#ttps — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ttps, aggregated by home.social.
-
Our new report describes one of the latest observed infection chains (delivering #AsyncRAT) relying on the #Cloudflare tunnel infrastructure and the attacker’s #TTPs with a principal focus on detection opportunities.
https://blog.sekoia.io/detecting-multi-stage-infection-chains-madness/
-
Inside the Mind of a Hacker #CyberSecurity #HackerMindset #DigitalDefense #InfoSec #CyberThreats #TTPs #PhishingAwareness #PrivilegeEscalation #NetworkSecurity #MalwareAnalysis #EthicalHacking #OpSec #BlueTeam #RedTeam #CyberIntel #DeadSwitch #CyberGhost #KnowYourEnemy #SilenceIsTactical #FearTheSwitch
http://tomsitcafe.com/2025/04/08/inside-the-mind-of-a-hacker/
-
Emulating the Sophisticated Chinese Adversary Salt Typhoon – Source: securityboulevard.com https://ciso2ciso.com/emulating-the-sophisticated-chinese-adversary-salt-typhoon-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #adversaryemulation #telecommunications #CyberSecurityNews #SecurityBoulevard #FamousSparrow #EarthEstries #GhostEmperor #SaltTyphoon #Government #UNC2286 #China #TTPs
-
Happy Monday everyone!
Coming out of a brief lull in activity, I have a #readoftheday for you! This comes from a CYFIRMA article that takes a look at the APT #VoltTyphoon. They share vulnerabilities that have been recently exploited and (my favorite part) recent #TTPs and #behaviors that are associated with the group! I like how well it is documented that I am not even going to recreate it here! I will definitely diving back into their archives to see if there are more of these profile articles! Enjoy and Happy Hunting!
APT PROFILE – VOLT TYPHOON
https://www.cyfirma.com/research/apt-profile-volt-typhoon-2/Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
-
Head Mare and Twelve join forces to attack Russian entities – Source: securelist.com https://ciso2ciso.com/head-mare-and-twelve-join-forces-to-attack-russian-entities-source-securelist-com/ #rssfeedpostgeneratorecho #APT(Targetedattacks) #CyberSecurityNews #Crimewarereports #Targetedattacks #securelistcom #Hacktivists #ransomware #backdoor #HeadMare #Lockbit #Trojan #Twelve #Babuk #TTPs
-
Black Basta Chat Logs Reveal Ransomware Group’s TTPs, IoCs https://thecyberexpress.com/black-basta-ransomware-group-leak/ #blackbastaransomwaregroup #TheCyberExpressNews #ThreatIntelligence #cybersecuritynews #TheCyberExpress #Vulnerabilities #RansomwareNews #FirewallDaily #BlackBasta #Ransomware #CyberNews #TTPs
-
Go beyond technology limits with #Roota, a public-domain language for collective cyber defense.
Cross-platform query translation, correlation, mapping to #TTPs, and more to enable every cyber defender to speak any cybersecurity language.
Learn more: https://roota.io
-
Go beyond technology limits with #Roota, a public-domain language for collective cyber defense.
Cross-platform query translation, correlation, mapping to #TTPs, and more to enable every cyber defender to speak any cybersecurity language.
Learn more: https://roota.io
-
Go beyond technology limits with #Roota, a public-domain language for collective cyber defense.
Cross-platform query translation, correlation, mapping to #TTPs, and more to enable every cyber defender to speak any cybersecurity language.
Learn more: https://roota.io
-
Up soon:
"From 0 to millions: Protecting against AitM phishing at scale"- Jacob Torrey @Jacob
@hack_lu #hacklu2024 #canaries #Thinkst #HoneyEverything #TTPs #AiTM #Deception #DetectionEngineering
-
Happy Friday everyone!
A Joint Advisory from the National Security Agency, Federal Bureau of Investigation (FBI), Cyber National Mission Force, and the National Cyber Security Centre provides updates on the Russian Federation's Foreign Intelligence Service, or #SVR.
