#threatassessment — Public Fediverse posts

Archival Directive 00-Sigma: The Shelf-Stalker doesn't know you're there. That's what makes it worse. It isn't watching you. It isn't hunting you. The pile just looks exactly like a pile — until you reach in. You were never meant to be here. The room just hasn't told you yet.

#OutpostLog #Lexicon #ThreatAssessment #RieldResearch #TTRPGCommunity #Lore

Kataib Hizbullah threatens to target the interests of anyone cooperating with their enemies, specifically naming Ukraine as a recent example. #Geopolitics #ThreatAssessment

Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

@cR0w
If any if this were true, the writer would know that it's guerilla warfare, NOT "gorilla," unless the writer was Harambe.
Remember Harambe.
I do.
#Harambe #ThreatAssessment #NavySeals

Released v1.17.0 of The Pdfalyzer, the surprisingly popular tool for analyzing (possibly malicious) PDFs I created after my own unpleasant experience. Now ships with two command line tools for extracting stuff from PDF files:

1. extract_text_from_pdfs() - brute force extract all text from a PDF, including doing an #OCR extraction of any embedded images

2. extract_pdf_pages() - rip a page range from a #PDF and write them to a new one

* Github: https://github.com/michelcrypt4d4mus/pdfalyzer
* Pypi: https://pypi.org/project/pdfalyzer/
* Homebrew: https://formulae.brew.sh/formula/pdfalyzer
* Fun thread someone made last week using Pdfalyzer to explain some of how byzantine the PDF format is: https://x.com/VikParuchuri/status/1965773078585344215

#pypi #python #pdf #pdfs #malware #Threatassessment #maldoc #malwareanalysis #homebrew #infosec #cybersecurity #yararule #PdfFies

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

Exploit a #zeroday then self-patch the #vulnerability so other hackers can't use the same exploit? AND you maintain #persistence while hiding in plain sight for longer? Damn - that's really fuckin clever.

https://www.darkreading.com/cyber-risk/initial-access-broker-self-patches-zero-days

#CyberWarfare #Hacking #ThreatAssessment #BeCyberSafe #StayCyberAware #F5

Just attended a briefing yesterday about this specific topic #ScatteredSpider:
https://www.darkreading.com/cyberattacks-data-breaches/scattered-spider-hacking-spree-airline-sector

"Palo Alto Networks urged organizations in the sector to be "on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," citing evidence of similar attacks.

#Airline #CyberFraud #ThreatAssessment #SocialEngineering #CyberWarfare #BeCyberSafe #StayCyberAware #CriticalInfrastructure

an american defense contractor that "develops artificial intelligence-powered equipment and technologies" (whatever that means) managed to accidentally hire a north korean spy or two.

https://therecord.media/doj-raids-laptop-farms-crackdown

(i have read elsewhere that this defense contractor uses #cryptocurrency in its day to day operations though so far i've been unable to confirm that)

#northkorea #DPRK #AI #uspol #uspolitics #secdef #defense #infosec #threatintel #threatassessment #cybersecurity #hacking

a russian hosting service that takes payment in crypto, Aeza Group, was just hit with #OFAC sanctions.

they've sent funds to a bunch of the shadiest crypto exchanges - #Cryptomus, #MEXC, #Binance, and (of course) #HTX, the crypto exchange run by the business partner of the president of the united states.

also looks like they took payment in #Tether, the #stablecoin whose money is managed by america's secretary of commerce howard lutnick.

* OFAC press release: https://ofac.treasury.gov/recent-actions/20250701
* Wallet: https://intel.arkm.com/explorer/address/TU4tDFRvcKhAZ1jdihojmBWZqvJhQCnJ4F

#JustinSun #threatintel #threatassessment #DNS #bulletproofhosting #cybersecurity #infosec #justinSun #howardlutnick #ransomware #russia #putin #vladimirPutin #ukraine #aeza #aezagroup

TRM Labs released some analysis of the #Nobitex source code that was leaked by an Israeli team that hacked the company (Nobitex is the largest #cryptocurrency exchange in #Iran and probably the largest crypto exchange anywhere to take such an extreme approach to hiding its own tracks (and its users' tracks).

of course they also hardcoded a bunch of auth keys into the source code... so maybe they weren't *that* privacy focused. or maybe they decided to do some "outsourcing" of the dev team (lol).

* TRM: https://www.trmlabs.com/resources/blog/inside-the-nobitex-breach-what-the-leaked-source-code-reveals-about-irans-crypto-infrastructure
* I wrote a fair bit about Nobitex back in October: https://cryptadamus.substack.com/p/trumps-transition-team-is-tethered

#crypto #infosec #Threatassessment #cybersecurity #pigbutchering #fraud #scams #dogecoin #tether #usdt #israel #iranian #middleeast

Just published version 1.16.6 of The Pdfalyzer, the surprisingly popular tool for analyzing (possibly malicious) PDFs I created after my own unpleasant encounter with such a creature. Includes a (kind of janky) #YARA rule for #GIFTEDCROOK infostealer PDFs.

