Meta Quarterly Adversarial Threat Report [Q3 2022](https://about.fb.com/wp-content/uploads/2022/11/Quarterly-Adversarial-Threat-Report-Q2-2022-1.pdf)
π£jnazario
π@malwr
π£jnazario
π@malwr
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti
π£digicat
π@malwr
π£digicat
π@malwr
Trellix
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti
The recently leaked Yanluowang messages span from mid-January to September 2022 and include around 2.7K messages. However, from this relatively small dataset we have gained a valuable intel on Yanluowang threat actor, their innerworkings, victims and possibleβ¦
π1
Vulnerable SDK components lead to supply chain risks in IoT and OT environments
π£SCI_Rusher
π@malwr
π£SCI_Rusher
π@malwr
Microsoft Security Blog
Vulnerable SDK components lead to supply chain risks in IoT and OT environments - Microsoft Security Blog
As vulnerabilities in network components, architecture files, and developer tools have become an increasingly popular attack vector to leverage access into secure networks and devices, Microsoft identified such a vulnerable component and found evidence ofβ¦
Security platform for tracking SOC2 compliance
Hey all,
I'm sharing my project on Github called Gapps. Gapps is a platform to help track/implement SOC2 controls for your organization. It ships with over 200+ controls and 25+ policies.
I created this tool because:
1. I found the SOC2 readiness "process" confusing, compared to other frameworks.
2. I'm not aware of a open-source compliance platform so hopefully people contribute and we can build one. The end goal is to support other frameworks.
Here is the link to the video and the Github link.
Upcoming improvements:
1. Add other frameworks such as NIST CSF, HIPAA, CMMC, CIS CSC, etc.
2. Collection windows and reminders
3. Add documentation for using Gapps "agent" - Mac/Nix/Windows agent that asserts compliance for endpoints (helps with a number of SOC2 controls)
Would be great if others contributed - there are a ton of features that I'd like to add. Feel free to submit issues and/or PM me with questions.
π£skywalker_1391
Where were you able to find all the controls?
π€aflyingpotatoe
Hi just a heads up on licensing, from the Creative Commons FAQ: https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software
>We recommend against using Creative Commons licenses for software. Instead, we strongly encourage you to use one of the very good software licenses which are already available. We recommend considering licenses listed as free by the Free Software Foundation and listed as βopen sourceβ by the Open Source Initiative.
>
>Unlike software-specific licenses, CC licenses do not contain specific terms about the distribution of source code, which is often important to ensuring the free reuse and modifiability of software. Many software licenses also address patent rights, which are important to software but may not be applicable to other copyrightable works.
>
>Additionally, our licenses are currently not compatible with the major software licenses, so it would be difficult to integrate CC-licensed work with other free software. Existing software licenses were designed specifically for use with software and offer a similar set of rights to the Creative Commons licenses.
Since you chose CC-BY-NC-ND license you should probably stick with "source available" software licenses or something like Prosperity Public License (A non-commercial software license), Business Source License (Recently adopted by LightBend / Akka and other big projects), or Fair Source License
There are also some Copy-far-left or Copyfair Licenses that could be appealing to you as similar to CC-BY-NC-ND: https://github.com/LibreCybernetics/awesome-copyfarleft
π€fabianhjr
Do HITRUST next. I use field guide and am not a huge fan. Plenty of pop there
π€bloopscooppoop
π@malwr
Hey all,
I'm sharing my project on Github called Gapps. Gapps is a platform to help track/implement SOC2 controls for your organization. It ships with over 200+ controls and 25+ policies.
I created this tool because:
1. I found the SOC2 readiness "process" confusing, compared to other frameworks.
2. I'm not aware of a open-source compliance platform so hopefully people contribute and we can build one. The end goal is to support other frameworks.
Here is the link to the video and the Github link.
Upcoming improvements:
1. Add other frameworks such as NIST CSF, HIPAA, CMMC, CIS CSC, etc.
2. Collection windows and reminders
3. Add documentation for using Gapps "agent" - Mac/Nix/Windows agent that asserts compliance for endpoints (helps with a number of SOC2 controls)
Would be great if others contributed - there are a ton of features that I'd like to add. Feel free to submit issues and/or PM me with questions.
π£skywalker_1391
Where were you able to find all the controls?
π€aflyingpotatoe
Hi just a heads up on licensing, from the Creative Commons FAQ: https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software
>We recommend against using Creative Commons licenses for software. Instead, we strongly encourage you to use one of the very good software licenses which are already available. We recommend considering licenses listed as free by the Free Software Foundation and listed as βopen sourceβ by the Open Source Initiative.
>
>Unlike software-specific licenses, CC licenses do not contain specific terms about the distribution of source code, which is often important to ensuring the free reuse and modifiability of software. Many software licenses also address patent rights, which are important to software but may not be applicable to other copyrightable works.
>
>Additionally, our licenses are currently not compatible with the major software licenses, so it would be difficult to integrate CC-licensed work with other free software. Existing software licenses were designed specifically for use with software and offer a similar set of rights to the Creative Commons licenses.