According to the advisory, #APT29 (a.k.a Midnight Blizzard, Cozy Bear, and the Dukes) has targeted the defense, technology, and finance sectors to collect foreign intelligence and enable future cyber operations. They aim to exploit software vulnerabilities for initial access and escalate privileges. They also utilize spearphishing campaigns, password spraying, abuse of supply chain and trusted relationships. They also utilize custom malware and living-off-the-land (LOLBINs) techniques for multiple techniques.
The report includes a list of #CVEs that APT29 has been observed exploiting and attach the vendor and product that are effected with details that describe the vulnerability along with a section of mitigations that your organization can take to increase your security posture.
If you are looking for behaviors that are attributed to APT29, look no further than the MITRE ATT&CK Matrix! This resource has collected historic #TTPs and behaviors and referenced them as well. So while you are working on hardening your environment you can also hunt for their activity as well! Enjoy and Happy Hunting!
Article Source:
Update on SVR Cyber Operations and Vulnerability Exploitation
https://www.ic3.gov/Media/News/2024/241010.pdfMitre source:
https://attack.mitre.org/groups/G0016/Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #gethunting Cyborg Security, Now Part of Intel 471
-
GoldenJackal APT Group Breached Air-Gapped European Government Systems https://thecyberexpress.com/goldenjackal-apt-group-breached-air-gapped/ #CyberThreatIntelligence #TheCyberExpressNews #TheCyberExpress #FirewallDaily #GoldenJackal #threatactors #CyberNews #AirGapped #APTgroups #TTPs
-
GoldenJackal APT Group Breached Air-Gapped European Government Systems https://thecyberexpress.com/goldenjackal-apt-group-breached-air-gapped/ #CyberThreatIntelligence #TheCyberExpressNews #TheCyberExpress #FirewallDaily #GoldenJackal #threatactors #CyberNews #AirGapped #APTgroups #TTPs
-
GoldenJackal APT Group Breached Air-Gapped European Government Systems https://thecyberexpress.com/goldenjackal-apt-group-breached-air-gapped/ #CyberThreatIntelligence #TheCyberExpressNews #TheCyberExpress #FirewallDaily #GoldenJackal #threatactors #CyberNews #AirGapped #APTgroups #TTPs
-
More on the subject of virtualization - LoLESXi: https://lolesxi-project.github.io/LOLESXi/
#VMWare #ESXi #LoL #TTPs -
-
Response to CISA Advisory (AA24-131A): #StopRansomware: Black Basta – Source: securityboulevard.com https://ciso2ciso.com/response-to-cisa-advisory-aa24-131a-stopransomware-black-basta-source-securityboulevard-com/ #IndicatorsofCompromise(IOCs) #rssfeedpostgeneratorecho #SecurityBloggersNetwork #criticalinfrastructure #adversaryemulation #Broad-BasedAttacks #CyberSecurityNews #SecurityBoulevard #blackbasta #healthcare #ransomware #CISAAlert #TTPs
-
Response to CISA Advisory (AA24-131A): #StopRansomware: Black Basta – Source: securityboulevard.com https://ciso2ciso.com/response-to-cisa-advisory-aa24-131a-stopransomware-black-basta-source-securityboulevard-com/ #IndicatorsofCompromise(IOCs) #rssfeedpostgeneratorecho #SecurityBloggersNetwork #criticalinfrastructure #adversaryemulation #Broad-BasedAttacks #CyberSecurityNews #SecurityBoulevard #blackbasta #healthcare #ransomware #CISAAlert #TTPs
-
Response to CISA Advisory (AA24-131A): #StopRansomware: Black Basta – Source: securityboulevard.com https://ciso2ciso.com/response-to-cisa-advisory-aa24-131a-stopransomware-black-basta-source-securityboulevard-com/ #IndicatorsofCompromise(IOCs) #rssfeedpostgeneratorecho #SecurityBloggersNetwork #criticalinfrastructure #adversaryemulation #Broad-BasedAttacks #CyberSecurityNews #SecurityBoulevard #blackbasta #healthcare #ransomware #CISAAlert #TTPs
-
Response to CISA Advisory (AA24-131A): #StopRansomware: Black Basta – Source: securityboulevard.com https://ciso2ciso.com/response-to-cisa-advisory-aa24-131a-stopransomware-black-basta-source-securityboulevard-com/ #IndicatorsofCompromise(IOCs) #rssfeedpostgeneratorecho #SecurityBloggersNetwork #criticalinfrastructure #adversaryemulation #Broad-BasedAttacks #CyberSecurityNews #SecurityBoulevard #blackbasta #healthcare #ransomware #CISAAlert #TTPs
-
Happy Friday everyone!
