I have been playing with CIRCL’s AIL Framework recently (which I will be writing about in another blog post), but I have had an interest in monitoring Telegram channels for Threat Intelligence and Data Breach indicators.
AIL has a very capable framework to detect indicators within processed information using a suite of very comprehensive Yara rules – but unless you want to copy and paste Telegram messages into AIL all day, some level of automation is required.
There is where the feeders come into play!
Read More “Feeding Analysis Information Leak (AIL) Framework” »