“Being a CISO right now is like standing on lava islands while juggling radioactive lightsabers.” Worthwhile read from Daniel Meissler on the potential rise of the Cyber-CFO and a necessary evolution to “less magic & more accounting.”
https://t.co/G6MSMH54KY
Stop trying to catch the ransomware executable, it’s too late then, exfiltration has typically happened already, and defenses are likely turned off. Start trying to catch initial access broker procedures like rundll32 proxy execution and net group enumerations that were reported a decade ago in the APT1 report!
Hey, infosec brains trust! 🧠 Ever felt like you're juggling digital chainsaws? 🪚💻 I've been in the trenches with:
🔹#LOLBAS 🛠️: Your multi-tool for Windows. A treasure trove of Binaries, Scripts, and Libraries that adversaries may use to live off your land.
🔹#GTFOBINS ⚙️: Your field guide to Unix binaries, masterfully navigating through airtight local security restrictions.
🔹#LOLDRIVERS 🚀: A rogues' gallery of Windows drivers, exploited by adversaries to bypass security controls and wreak havoc.
These projects are more than just a catalog for abuses of the OS; they're a rich wellspring of intel and detection enrichment. 📚🔍 I'm curious, have you spun these into threat detection tools (sigma rules) or defenses? How did you automate the data collection process from these projects?
The million-dollar question 💰: Have you rolled up your sleeves and used all the LOL resources in https://t.co/u6tdIrcq8n by @br0k3ns0und, or just cherry-picked a few?
🔄🔒 #DefenseDIY #InfoSecJugglers #LOLBinLife
In our latest video, @ForensicITGuy performs malware analysis of a malicious Python package that exfiltrates data over Discord.
It's available today in the Analyst Skills Vault! 🚀
𝐏𝐔𝐁𝐋𝐈𝐂 𝐍𝐎𝐓𝐈𝐂𝐄
KETRACO placed the attached advertisement in The Standard Newspaper on April 25th, 2023.
Please follow the instructions on the tender from KETRACO Website https://t.co/rTaiKxF8WI