I don't know how I missed the beginning of this series by Elastic and their security researchers but I did, I jumped straight into part three without realizing it! So, I had to stop and backpedal. So if you are like me, here is the first installment of their series on the #REMCOS #RAT. They take you through the process of analyzing it and provide #TTPs and behaviors. One that really sticks out is the #UACBypass and the COM objects that are involved.
To leave you empty handed would be an insult to the researchers work and to you as a threat hunter! So, take this with you in the face of danger! It is a Cyborg Security Community Edition (free for you) Hunt Packaged designed to identify when COM Objects that have a higher integrity level are abused and called for malicious purposes, in this case, to bypass the user account control mechanism in Windows! Enjoy and Happy Hunting!
UAC Bypass Attempt via Elevated COM Abuse
https://hunter.cyborgsecurity.io/research/hunt-package/03036b01-dc04-4cd1-9388-bd62e1b0ff2dArticle Source:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-one#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #getHunting
-
Happy Friday everyone!
I don't know how I missed the beginning of this series by Elastic and their security researchers but I did, I jumped straight into part three without realizing it! So, I had to stop and backpedal. So if you are like me, here is the first installment of their series on the #REMCOS #RAT. They take you through the process of analyzing it and provide #TTPs and behaviors. One that really sticks out is the #UACBypass and the COM objects that are involved.
To leave you empty handed would be an insult to the researchers work and to you as a threat hunter! So, take this with you in the face of danger! It is a Cyborg Security Community Edition (free for you) Hunt Packaged designed to identify when COM Objects that have a higher integrity level are abused and called for malicious purposes, in this case, to bypass the user account control mechanism in Windows! Enjoy and Happy Hunting!
UAC Bypass Attempt via Elevated COM Abuse
https://hunter.cyborgsecurity.io/research/hunt-package/03036b01-dc04-4cd1-9388-bd62e1b0ff2dArticle Source:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-one#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #getHunting
-
Happy Friday everyone!
I don't know how I missed the beginning of this series by Elastic and their security researchers but I did, I jumped straight into part three without realizing it! So, I had to stop and backpedal. So if you are like me, here is the first installment of their series on the #REMCOS #RAT. They take you through the process of analyzing it and provide #TTPs and behaviors. One that really sticks out is the #UACBypass and the COM objects that are involved.
To leave you empty handed would be an insult to the researchers work and to you as a threat hunter! So, take this with you in the face of danger! It is a Cyborg Security Community Edition (free for you) Hunt Packaged designed to identify when COM Objects that have a higher integrity level are abused and called for malicious purposes, in this case, to bypass the user account control mechanism in Windows! Enjoy and Happy Hunting!
UAC Bypass Attempt via Elevated COM Abuse
https://hunter.cyborgsecurity.io/research/hunt-package/03036b01-dc04-4cd1-9388-bd62e1b0ff2dArticle Source:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-one#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #getHunting
-
Happy Friday everyone!
I don't know how I missed the beginning of this series by Elastic and their security researchers but I did, I jumped straight into part three without realizing it! So, I had to stop and backpedal. So if you are like me, here is the first installment of their series on the #REMCOS #RAT. They take you through the process of analyzing it and provide #TTPs and behaviors. One that really sticks out is the #UACBypass and the COM objects that are involved.
To leave you empty handed would be an insult to the researchers work and to you as a threat hunter! So, take this with you in the face of danger! It is a Cyborg Security Community Edition (free for you) Hunt Packaged designed to identify when COM Objects that have a higher integrity level are abused and called for malicious purposes, in this case, to bypass the user account control mechanism in Windows! Enjoy and Happy Hunting!
UAC Bypass Attempt via Elevated COM Abuse
https://hunter.cyborgsecurity.io/research/hunt-package/03036b01-dc04-4cd1-9388-bd62e1b0ff2dArticle Source:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-one#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #getHunting
-
Happy Friday everyone!
