues which he produced over a period of three years were quite a success including the actual Geeky Photos section where portal users could send in photos of their desktop computers for the purpose of featuring them at the Web site potentially promoting their desktop setups to our audience at the time eventually leading him and the portal to win a PCMagaine Top 100 Security Sites Award back in 2005. Among Dancho’s main responsibilities at the time where the daily updating of the portal with high quality security documents tools and presentations including actual hacking and security links and overall responsibility for all the content at the Web site including the production of a highly popular security newsletter at the time including to actually answer and work on possible partnership and advertising inquiries at the time which led to a successful repositioning of the portal as one of the primary information security portal services online.
Jessus. Who would have thought? At a specific point in my time and my career as a cybercrime fighter and cybercrime researcher including OSINT analyst and threat intelligence analyst at some point in time after approximately a decade in fighting bad guys and actually tracking them down and exposing  their infrastructure I finally got a very interesting email which was basically a screenshot courtesy of a Russian Business Network franchise member that was basically showcasing ownership over their primary domain which was nearly impossible to receive and in specific the fact that the original and primary Russian Business Network franchise domain name doesn’t really exist in the context of having virtual no clues of its online existence which was quite a remarkable success in the context that it would have motivated many to pursue a pension in the field which basically included the actual message saying “hi” and greeting me which was quite a success at the time in the context of receiving a personal message from the Russian Business Network franchise proving ownership of their primary domain name. How did I originally stumbled upon the Russian Business Network? It was by going through other people’s research on the topic and basically by doing my job at the time which was quite a success in terms of daily monitoring for malicious and fraudulent online activity which led me to stumble upon their malicious infrastructure on numerous occasions in specific to find out more about their rogue and malicious bulletproof hosting infrastructure which used to dominate the threat landscape at the time in terms of popularity and the primary bulletproof hosting provider for a variety of cybercriminals internationally. I was also originally inspired by the usual source of inspiration for me which was basically iDefense actual threat research reports at the time that were basically going a step beyond the typical threat intelligence reports and were basically including all the necessary and in-depth details on various cyber threat actors at the time including primary sources of cybercrime activity internationally.
Among the first things that I did prior to trying to pop up online back in full speed and fashion was to quickly built a set of projects including to launch several popular and interesting initiatives such as for instance Law Enforcement and OSINT operation called “Uncle George” where the ultimate goal was to collect as much publicly accessible information on the bad guys then data mine and present my findings to the wider security industry and community including to look for and present tons of actionable intelligence on the bad guys which could have been useful in the context of having vendors and organizations attempt to launch cyber attack and cyber campaign attribution efforts against these individuals.
At some specific point in time I came across the local for Bulgaria Cyber Security Talks event where I applied to make a presentation which got accepted which led me to eventually pop up at the event in front of eighty people and make a high-quality personal presentation on cybercrime research OSINT and threat intelligence including my general experience in the field as an expert in the field of cybercrime research OSINT and threat intelligence gathering where I’m an independent contractor since practically December, 2005.
It used to be a moment when I originally started getting involved in OSINT (Open Source Intelligence) as an independent contractor when I originally came across to the following document which greatly inspired me to join this space – “Reexamining the Distinction Between Open Information and Secrets” while browsing through Globalsecurity.org Fas.org Cryptome.org at that time. The primary reason why OSINT inspired me to become an independent contractor in this space in specific information security is the fact that a lot of the documents that I had to go through to learn what OSINT is and how to do it were either classified or publicly accessible however coming from important sources of information such as for instance the CIA.gov including various other U.S Government and U.S Intelligence Community sources of information. It is my opinion that the power of OSINT primary relies on the actual collection and working with the actual decision-making information using public sources which also includes actual enrichment and colleration between multiple sources of publicly accessible classified and declassified information which makes this area quite interesting to join from an independent contractor perspective in the information security field.
At a specific point in time I must have gathered a proper momentum among my readers which I never really knew anything about including the bad guys in the context of intercepting a chatter mentioning me in a pretty bad context despite the fact that this is untrue as most of my research and the research that I did was in a passive mode namely I never really engaged anyone in specific friends and colleagues from the industry including the bad guys as I’m a firm believer that you can collect all the information that you need on them without bothering to interact or approach them. Among the few key comments that I’ve ever came across to referencing me in my entire career on a major cybercrime-friendly forum community was a Darkode discussion including a hitman request for me which apparently managed to find me one way or another including a second discussion which basically referenced my name and insisted that the same thing that took place with me back in 2011 will happen again. What really took place back in 2011 in my apartment in Sofia where I relocated on my  own and where I insisted to live on my own and do my research using my ZDNet salary as a primary means to pay for my rent and living expenses is.

