The Bangladesh Bank Heist - Lazarus Group at work - Interesting story on Darknet Diaries darknetdiaries.com/episode/72/

Building anon vm for tor research. Tried TailsOS - Didn’t like it. Not convinced of the Whonix architecture (yet). Installing BunsenLabs right now as an lightweight desktop with vpn and tor.

Any other ideas for a tor browser running vm in Virtualbox?

Did anyone ever see a comparison of cyber maturity by industry? Meaning something that says...

most mature: Defense Contractor

2nd: Finance

3rd: Manufacturing

...

Second to Last: Hospitality

Last: Education

When your red team engagement produces targeted malware that is discussed on security blogs...

Was able to spin applying IPS signatures to prevent exploitation of a vuln as a nice service to my sysadmins, who aren't sure whether they can apply an immature patch quickly enough.
They really appreciated the extra time to figure out fixing the vuln.

Don't think this will change InfoSec's perception from a Taker to a Giver but it is a start.

Let’s start a new weekly hash tag to talk about threat actors and their TTPs!

This week: Maze Hacking Group - A nasty cyber crime group that combines ransomware with data leaks.

labs.sentinelone.com/maze-rans

@jerry Just read your piece on Marsh's list of endorsed services.

I completely agree that in (as in all other verticals within an larger org) success depends mainly on the ability to hire the right talent and the ability of the cyber lead to execute the strategy by implementing the necessary processes.

For me the next logical step is a deeper specialization of cyber talent - SOC analyst, vuln/risk manager, CSIRT engineer, etc.

infosec.engineering/the-role-o

What do have NYU.EDU, PURDUE.EDU and CS.WISC.EDU in common?

Their email systems have been used as attack infrastructure against us. Wonder if they all use the same type of email system.

All attacks used five random characters as the user part of the email address.

Show more
IOC.exchange

INDICATORS OF COMPROMISE (IOC)
InfoSec Community within the Fediverse. Instance is supposed to be fast and secure. Everyone is welcome - Jump on Board!

We have a Getting Started Guide here: https://guide.ioc.exchange

Other Cyber Communities:
hackers.town
chaos.social
infosec.exchange
social.privacytools.io
cybre.space

HAVE FUN and STAY SAFE!