Since you chose CC-BY-NC-ND license you should probably stick with "source available" software licenses or something like Prosperity Public License (A non-commercial software license), Business Source License (Recently adopted by LightBend / Akka and other big projects), or Fair Source License
There are also some Copy-far-left or Copyfair Licenses that could be appealing to you as similar to CC-BY-NC-ND: https://github.com/LibreCybernetics/awesome-copyfarleft
π€fabianhjr
Do HITRUST next. I use field guide and am not a huge fan. Plenty of pop there
π€bloopscooppoop
π@malwr
GitHub
GitHub - bmarsh9/gapps: Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCIβ¦
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking - bmarsh9/gapps
π₯1
A vulnerability in NETGEAR AFPD, Apple Filing Protocol daemon process allows LAN side attackers to cause the product to overflow a buffer due to a pre-auth vulnerability
π£SSDisclosure
π@malwr
π£SSDisclosure
π@malwr
SSD Secure Disclosure
SSD Advisory β NETGEAR R7800 AFPD PreAuth - SSD Secure Disclosure
A vulnerability in NETGEAR AFPD, Apple Filing Protocol daemon, process allows LAN side attackers to cause the product to overflow a buffer due to a pre-auth vulnerability.
Investigating Infected Windows with Volatility Framework | TryHackMe
In this video walk-through, we covered using the Volatility framework to analyze and investigate the memory of an infected machine with ransomware.
Video is here
π£MotasemHa
π@malwr
In this video walk-through, we covered using the Volatility framework to analyze and investigate the memory of an infected machine with ransomware.
Video is here
π£MotasemHa
π@malwr
YouTube
How to Use Volatility to Investigate Infected Windows | TryHackMe | Memory Forensics
In this video walk-through, we covered using the Volatility framework to analyze and investigate the memory of an infected machine with ransomware.
****
Memory Forensics with Volatility Framework Playlist
https://www.youtube.com/playlist?list=PLqM63j87R5β¦
****
Memory Forensics with Volatility Framework Playlist
https://www.youtube.com/playlist?list=PLqM63j87R5β¦
π2
Advances in Digital Forensics through Artificial Intelligence - Call for papers
π£digicat
π@malwr
π£digicat
π@malwr
Elsevier
Advances in Digital Forensics through Artificial Intelligence - Call for papers - Computers & Security - Journal - Elsevier
Computers & Security is one of the most respected journals in IT security, being recognized worldwide as THE primary source of reference for IT security reseaβ¦
Infrastructure Resilience Planning Framework (IRPF) - v1.1 - November 2022 - from CISA
π£digicat
π@malwr
π£digicat
π@malwr
Cybersecurity and Infrastructure Security Agency CISA
Infrastructure Resilience Planning Framework (IRPF) | CISA
This planning framework provides processes and a series of tools and resources for incorporating critical infrastructure resilience considerations into planning activities.
Department of Defense Releases Zero Trust Strategy and Roadmap > U.S. Department of Defense > Release
π£digicat
π@malwr
π£digicat
π@malwr
U.S. Department of Defense
Department of Defense Releases Zero Trust Strategy and Roadmap
The Department of Defense released its Zero Trust Strategy and Roadmap and intends to implement distinct capabilities and activities as outlined in the strategy by FY27.
Places to find a mentor?
Does anyone have any resources or places to possibly find a mentor for the IR space? Iβm an early professional, and started on an IR team a few months ago and am looking for a mentor to guide me more of the technical aspects of DFIR.
Thanks!
π£hoolahoop222
If you have a job and it is a big company they tend to host mentorships.
If you are in college there tends to host mentorships programs. At least back in the day they used to have FBI and Government employees stop by and help with mentoring and shadowing.
It seems tho with everyone being a university student and graduating but here asking the same question idk if University do this stuff anymore.
π€MDCDF
?? Donβt you usually find mentors through networking or at your place of employment?
π€ucfmsdf
Take a look at CFCE from IACIS. You will learn a lot and will be assigned a coach to help you.
π€lithium630
π@malwr
Does anyone have any resources or places to possibly find a mentor for the IR space? Iβm an early professional, and started on an IR team a few months ago and am looking for a mentor to guide me more of the technical aspects of DFIR.
Thanks!
π£hoolahoop222
If you have a job and it is a big company they tend to host mentorships.
If you are in college there tends to host mentorships programs. At least back in the day they used to have FBI and Government employees stop by and help with mentoring and shadowing.
It seems tho with everyone being a university student and graduating but here asking the same question idk if University do this stuff anymore.
π€MDCDF
?? Donβt you usually find mentors through networking or at your place of employment?
π€ucfmsdf
Take a look at CFCE from IACIS. You will learn a lot and will be assigned a coach to help you.
π€lithium630
π@malwr
reddit
Places to find a mentor?
Does anyone have any resources or places to possibly find a mentor for the IR space? Iβm an early professional, and started on an IR team a few...