The primary reason behind this post is to tell my story with all the juicy details up to present day and actually offer an in-depth and never discussed before perspective on my research including to present and communicate the crown jewels of my research to a vast and growing network of readers internationally where the ultimate goal would be to properly present the true story behind my professional career including to offer an in-depth peek inside my teenage hacker years experiences while properly present my story up to present day where I’m an internationally recognized cybercrime researcher security blogger and threat intelligence analyst. Dancho Danchev Presenting at CyberCamp 2016 in Spain How did I attempt to take down the Koobface botnet? Who’s Hilary Kneber? What was the primary idea behind “Keeping Money Mule Recruits on a Short Leash” blog post series? How did I prevented and actually detected a possible kidnapping attempt? How did I made it to the GCHQ with the Honeynet Project? Is is true that I’ve received an invitation to present at Canadian Intelligence Services? What’s my professional experience with my current employer WhoisXML API?

I never really bothered to stop publishing content on my personal blog which I felt is an obligation to the society and my readers who I really know nothing about in the context of presenting my knowledge and they will come and in the context of never really bothering to set up my Google Analytics property properly where I was sticking to basically monitoring my RSS Feedburner subscriber account which at the time peaked at 7,000 RSS readers on average on a daily basis which is quite a success for one man operation that never really bothered to know anyone from the industry in the context of basically presenting my findings and knowledge and later on getting surprised in the context of having folks and people from the industry approach me to say hi invite me to attend a conference share information or ask for information where I’m always there to appreciate their research and knowledge and continue to contribute with research and knowledge on my personal blog.

How did I attempt to take down the Koobface botnet? Who’s Hilary Kneber? What was the primary idea behind “Keeping Money Mule Recruits on a Short Leash” blog post series? How did I prevented and actually detected a possible kidnapping attempt? How did I made it to the GCHQ with the Honeynet Project? Is is true that I’ve received an invitation to present at Canadian Intelligence Services? What’s my professional experience with my current employer WhoisXML API?

What does rocking the boat really means? If it’s going to be massive it better be good. At some particular point in time when I was busy working on my personal blog I remember a moment when every day’s story used to dominate my life being in particular the fact that I’ve managed to tell a story for the purpose of sharing it and reaching out to my readership which at the time I was hoping that it was growing with several high prole daily users that I was busy tracking on a daily basis.

The juicy details? At some point in time when I was originally secretly monitoring who was visiting my blog using Statcounter.com where I was hoping to see someone famous I’ve noticed that I got a regular visitor from The Pentagon who was basically visiting the blog on a daily basis during not necessarily a specific time but in general which was great news and this greatly motivated me to continue posting high-quality research and news and commentary articles on various events that took place in the security industry including across the globe.

I also got several visitors from the CIA, the NSA including the FBI the NYTimes and BBC which was an outstanding audience at the time which was quite interesting to monitor and interact with at that time through my daily blog posts on a variety of interesting and high-quality topics.

Up to present day I’m a 38 years old security blogger OSINT analyst and threat intelligence analyst from Bulgaria. I’m currently running one of the security industry’s most popular security publications which is my personal blog - Dancho Danchev’s Blog - Mind Streams of Information Security Knowlwedge. I’ve been running my publication since December, 2005 and throughout the years I had an overage of 7,000 RSS feed subscribers including 5.6M page views throughout the years making my blog an extremely important switchboard to the world of security blogging OSINT research and analysis threat intelligence analysis and most importantly cybercrime fighting research and analysis.

I’m also acting as a DNS Threat Reseaarcher at WhoisXML API.

