Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @Bakk3rM
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Bakk3rM
-
Prikvačeni tweet
Released a cheat sheet for
#KQL (Kusto Query Language). - Download: https://github.com/marcusbakker/KQL/blob/master/kql_cheat_sheet_v01.pdf … - What is KQL and why I've created the cheat sheet: https://www.mbsecure.nl/blog/2019/12/kql-cheat-sheet …#Sentinel#LogAnalyticspic.twitter.com/D6H0k9Waiw
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I've created a dark "mode" version of the Kusto Query Language/
#KQL cheat sheet. GitHub: https://github.com/marcusbakker/KQL/blob/master/kql_cheat_sheet_dark.pdf …#AzureDataExplorer#Sentinel#LogAnalyticspic.twitter.com/t388xjz2zq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Looking to get more conferences and events filmed, I'm working to assemble and distribute video additional rigs. Can you help me carry the cost? https://administraitor.video/fundraiser.html RT very much appreciated.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I've released an update on the KQL cheat sheet with several changes mostly based on feedback from others. Version 0.2 can be found here: https://github.com/marcusbakker/KQL/blob/master/kql_cheat_sheet.pdf … Thank you to all who have provided feedback which is highly appreciated!
#AzureDataExplorer#Sentinel#LogAnalyticspic.twitter.com/SVSoYw84Pi
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Version 1.2.6 of DeTT&CT is out which brings several new features. Among others, it's now possible to perform EQL searches on custom key-value pairs of a technique administration YAML file. Changelog: https://github.com/rabobank-cdc/DeTTECT/wiki/Changelog#version-126 …pic.twitter.com/HenZHwjrcL
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Want to classify process injection by Windows API calls? Check out the new poster made by
@MalFuzzer and me!#ProcessInjection#MalwareAnalysis#CheatSheet#Poster https://malwareanalysis.co/ pic.twitter.com/uLN81TUCBd
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Introducing the Funnel of Fidelity, a model to evaluate the efficacy of detection and response programs.https://posts.specterops.io/introducing-the-funnel-of-fidelity-b1bb59b04036 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Nice publication from
@f00th0ld and@cyberthreatlab: ATT&CK Techniques and Trends in Windows Malware (https://krisk.io/post/attack/ ). Created an ATT&CK Navigator layer with DeTT&CT for this: https://github.com/rabobank-cdc/DeTTECT/blob/master/threat-actor-data/ATT%26CK-Navigator-layers/20190902-ATTACK-Techniques-and-trends-in-Windows-malware/ATTACK-Techniques-and-Trends-in-Windows-malware.json … And also created a group YAML file: https://github.com/rabobank-cdc/DeTTECT/blob/master/threat-actor-data/20190902-ATTACK-Techniques-and-trends-in-Windows-malware.yaml …#CTIpic.twitter.com/5MXtPdFJDH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
I just published Man-in-the-Network: Network Devices are Endpoints too https://medium.com/@c2defense/man-in-the-network-network-devices-are-endpoints-too-d5bd4a279e37?source=friends_link&sk=aa27c8f584ef3d96a107c6a344a736a1 … Special thanks to
@cyb3rops for his Sigma project, and to@olafhartong for the encouragement!@MITREattack I hope you integrate these changes to include Network devices as a platform.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Created multiple ATT&CK Navigator layers and a DeTT&CT group YAML file for
@CrowdStrike's 2019 Mid-Year OverWatch Report. Navigator layers: https://github.com/rabobank-cdc/DeTTECT/tree/master/threat-actor-data/ATT%26CK-Navigator-layers/20191001-CrowdStrike … Group YAML file: https://github.com/rabobank-cdc/DeTTECT/blob/master/threat-actor-data/20191001-CrowdStrike.yaml …#BlueTeam#CTIpic.twitter.com/yCvtDhDtNK
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
We released DeTT&CT version 1.2.3 supporting the latest ATT&CK October update. This update includes the new cloud data sources and platforms. Check the changelog for more info:https://github.com/rabobank-cdc/DeTTECT/wiki/Changelog#version-123 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
October ATT&CK update is now live! Lots of new information in Enterprise, Mobile, Groups, and Software. The biggest change is the addition of ATT&CK for Cloud! Thanks to all our contributors that helped with this update and with Cloud! Update notes: https://attack.mitre.org/resources/updates/ …pic.twitter.com/X4gAIESgKI
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The video and slides of my talk together with
@RubenB_2 on DeTT&CT at@hack_lu are online. Video: https://www.youtube.com/watch?v=_kWpekkhomU … Slides: https://github.com/marcusbakker/presentations/blob/master/20191023_DeTT%26CT_Hack_Lu.pdf …#BlueTeamHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Yesterday I gave a talk on the TaHiTI Threat Hunting Methodology together with Rob van Os at the
@pvib Security Congress. - The slides of the talk can be found here: https://github.com/marcusbakker/presentations/blob/master/20191009_TaHiTI%20-%20PvIB%20Security%20Congres.pdf … - Previously written blog post on TaHiTI: https://www.mbsecure.nl/blog/2018/12/tahiti-threat-hunting-methodology …#ThreatHuntingHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
This was a fun one. Upon documenting the process of identifying AMSI components, fastprox.dll showed up (a core WMI component) which I was completely unaware of. Really cool to see MS continually improve detection optics in response to attacker tradecraft!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Antimalware Scan Interface Detection Optics Analysis Methodology: Identification and Analysis of AMSI for WMIhttps://posts.specterops.io/antimalware-scan-interface-detection-optics-analysis-methodology-858c37c38383 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Posted a new blog to share my knowledge on how to integrate
@eventquerylang into your Python tooling. Example code is included in the blog and on GitHub. Blog: https://www.mbsecure.nl/blog/2019/10/how-to-integrate-eql-into-your-tooling … GitHub: https://github.com/marcusbakker/EQL …#EQL#BlueteamHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Examining access token privileges with Microsoft Defender ATP + Kusto and why this can be interesting from a blue team perspective. https://www.siriussecurity.nl/blog/2019/10/1/examining-access-token-privileges-with-mdatp-and-kusto … @WindowsATP
#MDATP#Kusto#KQLHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcus Bakker proslijedio/la je Tweet
Happy to release the Threat Hunting with ETW events and
@THE_HELK series! Part I:
Installing SilkETW to consume events via the event log locally is out! Next, Shipping events to @THE_HELK
Thank you @FuzzySec
#ThreatHuntinghttps://medium.com/threat-hunters-forge/threat-hunting-with-etw-events-and-helk-part-1-installing-silketw-6eb74815e4a0 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.