des

@d3sre

SOC Architect, Blue Teamer, dc4131 since 2011, curious geek driven by the urge to understand things, mostly interested in DFIR &Threat Intel

Vrijeme pridruživanja: lipanj 2009.

Tweetovi

Blokirali ste korisnika/cu @d3sre

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @d3sre

  1. Prikvačeni tweet
    9. pro 2018.

    Finally published my paper about Security Monitoring Resolution Categories: thank you to , , , , , , , , and @Xpl0173d for your help

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    prije 12 sati

    Holy shit. Researcher discovers that TeamViewer stores user passwords encrypted and finds the encryption key and initialization vector in the windows registry

    Poništi
  3. proslijedio/la je Tweet
    28. sij

    This paper includes a lot of very useful metrics to implement the "Review" and "Tune" phases we suggest in our "How to Develop and Maintain Security Monitoring Use Cases" guidance paper

    Poništi
  4. proslijedio/la je Tweet
    14. sij
    Poništi
  5. proslijedio/la je Tweet
    14. sij

    Empire is easily in the top ten of exploit frameworks found in the wild. Blue teamers would be wise to educate themselves on the new capabilities.

    Poništi
  6. proslijedio/la je Tweet

    New tool release for exploiting CVE-2019-19781. All for responsible disclosure and wish there had been a longer period before researchers had posted this publicly to give defenders a chance to fix. No sense in keeping private now, and hopefully this can be used to test and fix.

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    5. sij

    A must-add tool to compliment your One Drive and Sharepoint investigations! The Office Document Cache is chock full of artifacts that may not show up elsewhere on disk.

    Poništi
  8. proslijedio/la je Tweet
    21. pro 2019.

    Extract Malware Configuration with MalConfScan by . I first saw this as a "POC", but then realized that detecting even a minimal set of the most common implants will find a massive number of attacks. There is an amazing lack of diversity in RATS

    Poništi
  9. proslijedio/la je Tweet
    19. pro 2019.

    Achtung: -Mails mit angeblichem Unterstützungsaufruf für Greta Thunberg verbreiten die Schadsoftware .

    Poništi
  10. proslijedio/la je Tweet
    11. pro 2019.

    There is no shortage of incredible talent, but there is absolutely a shortage of companies willing to pay market rates, hire wherever the talent is, offer a compelling workplace, and not be total shitheads. It’s a real problem! But a fixable one. Be better, do better, hire better

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    11. pro 2019.

    As a wise person once said “It is time!” 2019 is open!!! Now the cyber thinking and geeky head scratching begins.

    Poništi
  12. proslijedio/la je Tweet
    11. pro 2019.

    Group-IB team has discovered over 460,000 payment records related to banks valued at over $0.5 million on Joker's Stash . Upon discovery, Group-IB has informed local authorities about the sale of the payment records

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    5. pro 2019.

    Exciting to be giving training at ringzerØ next year! “Program Analysis for Vulnerability Research”

    Poništi
  14. 7. pro 2019.

    currently i don't plan on presenting the taxonomy again another time, i would be open to podcast interviews though if any options come my way ;) i will keep on adding more KPI/metrics and illustration possibilities when chances or ideas come up.

    Poništi
  15. 7. pro 2019.

    i added a FAQ site and a dedicated page for KPIs and metrics (including the Heatmaps) to the Use Case Applicability wiki: if you have more questions you want me to answer, best is to submit them with Github Issues.

    Poništi
  16. proslijedio/la je Tweet
    6. pro 2019.

    Management "getting serious about migrating to more secure practices."

    Poništi
  17. proslijedio/la je Tweet
    6. pro 2019.

    The worst mistake in a SIEM project today is (still) not starting from a use case driven strategy for collecting/polishing data. Not only cost-ineffective, it creates an expectation bubble, frustrating sponsors when it bursts. That's not a tactical/ops but a strategic decision.

    Poništi
  18. proslijedio/la je Tweet
    3. pro 2019.

    This table is the first time I have ever had the True Positive / True Negative / False Positive / False Negative definitions truly make sense to me. Source:

    Poništi
  19. proslijedio/la je Tweet
    4. pro 2019.

    Just published a report on with emphasis on regional distribution servers.

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet

    KringleCon 2019 is just around the corner!

    Poništi
  21. 4. pro 2019.

    much love to my people join them at this month Beer on Tuesdays to get a nice snowflake as well :)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·