Among my key accomplishments include my “lawful surveillance” and “lawful interception” experience as teenage hacker the production of the popular Astalavista Security Newsletter circa 2003–2006 including the “take-down” of the Koobface botnet [MP3] including a participation in Top Secret GCHQ program called “Lovely Horse” including regular appearance in major news publications for interview and expert opinion including Techmeme, ZDNet, CNN, PCWorld, SCMagazine, TheRegister, NYTimes, CNET, ComputerWorld, H+Magazine and regular security and research presentation appearance at major security events at GCHQ, Interpol, InfoSec Europe, RSA Europe and CyberCamp.

I’m an internationally recognized expert in the field of cybercrime fighting and threat intelligence gathering having actively pioneered my own methodlogy for processing threat intelligence which leads me to a successful set of hundreas of high-quality anaysis and research articles published at the industry’s leading threat intelligence blog - ZDNet’s Zero Day, Dancho Danchev’s Mind Streams of Information Security Knowledge and Webroot’s Threat Blog with his research featured in Techmeme, ZDNet, CNN, PCWorld, SCMagazine, TheRegister, NYTimes, CNET, ComputerWorld, H+Magazine currently producing threat intelligence at the industry’s leading threat intelligence blog - Dancho Danchev’s - Mind Streams of Information Security Knowledge.

With my research featured at RSA Europe, CyberCamp, InfoSec, GCHQ and Interpol I continue to actively produce threat intelligence at the industry’s leading threat intelligence blog - Dancho Danchev’s - Mind Streams of Information Security Knowledge publishing a diverse set of hundreds of high-quality research analysis detailing the malicious and fraudulent activities at nation-state and malicious actors across the globe.

Key achievements include:

– Presented at the GCHQ with the Honeynet Project

– SCMagazine Who to Follow on Twitter for 2011

– Participated in a Top Secret GCHQ Program called “Lovely Horse”

– Identified a major victim of the SolarWinds Attack - PaloAltoNetworks

– Found malware on the Web Site of Flashpoint

– Tracked monitored and profiled the Koobface Botnet and exposed one botnet operator

– Made it to Slashdot two times

– My Personal Blog got 5.6M Page Views Since December, 2005

– My old Twitter Account got 11,000 followers

– I had an average of 7,000 RSS readers on my blog

– I have my own vinyl “Blue Sabbath Black Cheer / Griefer - We Hate You / Dancho Danchev Suck My Dick” madeby a Canadian artist

– Currently running Astalavista.box.sk

– I gave an interview to DW on the Koobface Botnet

– I gave an interview to NYTimes on the Koobface botnet

– I gave an interview to Russian OSINT

– Listed as a major competitor by Jeffrey Carr’s Taia Global

– Presented at the GCHQ

– Presented at Interpol

– Presented at InfoSec

– Presented at CyberCamp

– Presented at RSA Europe

In the past I’ve been a member of:

* A Member to WarIndustries (http://warindustries.com)

 * List Moderator at BlackCode Ravers (http://blackcode.com)

 * Contributor Black Sun Research Facility (http://blacksun.box.sk) (BSRF)

 * List Moderator Software Contributor (TDS-2 Trojan Information Database) (https://packetstormsecurity.com/files/25533/tlibrary.zip.html) DiamondCS Trojan Defense (http://tds.diamondcs.com.au)

 * Contributor to LockDownCorp (http://lockdowncorp.com)

 * Contributor to HelpNetSecurity (http://forbidden.net-security.org)

 * A Security Consultant for Frame4 Security Systems (http://frame4.com)

 * Contributor to TechGenix’s WindowSecurity.com (http://www.windowsecurity.com/authors/dancho-danchev/)

 * Technical Collector - LockDownCorp - (https://lockdowncorp.com)

 * Managing Director - Astalavista Security Group - (https://astalavista.com)

 * Security Consultant - Wandera - (https://wandera.com)

 * Threat Intelligence Analyst - GroupSense - (https://groupsense.io)

 * Security Consultant - KCS Group Europe - (https://kcsgroup.com)

 * OSINT Analyst - Treadstone71 - (https://treadstone71.com)

 * Security Blogger - Armadillo Phone - (https://armadillophone.com)

 * Security Blogger for ZDNet (http://www.zdnet.com/blog/security/)

 * Threat Intelligence Analyst for Webroot (https://www.webroot.com/blog/)

I would like to thank the following people for contributing to the Scene throughout the 90’s up to present day and for keeping up the good work part of Astalavista.com’s Security Newsletter which I produced circa 2003–2006.

