Added a couple of short entries today
Collection of various answers I've given online
Day 5 of being sick. Though I spent most of the day writing this small #SIEM ebook.
Should be published sometime in Jan 2020.
f Star Wars Jedi Fallen Order gameplay, end of game spoiler
One of the biggest things that I have notice about this game is the cinematics - angles, panning, etc. Like this one.
boss of the soc dataset
Doing a SIEM (Splunk, InsightIDR) walk through.
Free Windows Server EC2 instance, thinking of using Splunk's Boss of the SOC dataset (about 3GB). See https://github.com/splunk/botsv2
But it's 3GB and on a free tier account...with the InsightIDR Collector and Splunk both running locally.
If you have read The Phoenix Project, there is a new book out called The Unicorn Project https://enterprisersproject.com/article/2019/11/3-lessons-it-leaders-unicorn-project
Normally one does like a simple list or form when learning a programming language but I am learning Python and building up a scanner using the nmap library. Picked up a book/course earlier this week to refresh about a couple of years since I last worked with this language (mainly on pylint/sphinx).
> Defecting Chinese spy offers information trove to Australian government
A Chinese spy has risked his life to defect to Australia and is now offering a trove of unprecedented inside intelligence on how China conducts its interference operations abroad.
Listening to @tinker videos on SE/physical pentesting stuff. Not my usual but interesting stories.
(from 2019 layer8 con) https://www.youtube.com/watch?v=aPUKznP9FkA&t=2298s (which mentions a lot of https://www.youtube.com/watch?v=uv4s_ltHzFw&t=3s)
For WMI attack investigation, look into collecting Windows Event Log from the WMI-Activity Operational channel as well as from the Microsoft-Windows-WMI-Activity ETW Provider. SANS DFIR on WMI attacks https://digital-forensics.sans.org/blog/2019/02/09/investigating-wmi-attacks #windows #dfir
Book I want to read - Venice Secret Service
Housed in the imposing Doge's Palace and under the direction of the Council of Ten, the notorious governmental committee that acted as Venice's spy chiefs, this 'proto-modern' organisation served prominent intelligence functions including operations, analysis, cryptography and steganography, cryptanalysis, and even the development of lethal substances.
A Mastodon instance for info/cyber security-minded people.