#for509 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #for509, aggregated by home.social.
-
#Ransomware threat actors are increasingly abusing AWS's Server-Side Encryption (SSE-C) to encrypt S3 buckets without needing to drop malware. Most recently a TA known as #Codefinger is using this technique.
🕵 Make sure you're monitoring S3 and encryption activity via CloudTrail & GuardDuty.
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
-
#Ransomware threat actors are increasingly abusing AWS's Server-Side Encryption (SSE-C) to encrypt S3 buckets without needing to drop malware. Most recently a TA known as #Codefinger is using this technique.
🕵 Make sure you're monitoring S3 and encryption activity via CloudTrail & GuardDuty.
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
-
#Ransomware threat actors are increasingly abusing AWS's Server-Side Encryption (SSE-C) to encrypt S3 buckets without needing to drop malware. Most recently a TA known as #Codefinger is using this technique.
🕵 Make sure you're monitoring S3 and encryption activity via CloudTrail & GuardDuty.
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
-
#Ransomware threat actors are increasingly abusing AWS's Server-Side Encryption (SSE-C) to encrypt S3 buckets without needing to drop malware. Most recently a TA known as #Codefinger is using this technique.
🕵 Make sure you're monitoring S3 and encryption activity via CloudTrail & GuardDuty.
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
-
#Ransomware threat actors are increasingly abusing AWS's Server-Side Encryption (SSE-C) to encrypt S3 buckets without needing to drop malware. Most recently a TA known as #Codefinger is using this technique.
🕵 Make sure you're monitoring S3 and encryption activity via CloudTrail & GuardDuty.
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
-
If you're in, or near #Singapore, and need to level up your #CloudForeniscs skills, I'll be teaching the SANS Institute #FOR509 #CloudForensics class from the 11th March.
📝 Registration: https://www.sans.org/cyber-security-training-events/secure-singapore-2024/
🧐 Course Info: https://sans.org/for509 -
If you're in, or near #Singapore, and need to level up your #CloudForeniscs skills, I'll be teaching the SANS Institute #FOR509 #CloudForensics class from the 11th March.
📝 Registration: https://www.sans.org/cyber-security-training-events/secure-singapore-2024/
🧐 Course Info: https://sans.org/for509 -
If you're in, or near #Singapore, and need to level up your #CloudForeniscs skills, I'll be teaching the SANS Institute #FOR509 #CloudForensics class from the 11th March.
📝 Registration: https://www.sans.org/cyber-security-training-events/secure-singapore-2024/
🧐 Course Info: https://sans.org/for509 -
If you're in, or near #Singapore, and need to level up your #CloudForeniscs skills, I'll be teaching the SANS Institute #FOR509 #CloudForensics class from the 11th March.
📝 Registration: https://www.sans.org/cyber-security-training-events/secure-singapore-2024/
🧐 Course Info: https://sans.org/for509 -
Join me for the updated version of the SANS Institute #FOR509 #CloudForensics class in #Canberra Australia next month.
📝 Registration: https://www.sans.org/cyber-security-training-events/offensive-ops-australia-2023/
🤔 What's New: https://m.youtube.com/watch?v=6Xkwt3YzquE&feature=youtu.be -
Join me for the updated version of the SANS Institute #FOR509 #CloudForensics class in #Canberra Australia next month.
📝 Registration: https://www.sans.org/cyber-security-training-events/offensive-ops-australia-2023/
🤔 What's New: https://m.youtube.com/watch?v=6Xkwt3YzquE&feature=youtu.be -
Join me for the updated version of the SANS Institute #FOR509 #CloudForensics class in #Canberra Australia next month.
📝 Registration: https://www.sans.org/cyber-security-training-events/offensive-ops-australia-2023/
🤔 What's New: https://m.youtube.com/watch?v=6Xkwt3YzquE&feature=youtu.be -
Join me for the updated version of the SANS Institute #FOR509 #CloudForensics class in #Canberra Australia next month.
📝 Registration: https://www.sans.org/cyber-security-training-events/offensive-ops-australia-2023/
🤔 What's New: https://m.youtube.com/watch?v=6Xkwt3YzquE&feature=youtu.be -
If you're using any Enterprise licence with #M365 your log retention should now be 180 days by default, at a minimum, plus you now get the "MailItemsAccessed" events to track individual email access.
No news on those using the Business Standard licence types 🙄
#DFIR #CloudForensics #FOR509
https://www.microsoft.com/en-us/security/blog/2023/10/18/expanding-audit-logging-and-retention-within-microsoft-purview-for-increased-security-visibility/ -
If you're using any Enterprise licence with #M365 your log retention should now be 180 days by default, at a minimum, plus you now get the "MailItemsAccessed" events to track individual email access.
