Robert boosted
Robert boosted

Deepfakes are here. Hopefully, a public armed with knowledge, and a healthy dose of critical thinking, will be able to defend themselves against it.

Spot the Deepfake

Spotting deepfakes isn’t as easy as you might think. Learn more about it at spotdeepfakes.org

spotdeepfakes.org/en-US

Robert boosted
Robert boosted

Makes sense. MITRE is now trying to map their ATTACK framework to actual defence tactics.

Example is on exfiltration. shield.mitre.org/techniques/DT

shield.mitre.org/

Robert boosted

Intro to Hunting Adversaries Using the Attack Lifecycle Methodology
Indicator of Emulation
Leveraging Critical YARA Skills
Low Value Indicators For High Value Decisions
Practical Advice on Threat Hunting Panel
Incident Response & ATT&CK Matrix

My village list!

cfc.blueteamvillage.org/call-f

Robert boosted

@R10T Sure.
bellingcat.com — {OS,GEO}INT, investigative journalism, natsec
defenseone.com — natsec, geopolitics
gru.gq — infosec, disinfo
blog.lukaszolejnik.com — privacy, security, tech policy
pukhraj.me — security, threat intel
medium.com/@horkos — counter-intelligence

I understand none of these sites are technical in nature, but I felt the technical stuff is all too common—just browse r/netsec, if that's what you're looking for. :)

Robert boosted
Robert boosted

Top 30+ Best Blue Team Tools

A collection of best blue team tools to enrich your security toolkit. Discover different honeypots, incident response, threat hunting and other defensive tools.

securitytrails.com/blog/blue-t

Robert boosted

Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties.

github.com/FSecureLABS/leonida

Developed and released by F-Secure Labs

Robert boosted

I definitely trust my DNS provider - NextDNS - more than my ISP. This is because I willfully chose them after doing research and I also pay for the service to support them and keep them providing me with the tools to filter out crap and transparently show me what is happening on my networks.

Encrypted DNS Query Transports and Their Trust Models – Asinine Tech

asininetech.com/2020/06/26/enc

Robert boosted

@sillystring Yeah very interesting area. I found out recently that RDAP is becoming the next or sucessor of whois tools.ietf.org/html/rfc7482

VirusTotal and ThreatConnect is good for the community availability. Also passive Dns offerings, and a couple more that is paid/enterprise solutions.

Good luck with the threat hunting

Robert boosted

Pandemics & Propaganda: How Chinese State Media Creates and Propagates CCP Coronavirus Narratives | HKS Misinformation Review

To gain insight into how Chinese state media is communicating about the coronavirus pandemic to the outside world, we analyzed a collection of posts from their English-language presence on Facebook.

misinforeview.hks.harvard.edu/

Robert boosted

Udemy (momentarily free)

- Computer from Scratch to Advanced: lnkd.in/e-eqiTq

- , , - Certification Course: lnkd.in/e5PiBqF

- the Boring Stuff with Programming: lnkd.in/eCDCyyd

- Pass Solutions Architect Associate in first attempt: lnkd.in/ed7U-D3

- Masterclass - Beginner to Expert: lnkd.in/eZXwRj5

Robert boosted

Coping with a lot personally, but meanwhile everyone be safe and stay sane. If you can muster it, it is a *hell* of a time to read and study, and do.

Robert boosted
Robert boosted
Robert boosted

"Fox Kitten" Campaign

Info on techniques/methods:

Pre-access/Access Tools:
VPN system vulnerabilities
A pre-access tool

Local priv esc tools
Juicy Potato, Procdump, Mimikatz, Sticky Keys, other accessibility tools settings, local admin user

Lateral movement tools:
STSRCheck, port.exe, Invoke the Hash

Backdoor/C&C tools:
POWSSHNET, socket based backdoor for socket opening, servo, Ngrok, FRP, webshells, archives (winrar, z-zip)

Summary: clearskysec.com/fox-kitten/
Full: clearskysec.com/wp-content/upl

Robert boosted

Thank you @kde for all your work on KDE & Plasma. Thank you @mozilla for Firefox. Thank you to all the kernel hackers for their restless work on the Linux kernel. Thank you to everyone involved working on the GNU tools! Thank you to all the devs working on libraries and the backend, who clearly get to little love!

[1/2]

Is anyone having weird issues with the Barracuda RBL?

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.