@dfirnotes is (we're) mostly:
Information Security Leader & Educator | Twitter, Github: @dfirnotes
BBSTi, CISSP, GIAC**0x0c, GSE**2, ITIL, LPI, MAD CTI
Blog at https://t.co/WTp7sUaWtH
DMs open for #CyberMentoringMonday or other questions.
Be excellent to each other!
(1/n)
WinDbg finally released outside the store, and no more "Preview"!
Ecstatic to see my old team hit this milestone! It's come so far since @aluhrs13 and I started the "WinDbgNext" project so many years ago.
https://t.co/PtOcgTxQ3C
For $20 a month, you get access to a bunch of knowledge from smart people like @ForensicITGuy on topics from malware analysis to network forensics to EXCEL ❤️, and much more. This isn't sponsored, I just think it's awesome they're making such useful content so accessible!
Domain fronting is hands-down the weirdest thing. I think a lot of blue team (including myself) would have heard the term over the years without looking into it. 1/4
@Cyb3rMonk I think it depends on what you want the EDR.
Personally, I have never looked at an EDR as a source for detection but a source of telemetry. I see vendors say they detect "x", but I have always used that as one of my detections for a given operation versus the sole detection.
Anyone who wants a mentor, to give back to the community, or to just share resources should definitely check out #CyberMentoringMonday loads of amazing people and info in the tag!!
Reminded by @jaredcatkinson what an invaluable project Security Datasets is: OSS initiative that contributes malicious & benign datasets from different platforms to expedite data analysis & threat research. @Cyb3rWard0g @Cyb3rPandaH https://t.co/lYCDtx6qkj
Our Sigma rule extension for @code got a major update by my team member @paulhagertheo
It allows lookups of similar and related rules & uses a new web service to do that
it's still new & only superficially tested - feedback & bug reports are welcome
https://t.co/qwN2owJCrI
Our call for sponsors is open!
Our prospectus is now up at https://t.co/KLJKldRglC
Your support will help us do even more amazing things this year. Great opportunity to connect & support #womenInTech#diversity in #infosec#LeadTheChange#TDI2023
"The labs were fun and interesting. The feedback is fast and insightful...I'm not used to that much interaction with an instructor in an asynchronous course!" - Rob
@netresec@GuhnooPlusLinux That said, the way meterpreter does TLS is strange, so you can do detection on how it behaves.
However, again... this is defaults, you can change the TLS behavior in your payload options and advanced options.
well, Balkan Cyberia finally has a cover and it is marching robotically towards its publication on the 13th June with @mitpress! It has spies & cyborgs, not just apparatchiks - and will be open access but if you want a copy, there will be a discount code!
https://t.co/0yTi1FdbMo
We often get asked how to land a job in cybersecurity.
In today's video, Heath discusses the importance of community and giving back as one of the important steps to getting a job in cybersecurity.
https://t.co/7ozr8667Mz
#SLEUTHCON provides cybersecurity newcomers & professionals the opportunity to learn from industry experts in easy-to-follow 30 min talks. Join us online or in Arlington, VA on 5/12! Register today at https://t.co/k217bE6gS0. #cybercrime#infosec#cyberattacks#CTI#ransomware