Deleting my Humble Bundle after the insistence on the recent changes. I don't blame them for trying to become a business, but maintaining the air of charity about it is pretty despicable. Why not just run a perpetual storefront *and* maintain the charity drives at full tilt? rockpapershotgun.com/humble-bu

Robert boosted

Infosec Core Competencies

This is an interesting list, and I appreciate that it covers fairly broad areas of knowledge within the IT realm.

I also really appreciate #50. 😉

netmeister.org/blog/infosec-co

Robert boosted

~Open Source Security Tool of the Day~

Firefox privacy, security and anti-fingerprinting: a comprehensive user.js template for configuration and hardening.

github.com/arkenfox/user.js/

Robert boosted

Microsoft's new project ports Linux eBPF to Windows 10, Server

Microsoft has launched a new open-source project that aims to add to Windows the benefits of eBPF, a technology first implemented in Linux that allows attaching programs in both kernel and user applications.

bleepingcomputer.com/news/secu

Robert boosted

Currently doing that IR exercise and it is such a load of fun dfirmadness.com/the-stolen-sze

omg, there are so much knowledge to mix up there #infosec #dfir

Robert boosted

Nice new resource from the SOC Prime team!

The Education Portal offers access to knowledge powered by Threat Detection Marketplace and includes the following sections:

Explore — read the insightful how-to deployment guides for various platforms and content types

Watch — see the platform capabilities in action by getting free access to online educational event recordings from the SOC Prime’s extensive webinar collection

socprime.com/news/education-po
socprime.com/news/education-po

Robert boosted

I would have to say that the PE (private equity) buyout has definitely given me some perspectives and some things to think about when it comes to mapping achievements and work with financial and growth outcomes.

We tend to think that "we do x, it's technical and specialized and other people see it" should be enough but it's not - not only map to profit and growth goals but also find the connections that lead back to you.

Show thread
Robert boosted

~Open Source Security Tool of the Day~

CALDERA™ is a cyber security framework designed to easily run autonomous breach-and-simulation exercises. It can also be used to run manual red-team engagements or automated incident response.

github.com/mitre/caldera

Hey, how well does everyone do identifying and regulating burnout? What are your strategies?

Asking for myself and all of us in infosec, and anyone else who finds it useful.

Robert boosted

~Open Source Security Tool of the Day~

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. Firejail can work in a SELinux or AppArmor environment, and it - 1/2

Robert boosted

Deepfakes are here. Hopefully, a public armed with knowledge, and a healthy dose of critical thinking, will be able to defend themselves against it.

Spot the Deepfake

Spotting deepfakes isn’t as easy as you might think. Learn more about it at spotdeepfakes.org

spotdeepfakes.org/en-US

Robert boosted
Robert boosted

Makes sense. MITRE is now trying to map their ATTACK framework to actual defence tactics.

Example is on exfiltration. shield.mitre.org/techniques/DT

shield.mitre.org/

Robert boosted

Intro to Hunting Adversaries Using the Attack Lifecycle Methodology
Indicator of Emulation
Leveraging Critical YARA Skills
Low Value Indicators For High Value Decisions
Practical Advice on Threat Hunting Panel
Incident Response & ATT&CK Matrix

My village list!

cfc.blueteamvillage.org/call-f

Robert boosted

@R10T Sure.
bellingcat.com — {OS,GEO}INT, investigative journalism, natsec
defenseone.com — natsec, geopolitics
gru.gq — infosec, disinfo
blog.lukaszolejnik.com — privacy, security, tech policy
pukhraj.me — security, threat intel
medium.com/@horkos — counter-intelligence

I understand none of these sites are technical in nature, but I felt the technical stuff is all too common—just browse r/netsec, if that's what you're looking for. :)

Robert boosted
Robert boosted

Top 30+ Best Blue Team Tools

A collection of best blue team tools to enrich your security toolkit. Discover different honeypots, incident response, threat hunting and other defensive tools.

securitytrails.com/blog/blue-t

Robert boosted

Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties.

github.com/FSecureLABS/leonida

Developed and released by F-Secure Labs

Robert boosted

I definitely trust my DNS provider - NextDNS - more than my ISP. This is because I willfully chose them after doing research and I also pay for the service to support them and keep them providing me with the tools to filter out crap and transparently show me what is happening on my networks.

Encrypted DNS Query Transports and Their Trust Models – Asinine Tech

asininetech.com/2020/06/26/enc

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.