FAQ
Why don’t you have a contact form or email address on this site?
Due to the nature of this site, we’ve removed potential risks associated with forms and emails. These can be exploited by threat actors, so we’ve minimised those entry points to enhance security. The best way to contact us is via our X (formerly Twitter) page.
How do you research these threats?
We use a variety of reputable sources, from well-known cybersecurity news websites and advisory services to threat databases that track malware and ransomware activity. Additionally, we utilise tools to validate and investigate new threats. Our advisories are formatted to ensure they’re consistent, simplified, and focused on providing clear, actionable information.
Do you use AI in your research?
Yes, we do. To stay ahead of threat actors, AI is essential. However, we always ensure that AI-generated content is verified by humans before publishing. AI won’t take your job—people who know how to use AI effectively might!
How often do you research new threats?
We research new threats twice a day, once in the morning and again in the evening. Additionally, we use real-time alerting systems to notify us of any notable active threats, allowing us to respond as quickly as possible.
How does the threat score work?
Cybersec Sentinel threat scores provide a structured assessment of risk based on the threat’s complexity, impact, and likelihood of exploitation. Higher scores reflect more advanced capabilities, broader impact, and urgency of response.
Threat Score Classification Table
| Score | Level | Summary |
|---|---|---|
| 0.0 – 2.9 | 🟢 Low | Minimal threat. Requires user interaction. No persistence or automation. Routine protection and user training are effective. |
| 3.0 – 4.9 | 🟡 Moderate | Known exploits or weak configurations. Limited impact. Easy to detect and remediate. Monitor for escalation. |
| 5.0 – 6.9 | 🟠 Elevated | Uses multiple techniques to bypass defences. Can disrupt operations or leak data. Requires enhanced monitoring and containment. |
| 7.0 – 8.4 | 🔴 High | Advanced and targeted. Includes ransomware, credential theft, or critical asset access. Needs full incident response and cross-team coordination. |
| 8.5 – 10.0 | 🔥 Critical | Severe impact. Zero-day exploits or nation-state actors. Involves persistence, evasion, and systemic compromise. Immediate executive-level action required. |
- Threat scores are based on a combination of complexity, exploitability, privilege impact, ability to evade detection, persistence, and current threat actor activity.
- Threats with a score of 7.0 or above require prioritised attention and structured containment. They may impact business continuity, regulated data, or high-value assets.
- Scores should be reviewed and updated as new indicators, behaviours, or attribution emerge.
- Critical-level threats demand full incident response activation, notification of executive leadership, and post-incident review.
- Use this scoring system to prioritise resources, guide decision-making, and align risk posture with business-critical systems.
Why don’t you offer a membership or newsletter service?
We previously offered a free membership and email newsletter, but we’ve discontinued these to prioritise both privacy and security. While newsletters were a convenient way to engage with our readers, we found that removing the need to collect personal data, such as email addresses, allowed us to focus on delivering high-quality advisories without the added risk of storing sensitive information. You can still stay updated with our content through our RSS feed or by following us on X, ensuring you never miss important updates.
Do you provide cybersecurity consultancy services?
At this stage, no. The Cybersec Sentinel website was created to share the insights we’ve already been working on. While we’re happy to offer advice via X, we recommend reaching out to your country’s government cybersecurity agency or major cybersecurity providers like Microsoft’s Security Response Center, Trend Micro, or Fortinet for professional services.
Would you work with a security provider?
While we’re not actively seeking partnerships, we’re always open to meaningful discussions. If the right opportunity arises where we can contribute proactively to a worthwhile initiative, we’d certainly consider it. Feel free to reach out to us via X (formerly Twitter). Once we validate that the request is genuine and aligned with our goals, we’ll provide more formal contact details to continue the conversation. Using X helps us maintain an air gap against bots, spam, and phishing attempts, ensuring that only legitimate requests get through.