seb @seb@ioc.exchange

SANS - CISO mindmap

https://www.sans.org/security-resources/posters/ciso-mind-map-vulnerability-management-maturity-model/205/download

#cybersecurity #infosec

CIS Top20 in a nice format: https://controls-assessment-specification.readthedocs.io/en/latest/index.html
#cybersecurity #infosec

Anyone ever ran the Infection Monkey on an Enterprise scale network (10k+ hosts)?

https://www.guardicore.com/infectionmonkey/

#infosec #cybersecurity

First paper on HIDS ever: https://faculty.nps.edu/dedennin/publications/IDS%20model.pdf #cybersecurity #infosec #theory >

Some great pastebin variations out there: https://awesomeopensource.com/projects/pastebin

#privacy #cybersecurity #infosec

The Case of Scale in #cybersecurity : https://media.ccc.de/v/36c3-11220-the_case_for_scale_in_cyber_security #infosec

Threat Actor of the Day: The Shadow Brokers - https://en.wikipedia.org/wiki/The_Shadow_Brokers #infosec #cybersecurity #history #apt

Threat Actor of the Day: Equation Group - https://en.wikipedia.org/wiki/Equation_Group #infosec #cybersecurity #history #apt

Threat Actor of the Day: Charming Kitten - https://en.wikipedia.org/wiki/Charming_Kitten #infosec #cybersecurity #history #apt

The Bangladesh Bank Heist - Lazarus Group at work - Interesting story on Darknet Diaries #apt #podcast #infosec #cybersecurity #history https://darknetdiaries.com/episode/72/

Threat Actor of the Day: Lazarus Group - https://en.wikipedia.org/wiki/Lazarus_Group #infosec #cybersecurity #history #apt

#cybersecurity #infosec

Threat Actor of the Day: Fancy Bear - https://en.wikipedia.org/wiki/Fancy_Bear #infosec #cybersecurity #history #apt

Threat Actor of the Day: Tailored Access Operations (TAO) - https://en.wikipedia.org/wiki/Tailored_Access_Operations #infosec #cybersecurity #history #apt

Automated Behavioral Analysis of #Malware - A Case Study of #WannaCry #Ransomware

https://arxiv.org/abs/1709.08753v1

#infosec #cybersecurity #history

Wikipedia Article of the Day (IOC Edition): https://en.wikipedia.org/wiki/Cyberwarfare #infosec #cybersecurity #history

Building anon vm for tor research. Tried TailsOS - Didn’t like it. Not convinced of the Whonix architecture (yet). Installing BunsenLabs right now as an lightweight desktop with vpn and tor.

Any other ideas for a tor browser running vm in Virtualbox?

#cybersecurity #infosec #privacy

Did anyone ever see a comparison of cyber maturity by industry? Meaning something that says...

most mature: Defense Contractor

2nd: Finance

3rd: Manufacturing

...

Second to Last: Hospitality

Last: Education

#cybersecurity #infosec

When your red team engagement produces targeted malware that is discussed on security blogs...
#herdingcats #cybersecurity #infosec

#infosec #cybersecurity

Was able to spin applying IPS signatures to prevent exploitation of a vuln as a nice service to my sysadmins, who aren't sure whether they can apply an immature patch quickly enough.
They really appreciated the extra time to figure out fixing the vuln.

Don't think this will change InfoSec's perception from a Taker to a Giver but it is a start.