4. Describe how to find out about emerging attack techniques and how to recognise them (AC 1.4)

Good cyber means putting together information from all sorts of different sources to get a fuller picture of the threats we face now and what might be coming. Indicators of compromise (IOCs) Things like strange activity in computer logs or files, unusual network traffic, lots of requests for the same file, data appearing where it shouldn't or changes in the profiles of mobiles devices Deep Web This includes private hacking forums, social media pages that are hidden or for members only, video on demand (VoD) services, web forums where you need to sign up to access or websites that have require a subscription or paywall. Dark web Here we have peer-to-peer networks botnets, Bitcoin services, marketplaces on the dark net and hacking groups that often operate in secret. Messaging platforms WhatsApp, Wire, dust, CYPH, Snapchat, are some of the platform where information might be exchanged, sometimes in ways that are hard to track. Social Media Sites like Instagram ,WeChat, Youtube, Facebook, and Twitter can also be sources of valuable information when it comes to understanding potential cyber threats. Malware analysis Looking at malware software, exploring markets on the dark web, keeping an eye on the hacking groups, and reading industry bulletins are all ways to gather on emerging threats. Geopolitical developments Trade disputes, elections coming up, and conflicts around the world are often closely tied to cyber threats and may give us clues about what's happening in the cyber sphere. Exploit databases There are places like the Exploit database, the Google Hacking Database, the ISS X-Force Database, and the open source Vulnerability Database where security flaws and exploits are documented. Paste sites Sites like Pastebin, ControlC, Ghostbin, Rentry.co, Github and Zerobin can be sources where sensitive data gets exposed. Information sharing platforms Platforms like the UK National Cyber Security Centre's Cyber Security Information Sharing Program, Financial services Information Sharing and Analysis Center, AlienVault's Open Threat Exchange, United States Computer Emergency Response Team's Automated Indicator Sharing Platform, Asia pacific Intelligence.