No news on those using the Business Standard licence types 🙄
#DFIR #CloudForensics #FOR509
https://www.microsoft.com/en-us/security/blog/2023/10/18/expanding-audit-logging-and-retention-within-microsoft-purview-for-increased-security-visibility/ -
If you're using any Enterprise licence with #M365 your log retention should now be 180 days by default, at a minimum, plus you now get the "MailItemsAccessed" events to track individual email access.
No news on those using the Business Standard licence types 🙄
#DFIR #CloudForensics #FOR509
https://www.microsoft.com/en-us/security/blog/2023/10/18/expanding-audit-logging-and-retention-within-microsoft-purview-for-increased-security-visibility/ -
Looks like Pizza Hut Australia have started to notify impacted customers of their recent cyber breach.
The threat actor's initial compromise was via an AWS account, are you ready to investigate an AWS Breach?
#CloudForensics #DFIR #FOR509 -
Looks like Pizza Hut Australia have started to notify impacted customers of their recent cyber breach.
The threat actor's initial compromise was via an AWS account, are you ready to investigate an AWS Breach?
#CloudForensics #DFIR #FOR509 -
Looks like Pizza Hut Australia have started to notify impacted customers of their recent cyber breach.
The threat actor's initial compromise was via an AWS account, are you ready to investigate an AWS Breach?
#CloudForensics #DFIR #FOR509 -
Looks like Pizza Hut Australia have started to notify impacted customers of their recent cyber breach.
The threat actor's initial compromise was via an AWS account, are you ready to investigate an AWS Breach?
#CloudForensics #DFIR #FOR509 -
The #BlackCat / #ALPHV #ransomware group have been observed using their #Sphynx loader to target Azure Storage accounts once they steal access keys.
#CloudForensics #DFIR #FOR509 -
The #BlackCat / #ALPHV #ransomware group have been observed using their #Sphynx loader to target Azure Storage accounts once they steal access keys.
#CloudForensics #DFIR #FOR509 -
The #BlackCat / #ALPHV #ransomware group have been observed using their #Sphynx loader to target Azure Storage accounts once they steal access keys.
#CloudForensics #DFIR #FOR509 -
The #BlackCat / #ALPHV #ransomware group have been observed using their #Sphynx loader to target Azure Storage accounts once they steal access keys.
#CloudForensics #DFIR #FOR509 -
Congratulations to our #FOR509 Day 6 Capstone winners in #Singapore last week.
It was one of the closest challenges between the competing teams I've seen.
#CloudForensics
#DFIR @sansapac -
Congratulations to our #FOR509 Day 6 Capstone winners in #Singapore last week.
It was one of the closest challenges between the competing teams I've seen.
#CloudForensics
#DFIR @sansapac -
Congratulations to our #FOR509 Day 6 Capstone winners in #Singapore last week.
It was one of the closest challenges between the competing teams I've seen.
#CloudForensics
#DFIR @sansapac -
Congratulations to our #FOR509 Day 6 Capstone winners in #Singapore last week.
It was one of the closest challenges between the competing teams I've seen.
#CloudForensics
#DFIR @sansapac -
Congratulations to our #FOR509 Day 6 Capstone winners in #Singapore last week.
It was one of the closest challenges between the competing teams I've seen.
#CloudForensics
#DFIR @sansapac -
I'm running the #FOR509 #CloudForensics course in 🇦🇺Sydney this May, both in-person and virtual.
The new class version includes a #GCFR certification and our Day 6 Capstone Challenge with a multi-cloud #DFIR incident to investigate.To Register: sans.org/u/1prs
FOR509 Course Info: for509.com/course -
I'm running the #FOR509 #CloudForensics course in 🇦🇺Sydney this May, both in-person and virtual.
The new class version includes a #GCFR certification and our Day 6 Capstone Challenge with a multi-cloud #DFIR incident to investigate.To Register: sans.org/u/1prs
FOR509 Course Info: for509.com/course -
I'm running the #FOR509 #CloudForensics course in 🇦🇺Sydney this May, both in-person and virtual.
The new class version includes a #GCFR certification and our Day 6 Capstone Challenge with a multi-cloud #DFIR incident to investigate.To Register: sans.org/u/1prs
FOR509 Course Info: for509.com/course -
Congratulations to our @[email protected] #FOR509 Day 6 Capstone team winners this week. It was incredibly close with all teams this week powering through our multi Cloud #DFIR challenge.
-
Congratulations to our @[email protected] #FOR509 Day 6 Capstone team winners this week. It was incredibly close with all teams this week powering through our multi Cloud #DFIR challenge.
-
Congratulations to our @[email protected] #FOR509 Day 6 Capstone team winners this week. It was incredibly close with all teams this week powering through our multi Cloud #DFIR challenge.
-
One of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/ -
One of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/ -
One of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/ -
One of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/ -
One of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/