TheArtOfInfoSec
@theartofinfosec.bsky.social
Must learn how to fight courageously in battle and compete with the enemy's strength and strategies. #SecurityAnalyst #BlueTeam #PurpleTeam
Reposted by TheArtOfInfoSec
Detection Engineering with Wazuh! A demo configuring Sysmon, reviewing event logs, building a proof-of-concept detection rule, and then leveling up with detectors for the DeerStealer malware.🙂 https://jh.live/nSOqU1iX5oQ
January 16, 2025 at 2:00 PM
Detection Engineering with Wazuh! A demo configuring Sysmon, reviewing event logs, building a proof-of-concept detection rule, and then leveling up with detectors for the DeerStealer malware.🙂 https://jh.live/nSOqU1iX5oQ
Reposted by TheArtOfInfoSec
Knowledge is power!
Prepare your #ThreatHunting sessions by gathering intelligence reports on specific topics - could be tools, patterns, or threat actor groups
🏛️ mthcht.github.io/ThreatIntel-...
Now featuring more than 1,000 search results in over 11,000 Intelligence Reports updated regularly!
Prepare your #ThreatHunting sessions by gathering intelligence reports on specific topics - could be tools, patterns, or threat actor groups
🏛️ mthcht.github.io/ThreatIntel-...
Now featuring more than 1,000 search results in over 11,000 Intelligence Reports updated regularly!
December 9, 2024 at 1:12 AM
Knowledge is power!
Prepare your #ThreatHunting sessions by gathering intelligence reports on specific topics - could be tools, patterns, or threat actor groups
🏛️ mthcht.github.io/ThreatIntel-...
Now featuring more than 1,000 search results in over 11,000 Intelligence Reports updated regularly!
Prepare your #ThreatHunting sessions by gathering intelligence reports on specific topics - could be tools, patterns, or threat actor groups
🏛️ mthcht.github.io/ThreatIntel-...
Now featuring more than 1,000 search results in over 11,000 Intelligence Reports updated regularly!
I like this!
My intelligence-gathering sheet for planning #ThreatHunting sessions
December 16, 2024 at 5:02 AM
I like this!
Reposted by TheArtOfInfoSec
Enterprise software maker Citrix has warned customers about an increase in password-spraying attacks against NetScaler appliances: www.citrix.com/blogs/2024/1...
The warning comes days after a similar alert was issued by the BSI, Germany's cybersecurity agency: www.bsi.bund.de/SharedDocs/C...
The warning comes days after a similar alert was issued by the BSI, Germany's cybersecurity agency: www.bsi.bund.de/SharedDocs/C...
Password spraying attacks on NetScaler/NetScaler Gateway – December 2024 - Citrix Blogs
A series of recommendations to mitigate recent password spraying attacks on NetScaler/NetScaler Gateway.
www.citrix.com
December 14, 2024 at 11:46 PM
Enterprise software maker Citrix has warned customers about an increase in password-spraying attacks against NetScaler appliances: www.citrix.com/blogs/2024/1...
The warning comes days after a similar alert was issued by the BSI, Germany's cybersecurity agency: www.bsi.bund.de/SharedDocs/C...
The warning comes days after a similar alert was issued by the BSI, Germany's cybersecurity agency: www.bsi.bund.de/SharedDocs/C...
Reposted by TheArtOfInfoSec
Not new, but have not mentioned on Bluesky yet.
If you or someone you know aspires to be a SOC Analyst, check out my hands-on lab, "So you want to be a SOC Analyst?"
Thousands of people have been through it and the feedback has been 🔥
blog.ecapuano.com/p/so-you-wan... #infosec
If you or someone you know aspires to be a SOC Analyst, check out my hands-on lab, "So you want to be a SOC Analyst?"
Thousands of people have been through it and the feedback has been 🔥
blog.ecapuano.com/p/so-you-wan... #infosec
So you want to be a SOC Analyst? Intro
A blog series for someone wanting to get a start as a SOC Analyst
blog.ecapuano.com
December 15, 2024 at 5:15 PM
Not new, but have not mentioned on Bluesky yet.
If you or someone you know aspires to be a SOC Analyst, check out my hands-on lab, "So you want to be a SOC Analyst?"
Thousands of people have been through it and the feedback has been 🔥
blog.ecapuano.com/p/so-you-wan... #infosec
If you or someone you know aspires to be a SOC Analyst, check out my hands-on lab, "So you want to be a SOC Analyst?"
Thousands of people have been through it and the feedback has been 🔥
blog.ecapuano.com/p/so-you-wan... #infosec
Reposted by TheArtOfInfoSec
Listen on all platforms
securityconversations.com/episode/insi...
securityconversations.com/episode/insi...
Inside the Turla Playbook: Hijacking APTs and fourth-party espionage - Security Conversations
Three Buddy Problem – Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues […]
securityconversations.com
December 7, 2024 at 6:55 PM
Listen on all platforms
securityconversations.com/episode/insi...
securityconversations.com/episode/insi...
Reposted by TheArtOfInfoSec
As many people suspected, CL0P is taking credit for the CLEO 0-Day attack. That’s not…good.
Via @lawrenceabrams.bsky.social & @bleepingcomputer.com
Via @lawrenceabrams.bsky.social & @bleepingcomputer.com
Clop ransomware claims responsibility for Cleo data theft attacks
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data.
www.bleepingcomputer.com
December 15, 2024 at 8:35 PM
As many people suspected, CL0P is taking credit for the CLEO 0-Day attack. That’s not…good.
Via @lawrenceabrams.bsky.social & @bleepingcomputer.com
Via @lawrenceabrams.bsky.social & @bleepingcomputer.com
Reposted by TheArtOfInfoSec
Pretty sure not many are hunting for VM tool usages. This persistence technique, used by Ragnar Locker ransomware, deserves more attention from defenders: embracethered.com/blog/shadowb...
December 15, 2024 at 2:28 PM
Pretty sure not many are hunting for VM tool usages. This persistence technique, used by Ragnar Locker ransomware, deserves more attention from defenders: embracethered.com/blog/shadowb...
Reposted by TheArtOfInfoSec