I don't know how I missed the beginning of this series by Elastic and their security researchers but I did, I jumped straight into part three without realizing it! So, I had to stop and backpedal. So if you are like me, here is the first installment of their series on the #REMCOS #RAT. They take you through the process of analyzing it and provide #TTPs and behaviors. One that really sticks out is the #UACBypass and the COM objects that are involved.
To leave you empty handed would be an insult to the researchers work and to you as a threat hunter! So, take this with you in the face of danger! It is a Cyborg Security Community Edition (free for you) Hunt Packaged designed to identify when COM Objects that have a higher integrity level are abused and called for malicious purposes, in this case, to bypass the user account control mechanism in Windows! Enjoy and Happy Hunting!
UAC Bypass Attempt via Elevated COM Abuse
https://hunter.cyborgsecurity.io/research/hunt-package/03036b01-dc04-4cd1-9388-bd62e1b0ff2dArticle Source:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-one#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #getHunting
-
Happy Thursday everyone!
If you can't tell by my previous posts, I like to focus on the details found in intel reports but today I found a report that takes a high-level view of recent attacks that involved APT groups attack the Middle East. Researchers at positive technologies provide great insight to not only the groups that are involved but the #TTPs and behaviors that they exhibit, the countries and industries targeted the most, and how you could prepare yourself! Enjoy and Happy Hunting!
How APT groups operate in the Middle East
https://www.ptsecurity.com/ww-en/analytics/apt-groups-in-the-middle-east/?utm_source=pt-en&utm_medium=article&utm_campaign=positive-technologies-cyberattackers-targeting-telecommunications&utm_content=news#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
-
Happy Tuesday everyone!
Proofpoint researches observed activity from TA450 (AKA #MuddyWater) that involved social engineering and targeted Israeli employees. The researches noticed a change in the adversaries #TTPs, moving from using a PDF with malicious attachments to putting the malicious link in the email body.
Taking this information into account, how can we hunt for this? Well, we can always look for Microsoft Office programs executing strange behavior such as spawning abnormal processes (especially the abuse of [LOLBINS]) or making network connections. Or, as a wise old man said back in 1986 "It's dangerous to go alone! Take this."
Potential Maldoc Execution Chain Observed
https://hunter.cyborgsecurity.io/research/hunt-package/b194088b-c846-4c72-a4b7-933627878db4This hunt package has been designed to detect the aftermath of a successfully delivered and executed maldoc (Microsoft Office). Enjoy and Happy Hunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #gethunting
-
Happy Monday everyone! I hope everyone is doing well!
Researchers from Rapid7 observed some updated #TTPs and behaviors exhibited by the APT known as #Kimsuky (AKA Black Banshee or Thallium). One update to their tactics include the use of a Compiled HTML Help file, or CHM file. Rapid7 found this significant because these types of files were seen to make it past the first line of defense and then lead to its execution. Following the CHM execution, other behaviors were seen and included registry key modification of the Windows Run registry key (SOFTWARE\Microsoft\Windows\CurrentVersion\Run).
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday #gethunting
-
Threat actors tend to reuse their tactics, techniques, and procedures (#TTPs). In this article, our SME, @cfragoso, provides 2 methodologies and useful #cybersecurity practices to understand & analyze historical attack patterns.
Learn more about TTPs: https://www.maltego.com/blog/analyzing-attack-patterns-and-ttps/?utm_source=mastodon&utm_medium=social&utm_campaign=CSO&utm_content=maltego.com
-
LinkedIn
What are the common and proven #phishing Tactics, Techniques, and Procedures (#TTPs)? Threat actors tend to clone legitimate websites of well-known brands to trick their victims and obtain confidential data.Map out the phishing domains in 5 steps with #Maltego NOW: https://www.maltego.com/blog/hunting-phishing-sites-in-the-festive-season-with-maltego/?utm_source=mastodon&utm_medium=social&utm_campaign=CSO&utm_content=maltego.com
-
How can #CyberSecurity professionals gain a better understanding of their adversary's #TTPs? In #Maltego, you can gather and analyze information from @mitreattack's MISP Project, STIX, and Filigran's #OpenCTI.
