Microsoft Azure Sentinel: Adding TLPs (Traffic Light Patterns) to Incidents, Alerts and Analytics Rules
Basic and quick write up I did for a client. Figured might be useful for someone.
https://medium.com/@truvis.thornton/microsoft-azure-sentinel-adding-tlps-traffic-light-patterns-to-incidents-alerts-and-analytics-f05e0b2f171e
๐ฃthattechkitten
๐@malwr
Basic and quick write up I did for a client. Figured might be useful for someone.
https://medium.com/@truvis.thornton/microsoft-azure-sentinel-adding-tlps-traffic-light-patterns-to-incidents-alerts-and-analytics-f05e0b2f171e
๐ฃthattechkitten
๐@malwr
Medium
Microsoft Azure Sentinel: Adding TLPs (Traffic Light Protocol) to Incidents, Alerts and Analyticsโฆ
Just like we label documents, it would be nice to label incidents or rules with the TLP so people instantly know if something can or canโtโฆ
Malware News pinned ยซGuys with premium telegram account, boost please: https://t.me/malwr?boostยป
How to Get a Reverse Shell on macOS Using A Flipper Zero as a BadUSB
๐ฃcybersourcenews
You plug it in.
๐คOne_Doubt_75
๐@malwr
๐ฃcybersourcenews
You plug it in.
๐คOne_Doubt_75
๐@malwr
Affordable SIEM labs/learning
Besides setting up a home lab to learn SIEM tools, are there pre-made SIEM labs one can purchase? More importantly, any Splunk training available that are not from Spunk? Which SIEM tools should one focus on? Apologies if this was similarly asked.
๐ฃgreytrain09
Elasticsearch has a nice huge swath of FREE to use
๐คsirrush7
Immersive labs have splunk and elastic
Blue team level 1 uses splunk
Titan labs do ArcSight
๐คReverse_Quikeh
๐@malwr
Besides setting up a home lab to learn SIEM tools, are there pre-made SIEM labs one can purchase? More importantly, any Splunk training available that are not from Spunk? Which SIEM tools should one focus on? Apologies if this was similarly asked.
๐ฃgreytrain09
Elasticsearch has a nice huge swath of FREE to use
๐คsirrush7
Immersive labs have splunk and elastic
Blue team level 1 uses splunk
Titan labs do ArcSight
๐คReverse_Quikeh
๐@malwr
Reddit
From the cybersecurity community on Reddit
Explore this post and more from the cybersecurity community
Malware News pinned ยซGuys with premium telegram account, boost please: https://t.me/malwr?boostยป
An open source list of malicious domains. Updating in real time.
If you are interested, you can contribute the project.
https://github.com/scafroglia93/blocklists
โน๏ธ Sent from one of our channel members
๐@malwr
If you are interested, you can contribute the project.
https://github.com/scafroglia93/blocklists
โน๏ธ Sent from one of our channel members
๐@malwr
GitHub
GitHub - scafroglia93/blocklists
Contribute to scafroglia93/blocklists development by creating an account on GitHub.
๐2
A problem with .NET Self-Contained Apps and how to pop calculators in dnSpy - or be careful when analysing .NET code from untrusted sources with dnSpy
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
Washi
A problem with .NET Self-Contained Apps and how to pop calculators in dnSpy
Programming languages that operate on a virtual machine often promise safety guards against many unsafe operations. However, virtual machines can have pretty serious bugs. In this post, we explore one interesting limitation of self-contained applicationsโฆ
Computer System Interrupts: Details how hardware and software components interact to handle interrupts efficiently. Flowchart, Code, and Real-world Example.
๐ฃSoggy_Dingo_2767
๐@malwr
๐ฃSoggy_Dingo_2767
๐@malwr
Datastructure Digest
Computer System Interrupts
Computer System Interrupts From pressing a key on your keyboard to displaying text on the screen, computer system interrupts play a key role. This blog post will review the hardware and software interactions facilitating this process.