The Cyber Threat Intelligence page, affectionately known as the Radar Page by some (or maybe just me), has been around for over 13 years. See the Daily Mail article below for the sensational history. :) It has been through several redesigns, but retains a similar look and feel across the versions.
Where to find the Radar Page:
There is also an iOS app, that adds the benefit of receiving notifications of alert updates to your iOS device.
Radar Page Details
Reported Vulnerabilities - We report on vulnerabilities in a wide range of industries, including OS, Software, Hardware, SCADA, ICS, HMI, Medical, Education, Auto, Buildings, anything that piques our interest and seems worth putting up on the board. With rare exceptions, reported vulnerabilities can be exploited through the network without authentication, i.e. "remote attacker". In CVSSv3 language we look for AV:N, PR:N. We report on vulnerabilities that have been identified but not fixed yet (New), patches that are available for vulnerabilities (Patch), and exploit trends for new or existing vulnerabilities (Exploits). Occasionally when a true 0-day vulnerability has been published we list it with that status (0-day). (However, just because the news headline says it's a 0-day doesn't make it so, it's a popular phrase to get clicks for an article.)
Vulnerability status varies, when we first raise an alert it will be at Increased (yellow) or High (orange). Occasionally something rises to the level of Critical (red), but it is rare, as it should be. Alerts will fall through the color scheme with time, typically dropping to Guarded (blue) fairly quickly. Most Alerts stay on the page 48 hours, some of the more critical alerts occasionally stay 72 hours.
Alert Details - The Alert Details scroller is relatively new for the Radar Page, although the scrolling feeds have been there for some time. Any of the items listed in the Alert boxes will have details in the Alert Details scroller, occasionally older items that are still of interest but no longer in the Alert boxes also remain in the scrolling details.
Overall Alert Status - In the last redesign we decided to use our own Overall Alert levels (Guarded, Increased, High, and Critical) because existing ones didn't really provide the status changes we thought should be there. This way the Overall Alert state can fluctuate up and back down as necessary. Clicking on the Overall Alert State takes you to the details page that lists why we raise and lower the state, as well as document the history of the changes.
Subject and GeoPolitical Alerts - When needed, we also raise Subject level and GeoPolitical alerts, to help in identifying specific situations that are impacting the internet and companies. Subject alerts are usually for products or events, while GeoPolitical alerts identify conflicts or issues in areas of the world that may have implications for cybersecurity.
Rounding out the information sections, we provide scrolling Security News (provided by securitynewswire.com), a Virus News scroll (provided by Sophos), a Worldwide Malicious Activity Map (provided by Team Cymru), and a section listing the Latest Tool Versions and IDS Signatures. Finally, we list time zones across the bottom (provided by timeanddate.com).
Where to receive New Alert Notifications
Notifications have grown, to the point now there are several places you can receive a notification about New Alerts and other things affecting the Radar Page.
We use push notifications for the iOS app to your iOS device.
The newest location is the CNDLtd.com Daily Vulnerability Blog page, with additional commentary since there is a bit more room. You can subscribe to receive email notification when a new blog entry is posted.
Branded or Custom Radar Page Services
Are you interested in a Branded Radar Page, our research and work with your Logo? We now offer that service at varying price levels depending on your needs. You can get more information about the Branded Radar Page service on the CNDLtd.com website.