Predict your enemy's next move with Maltego: https://www.maltego.com/blog/analyzing-attack-patterns-and-ttps/?utm_source=mastodon&utm_medium=social&utm_campaign=CSO&utm_content=maltego.com
-
Federal Bureau of Investigation (#FBI) and Cybersecurity and Infrastructure Security Agency (#CISA) have put out a joint advisory on #ScatteredSpider - a #cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs. This advisory covers all #TTPs and provides recommendations for mitigation.
Anyone in #criticalinfrastructure who uses external IT services (#MSP) should review this advisory and create awareness with your users to #BOLO this advanced attack vector.
This crew are masters of #SocialEngineering so watch yourselves. #StayCyberSafe #BeCyberSecure
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
-
Federal Bureau of Investigation (#FBI) and Cybersecurity and Infrastructure Security Agency (#CISA) have put out a joint advisory on #ScatteredSpider - a #cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs. This advisory covers all #TTPs and provides recommendations for mitigation.
Anyone in #criticalinfrastructure who uses external IT services (#MSP) should review this advisory and create awareness with your users to #BOLO this advanced attack vector.
This crew are masters of #SocialEngineering so watch yourselves. #StayCyberSafe #BeCyberSecure
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
-
Federal Bureau of Investigation (#FBI) and Cybersecurity and Infrastructure Security Agency (#CISA) have put out a joint advisory on #ScatteredSpider - a #cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs. This advisory covers all #TTPs and provides recommendations for mitigation.
Anyone in #criticalinfrastructure who uses external IT services (#MSP) should review this advisory and create awareness with your users to #BOLO this advanced attack vector.
This crew are masters of #SocialEngineering so watch yourselves. #StayCyberSafe #BeCyberSecure
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
-
Federal Bureau of Investigation (#FBI) and Cybersecurity and Infrastructure Security Agency (#CISA) have put out a joint advisory on #ScatteredSpider - a #cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs. This advisory covers all #TTPs and provides recommendations for mitigation.
Anyone in #criticalinfrastructure who uses external IT services (#MSP) should review this advisory and create awareness with your users to #BOLO this advanced attack vector.
This crew are masters of #SocialEngineering so watch yourselves. #StayCyberSafe #BeCyberSecure
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
-
Federal Bureau of Investigation (#FBI) and Cybersecurity and Infrastructure Security Agency (#CISA) have put out a joint advisory on #ScatteredSpider - a #cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs. This advisory covers all #TTPs and provides recommendations for mitigation.
Anyone in #criticalinfrastructure who uses external IT services (#MSP) should review this advisory and create awareness with your users to #BOLO this advanced attack vector.
This crew are masters of #SocialEngineering so watch yourselves. #StayCyberSafe #BeCyberSecure
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Great blog post by a colleague of mine who asks why "Security through obscurity" is not dead in 2023! How many "#cybersecurity #incidents" is it going to take to finally realize that keeping your #securitycontrols a secret is a good thing? How many times does the #cybercommunity have to demonstrate that sharing of #threatintelligence, #TTPs, #IOCs, #securityconcepts, #AwarenessTraining methods, #zerodays, and everything else that goes along with having a #DefenseInDepth approach to a #HealthySecurityProgram, is ACTUALLY THE GOOD THING 🤨
(ahem)
You want to know about the platform I architected? No problem! 👌🏻
You want to know what Threat Intelligence I gather? Check my GitHub (link on my profile 😁).
You want the keys to my kingdom? 🤣 No, but thanks for playing 👍🏻I'm NOT saying #compromise yourself or open some dark #backdoor to your systems. Just share the knowledge of how you're protecting stuff! Everyone is more #secure for it, and the next generation will make it better.
https://kalahari.substack.com/p/security-through-obscurity?sd=pf
-
Great blog post by a colleague of mine who asks why "Security through obscurity" is not dead in 2023! How many "#cybersecurity #incidents" is it going to take to finally realize that keeping your #securitycontrols a secret is a good thing? How many times does the #cybercommunity have to demonstrate that sharing of #threatintelligence, #TTPs, #IOCs, #securityconcepts, #AwarenessTraining methods, #zerodays, and everything else that goes along with having a #DefenseInDepth approach to a #HealthySecurityProgram, is ACTUALLY THE GOOD THING 🤨
(ahem)
You want to know about the platform I architected? No problem! 👌🏻
You want to know what Threat Intelligence I gather? Check my GitHub (link on my profile 😁).
