Pinned toot
HCS ▋  

rest of 2020 goals in mind: 📆

:pika: Pivot at the current place

:pika: Take on board another project

:pika: Actually contribute to an open source project (now that, I'm no longer involved with open source / community software)

:pika: Contribute into an online course

:pika: Pick up a whole new skill

:pika: Keep up my blog entries on hannahsuarez.me

:pika: Continue to apply and send Cfp/talk submissions

:pika: Continue on with this ruleset submissions that has been on my mind

1+
Pinned toot
HCS ▋  

Who moved my DNS cheese? BIND 9 DNS Log Collection and DNS Auditing hannahsuarez.github.io/2020/wh

Looking into other cloud DNS infrastructure for a potential series. What provider do you use?

0
HCS ▋  

Just a note that they also share options to come up and be a speaker.

Current Calls for Presentations (CFPs)

sans.org/cyber-security-summit

And subscribe to their notification list!

Show thread
0
HCS ▋  

WOW!! SANS Virtual Summits Will Be FREE for the Community in 2021

sans.org/blog/sans-virtual-sum

Cyber Threat Intelligence Summit
Open-Source Intelligence
ICS Security Suimit
Purple Team Summit
CloudSec Next Summit
DFIR Summit
Security Awareness Summit
Cybersecurity Leadership Summit
Cyber Defense Summit |
Threat Hunting Summit
Cloud & DevOps Security 2021
Pen Test HackFest Summit

1
HCS ▋  

The Report

thedfirreport.com/

Real Intrusions by Real Attackers, The Truth Behind the Intrusion

0
HCS ▋  

SIEM use case writing and best practices blueteamblog.com/siem-use-case

0
HCS ▋  

InfoSec Black Friday Deals 2020 github.com/0x90n/InfoSec-Black

0
HCS ▋  

German Open Source Intelligence Conference GOSINTCon 2020

youtube.com/watch?v=iAxlmOmztA

(in German)

1
HCS ▋  

DeTT&CT aims to assist blue teams using ATT&CK to score and compare data log source quality, visibility coverage, detection coverage and threat actor behaviours.

github.com/rabobank-cdc/DeTTEC

0
HCS ▋  

How Ryuk Ransomware operators made $34 million from one victim bleepingcomputer.com/news/secu

0
HCS ▋  

German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. Their story is a warning wired.co.uk/article/ransomware

0
HCS ▋  

Other than my German lessons (I booked at least 22 hours incl 11 hrs class), what else can I do in the next 2-3 weeks for the rest of November?
An immersive course somewhere?
More blog posts on hannahsuarez.me for another topic?
Maybe rules for socprime?

1+
HCS ▋  

Humble Book Bundle: AWS, Azure, Google, and Cloud Security humblebundle.com/books/aws-azu

0
HCS ▋  

Save the date for the virtual Purple Team Summit on Friday, November 13, 2020.

This is a community driven event for the entire Purple Team from all levels including Executives to Students. We want to get Cyber Threat Intelligence, Red Team, Blue Team, SOC, Hunt Teams, Digital Forensics and Incident Response, and everything in between together for this free conference and workshops. More details coming soon.

The Call for Presentations is now open til October 18, 2020.

scythe.io/purple-team-summit

0
HCS ▋  

Cyber Threat Intelligence Summit CFP sans.org/event/cyber-threat-in

0
HCS ▋  

Remapping Red Canary with ATT&CK sub-techniques redcanary.com/blog/mitre-sub-t

0
HCS ▋  

Nice, HKCU run keys get a mention. vxug.fakedoma.in/papers/VXUG/E

Defenders can check out my post on: List of HKEY_* / Windows Registry keys and subkeys to audit based on MITRE ATT&CK, JPCert Lateral Movements analysis hannahsuarez.github.io/2019/hk and other links

Thread: twitter.com/smelly__vx/status/

+ their addition: "Note: Mitre | Att&ck does not explicitly list this technique. This technique is a pseudo-hybrid child of DLL side-loading & binary masquerading."

0
HCS ▋  

A Dutch hacker summer camp is a go go for 2021!

0
HCS ▋  

Collect and alert on this PowerShell code that disables Microsoft-Windows-PowerShell event logging:
Remove-EtwTraceProvider -AutologgerName EventLog-Application -Guid '{A0C1853B-5C40-4B15-8766-3CF1C58F985A}'
(from medium.com/palantir/tampering- )

Because attacks like Empire uses powershell command line parameters, which you can also add rules on your choice of siem or dashboard, see uncoder.io then "Empire PowerShell Launch Parameters"

0
HCS ▋  

DNS and IT security - Know your DNS Queries and Requests, Attacks, and SANS CSC hannahsuarez.github.io/2020/dn

1
HCS ▋  

An overview of targeted attacks and APTs on Linux

securelist.com/an-overview-of-

1
HCS ▋  

Registration for is LIVE / October 9th and 10th shellcon.io/registration

0
Show more

infosec

96

owasp

9
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.

Resources

Developers

What is Mastodon?

infosec.exchange

More…