Someone posts a badly obfuscated photo of a credit card that they picked up.
_Let's play a game_
Need to pick up the GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition (to be released on 8 Sep 2019) also ;)
Also said project mentioned in GIAC GSEC main book, Learning Kali Linux, Cyber Operations...I'm compiling a short list now.
When you search for examples of a configuration of a project you work for and notice the project gets mentioned in the Network Forensics book :)
Then book makes a mistake that it's owned by IBM :/
A follow up, a couple of posts I have on Linux log sources ( https://medium.com/@hannahsuarez/top-sources-for-better-linux-log-collection-with-nxlog-d465b7d4d361 ) and Windows Event/Group IDs to log ( https://medium.com/@hannahsuarez/what-are-the-top-eventlog-ids-and-id-groups-to-watch-out-for-indicators-of-compromise-or-93d961ff326d )
Anton Chuvakin on logs and #infosec
"Detecting Threats by Matching Threat Intel to Logs — Oh Really?" https://medium.com/anton-on-security/retaining-logs-for-a-year-boring-or-useful-70ea21fa3dda
"Retaining Logs For A Year: Boring or Useful?" https://medium.com/anton-on-security/detecting-threats-by-matching-threat-intel-to-logs-oh-really-10cc8a4c6384
> "So I call the university IT helpline, and they send a kid, no older than me. He sits down at my computer and looks at it and says 'boy you've really screwed this thing up'"
> "Then, right in front of me, he logs onto my website and downloads Malwarebytes."
Hmm, 4GB #owasp #zap persisted sessions saved from some sessions last year.. time to delete https://groups.google.com/forum/#!topic/zaproxy-develop/MiaxN3WDxlA
> Bulgaria’s NRA tax agency is facing a fine of up to €20m ($22.43m) over the hack, which was revealed this week and is thought to have compromised the records of nearly every working adult among the country’s population of 7 million – about 5 million people.
Financial records of nearly every Bulgarian exposed
Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia's Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing. https://www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-has-been-hacked-with-social-media-and-tor-projects-exposed/#7f32c5db6b11
#SIEM edition of Enterprise Security Magazine
https://www.enterprisesecuritymag.com/magazines/July2019/SIEM/
You can add your "details" but no sign in or registration
Our vendor product mentioned in the Enterprise Security magazine #SIEM edition :)
Anyone familiar with DataDog products? https://www.datadoghq.com/log-management/
Yes that's right. There is an ELASTIC SIEM
Hands on with Elastic SIEM: Defending your organization with the Elastic Stack
Various techniques to audit #SQL Server databases https://www.sqlshack.com/various-techniques-to-audit-sql-server-databases/
It's for a use case so it's not a live sample.
Praying to some #Rapid7 gods - why my Ingress Authentication UEF contract is not being indexed on InsightIDR Log Search even though the JSON fields match, ISO timestamp is what it should be, fields are being dropped.. I suspect it's the fields. Well maybe time to switch to another use case which is to a static log file of various ingress authentication samples rather than watching an event (EventLog ID 4625 audit failure)