You want the keys to my kingdom? 🤣 No, but thanks for playing 👍🏻I'm NOT saying #compromise yourself or open some dark #backdoor to your systems. Just share the knowledge of how you're protecting stuff! Everyone is more #secure for it, and the next generation will make it better.
https://kalahari.substack.com/p/security-through-obscurity?sd=pf
-
Great blog post by a colleague of mine who asks why "Security through obscurity" is not dead in 2023! How many "#cybersecurity #incidents" is it going to take to finally realize that keeping your #securitycontrols a secret is a good thing? How many times does the #cybercommunity have to demonstrate that sharing of #threatintelligence, #TTPs, #IOCs, #securityconcepts, #AwarenessTraining methods, #zerodays, and everything else that goes along with having a #DefenseInDepth approach to a #HealthySecurityProgram, is ACTUALLY THE GOOD THING 🤨
(ahem)
You want to know about the platform I architected? No problem! 👌🏻
You want to know what Threat Intelligence I gather? Check my GitHub (link on my profile 😁).
You want the keys to my kingdom? 🤣 No, but thanks for playing 👍🏻I'm NOT saying #compromise yourself or open some dark #backdoor to your systems. Just share the knowledge of how you're protecting stuff! Everyone is more #secure for it, and the next generation will make it better.
https://kalahari.substack.com/p/security-through-obscurity?sd=pf
-
Great blog post by a colleague of mine who asks why "Security through obscurity" is not dead in 2023! How many "#cybersecurity #incidents" is it going to take to finally realize that keeping your #securitycontrols a secret is a good thing? How many times does the #cybercommunity have to demonstrate that sharing of #threatintelligence, #TTPs, #IOCs, #securityconcepts, #AwarenessTraining methods, #zerodays, and everything else that goes along with having a #DefenseInDepth approach to a #HealthySecurityProgram, is ACTUALLY THE GOOD THING 🤨
(ahem)
You want to know about the platform I architected? No problem! 👌🏻
You want to know what Threat Intelligence I gather? Check my GitHub (link on my profile 😁).
You want the keys to my kingdom? 🤣 No, but thanks for playing 👍🏻I'm NOT saying #compromise yourself or open some dark #backdoor to your systems. Just share the knowledge of how you're protecting stuff! Everyone is more #secure for it, and the next generation will make it better.
https://kalahari.substack.com/p/security-through-obscurity?sd=pf
-
Great blog post by a colleague of mine who asks why "Security through obscurity" is not dead in 2023! How many "#cybersecurity #incidents" is it going to take to finally realize that keeping your #securitycontrols a secret is a good thing? How many times does the #cybercommunity have to demonstrate that sharing of #threatintelligence, #TTPs, #IOCs, #securityconcepts, #AwarenessTraining methods, #zerodays, and everything else that goes along with having a #DefenseInDepth approach to a #HealthySecurityProgram, is ACTUALLY THE GOOD THING 🤨
(ahem)
You want to know about the platform I architected? No problem! 👌🏻
You want to know what Threat Intelligence I gather? Check my GitHub (link on my profile 😁).
You want the keys to my kingdom? 🤣 No, but thanks for playing 👍🏻I'm NOT saying #compromise yourself or open some dark #backdoor to your systems. Just share the knowledge of how you're protecting stuff! Everyone is more #secure for it, and the next generation will make it better.
https://kalahari.substack.com/p/security-through-obscurity?sd=pf
-
«The GRU's Disruptive Playbook» | Mandiant
#IPb #ИнформационноеПротивоборство #GRU #GU #RussianCyber #APTs #TTPs #RIS #CTI
https://www.mandiant.com/resources/blog/gru-disruptive-playbook -
«The GRU's Disruptive Playbook» | Mandiant
#IPb #ИнформационноеПротивоборство #GRU #GU #RussianCyber #APTs #TTPs #RIS #CTI
https://www.mandiant.com/resources/blog/gru-disruptive-playbook