* Proge -  http://www.progenic.com/

 * Jason Scott - http://www.textfiles.com/

 * Kevin Townsend - http://www.Itsecurity.com/

 * Richard Menta - http://www.bankinfosecurity.com

 * MrYowler - http://www.cyberarmy.net/

 * Prozac - http://www.astalavista.com/

 * Candid Wuest - http://www.trojan.ch/

 * Anthony Aykut - http://www.frame4.com/

 * Dave Wreski - http://www.linuxsecurity.com/

 * Mitchell Rowtow - http://www.securitydocs.com/

 * Eric (SnakeByte) - http://www.snake-basket.de/

 * Björn Andreasson - http://www.warindustries.com/

 * Bruce - http://www.dallascon.com/

 * Nikolay Nedyalkov - http://www.iseca.org/

 * Roman Polesek - http://www.hakin9.org/en/

 * John Young - http://www.cryptome.org/

 * Eric Goldman - http://www.ericgoldman.org/

 * Robert - http://www.cgisecurity.com/

 * Johannes B. Ullrich - http://isc.sans.org/

 * Daniel Brandt - http://google-watch.org/

 * David Endler - http://www.tippingpoint.com/

 * Vladimir, 3APA3A - http://security.nnov.ru

In this video I’ll discuss in-depth a variety of personal projects and current and ongoing both real-time current and historical research and analysis activities in the following categories such as for instance:

– My Dark Web Onion

 - My Uncle George Law Enforcement and OSINT Enrichment Operation

 - My Cybercrime Forum Data Set

 - My Unit-123.org E-Shop for Intelligence Deliverables Project

 - My Offensive Warfare 2.0 Threat Intelligence Clearing House Project

 - My Disruptive Individual’s Threat Intelligence Feed

 - My Current work as a DNS Threat Researcher with WhoisXML API

 - How I ended up in Snowden’s Archive?a

 - How I ended up on Wikileaks?

 - How I made it into several comparative academic studies on the quality of sharing threat intelligence and cybercrime research information?

 - How come I’m the only one listed as a competitor in Jeffrey Carr’s Taia Global Competitors Slide?

 - What’s it’s like to run the infamous Astalavista.com portal back in 2003–2006 where I was acting as a Managing Director?

 - What it’s like to get the privilege to work as a security blogger at ZDNet’s Zero Day blog for four years?

 - What’s it’s like to work as a security blogger with Webroot for two years?

 - How I ended up and spend the last couple of years doing OSINT on the bad guys?

 - How I ended up having a project on the infamous Astalavista.box.sk?

 - A brief introduction into some of the latest developments and research that I posted on my personal blog - Dancho Danchev’s Blog - Mind Streams of Information Security Knowledge

 - How I ended up having a mobile application?

 - How I ended up having a personal memoir?

 - How I got busted?

 - What it’s like to visit the GCHQ?

 - What it’s like to meet the security industry?

 - What it’s like to visit RSA Europe 2012?

 - What it’s like to visit InfoSec 2012?

 - What it’s like to visit CyberCamp 2016?

 - What it’s like to get an invitation to visit Canada’s Security Service?

 - My DIA Needpedia Investment Proposal

 - How I ended up discovering a SolarWinds victim?

 - How I ended up with a real-time OSINT and cyber attack attribution campaign on the Conti Ransomware Gang?

 - How I ended up almost retiring and offering OSINT and threat intelligence training?

Leave a Reply

Your email address will not be published. Required fields are marked *

Unit-123.org E-shop Owner Information

Who is Dancho Danchev?

Unit-123.org

Focused on delivering daily batches of personally-produced never-ending supply of high-quality and never-published and released before classified and sensitive Intelligence Deliverables.

Latest Products