* Github: https://github.com/michelcrypt4d4mus/pdfalyzer
* Pypi: https://pypi.org/project/pdfalyzer/
* Homebrew: https://formulae.brew.sh/formula/pdfalyzer

#pypi #python #pdf #pdfs #malware #Threatassessment #maldoc #malwareanalysis #homebrew #infosec #cybersecurity #yararule

#Arctic #warming could pose a threat to America’s #security too: #Alaska may have new vulnerabilities to both #China & #Russia; changes in #ocean salinity & temp might interfere w/ #submarine detection systems; extremes of climate change, including #permafrost thaw in Russia, may drive #economic #instability, social #unrest, & territorial claims. [#Trump #Intelligence Agencies excluded #ClimateChange from the annual #ThreatAssessment report for the first time in decades — too *woke*]

#Greenland

Well done Rep #JoaquinCastro!

During the #House #Intelligence Cmte hearing, #Castro asked #TulsiGabbard why #Venezuela was not included in the annual #ThreatAssessment Report. Castro cited #Trump’s invocation of the #AlienEnemiesAct to conduct #MassDeportations & Trump’s claim that he could invoke the #AEA because he believes we are at #war with Venezuela. Castro asked #Gabbard that if we are at war with a country how is it possible that they didn’t warrant entry in the assessment.

#law

Senator #AngusKing, grilled #Gabbard on why #ClimateChange had been excluded for the first time in the #ThreatAssessment report.

Gabbard again said the only included the highest threats.

King rattled off the MANY effects of Climate Change that threaten security. Migration, famine, poverty, social & political tensions, etc.

Then he directly asked if she ordered that climate threats be excluded. She said no.

The reason 100% is #Trump’s war on “wokeism”

#NationalSecurity #kakistocracy

Here are a couple of links I recommend visiting before inauguration day

https://www.eff.org/deeplinks/2024/12/top-ten-eff-digital-security-resources-people-concerned-about-incoming-trump

https://digitaldefensefund.org/

#Privacy #Security #Internet #ThreatAssessment #EFF #tRump #USA #America #Politics #Government #Spying #Freedom #FreeSpeech #Democracy #EnemyWithin #Journalism #Law #HumanRights #Safety #Digital #DigitalDefense #Electronic #Resist #ResistBot #NationalStrike #EatTheRich #Surveillance #Protest

Hello hive mind! I am looking for some good examples and write ups on how to complete a threat landscape assessment. Any good recommendations out there?

#CTI #threatlandscape #strategicthreatintel #threatassessment #threatintel #cyberthreatintelligence

HIRING: Security Specialist / Remote, US

👉 https://infosec-jobs.com/job/53805-security-specialist/

#InfoSec #infosecjobs #CyberSecurity #CyberCareer #cyber #security #jobs #cyberjobs #jobsearch #techjobs #hiring #threatassessment #crisisplanning #riskassessment #remotejob #remotework #remote #remotehiring

The single most important contributing factor to the impending collapse of civilization is the centralization of data and data processing. We have single points of failure in AWS, Azure, and Google Cloud. They're becoming more critical to daily life, and therefore more dangerous.
#ThreatAssessment

Lauren Boebert says the Pentagon sees her as a "security threat"

https://www.newsweek.com/lauren-boebert-pentagon-sees-her-security-threat-1805800

#Newsweek #LaurenBoebert #PentagonSecurity #ThreatAssessment #NationalSecurity #USPolitics #Politics #News

Cybersecurity Scenario and Strategy Planning

https://davinciforensics.co.za/cybersecurity/cybersecurity-scenario-and-strategy-planning/

#ThreatAssessment #cybersecurity #Technology #Strategy

@Forensiclinguist @SUEuropean @BlatentLie @MeadHallBardPhantom

Have you performed a #ThreatAssessment of recent posts?

#ForensicLinguistics

#ActuLibre Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations -> http://feedproxy.google.com/~r/TheHackersNews/~3/LDQ_LU3VbDc/cybersecurity-threat-assessment.html #vulnerabilityassessment #PenetrationTesting #cybersecuritytool #ThreatAssessment #cybersecurity #Cynet

#ActuLibre Broadening the Scope: A Comprehensive View of Pen Testing -> http://feedproxy.google.com/~r/TheHackersNews/~3/utvZF37nOTk/broadening-scope-comprehensive-view-of11.html #networkvulnerabilityassessment #Penetrationtestingtools #vulnerabilityassessment #enterprisesecurity #PenetrationTesting #ThreatAssessment #cybersecurity

#ActuLibre The Ultimate 2019 Security Team Assessment Template -> http://feedproxy.google.com/~r/TheHackersNews/~3/nSKS22cO9KY/security-team-assessment.html #vulnerabilityassessment #ThreatAssessment #cybersecurity #SecurityTeam #PPTTemplate