Table of Contents
- Trustwave Expands Fusion Capabilities in Pacific
- 5 Major Takeaways From Microsoft’s July Patch Tuesday
- Mandiant launches Breach Analytics for Google Chronicle – Cybersecurity Careers Blog
- Threat actor naming conventions: a big mess!
- AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud
- Thales to Create a World-class Global Cybersecurity Leader, Acquiring US-based Cyber Champion Imperva from Thoma Bravo
- Vulnerability in Ivanti Endpoint Manager Mobile: Tenable
- NETSCOUT introduces next generation Omnis Cyber Intelligence solution
- Announcing The Detection And Response Development Lifecycle (DR-DLC) For Detection Engineering
- NETSCOUT Releases Next Generation Omnis Cyber Intelligence for Advanced Network Detection and Response
- NETSCOUT Releases Next Generation Omnis Cyber Intelligence for Advanced Network Detection and Response
- Kyndryl guns for $47B managed security services market with new offerings – Channel Asia
- The Atypical OSINT Guide. The most unusual OSINT guide you’ve… | by Officer’s Notes | Jul, 2023 …
- SSH and Security Orchestration, Automation, and Response
- Kaspersky launches new Professional Services Packages for SMBs
- Google Messages Getting Cross-Platform Finish-to-Finish Encryption with MLS Protocol
Trustwave Expands Fusion Capabilities in Pacific
ACSM_admin
With our Fusion expansion, we can continue to partner closely with our Pacific clients to address the changing nature of cyberattacks, while keeping their data close to home.” While all Pacific client data ingested into the Fusion platform will remain within Australia, the company says that clients will still benefit from the actionable insights of Trustwave’s global SpiderLabs Threat Intelligence and scale of its leading-edge security operations centre (SOC) teams.Jason Whyte said, “In response to market demand, we’re proud to be able to fill a glaring gap in the industry by delivering cybersecurity services that are infused with global threat intelligence and can operate on a global scale, all while providing local data storage.” For companies focused on measuring and managing risk, Trustwave also offers managed security testing (MST), which is a subscription-based managed vulnerability scanning and penetration testing service.
Link: https://australiancybersecuritymagazine.com.au/trustwave-expands-fusion-capabilities-in-pacific/
5 Major Takeaways From Microsoft’s July Patch Tuesday
Tara Seals, Managing Editor, News, Dark Reading
/d/d-id/1338368
1.
Microsoft has released 79 security updates on July Patch Tuesday, addressing nearly 180 CVEs in products such as Windows, ChakraCore, Office, Silverlight, SQL Server, and others.
2.
Of the 79 security updates, 11 are rated “Critical” and the remining 68 “Important” in severity.
3.
Microsoft released fixes for zero-day vulnerabilities in Windows 7, specifically CVE-2020-1350 and CVE-2020-1480, which have been discussed in the security community, have been actively exploited, and could allow an attacker to take full control of a system.
4.
Microsoft issued an Emergency Out-Of-Band Update (EOU) to address a spoofing vulnerability (CVE-2020-1372).
This update affects all versions of Windows from Windows 7 to Windows 10, and should be applied as soon as possible.
5.
Microsoft pushed out four virtual patching security advisories that address vulnerabilities in several products, including Internet Explorer and Office, but don’t contain CVE numbers as the company is still patching those issues.
It suggests users apply the workarounds outlined in the advisories until the vulnerabilities
Link: https://www.darkreading.com/remote-workforce/5-major-takeaways-july-patch-tuesday
Mandiant launches Breach Analytics for Google Chronicle – Cybersecurity Careers Blog
Rob Waters
Key capabilities of Mandiant Breach Analytics will help enable organizations to: – Strengthen cyber defense posture – Gain insight on breach activity in IT environments – Analyze cloud-sale security data – Build resilience against threats that matter most – Reduce the cost of current approaches Mike Armistead, Head of Mandiant Advantage Product, elaborated on the impact Breach Analytics should make in customer environments.
Link: https://www.cybercareers.blog/2022/10/mandiant-launches-breach-analytics-for-google-chronicle/
Threat actor naming conventions: a big mess!
The task of adversary attribution and how it should be done is a controversial topic in the cyber threat intelligence community.
This is because there is no standardized way of doing attribution, starting with naming the threat actors.
Each security company has its own telemetry, data, standards, procedures and confidence levels.
This is the main reason why most CTI teams use their own naming scheme.
Here are some examples where the classification method is officially known:
CrowdStrike
Uses nickname plus species of animals, each assigned to a specific country/category:
|Name||Nation-state or Category|
|BEAR||RUSSIA|
|BUFFALO||VIETNAM|
|CHOLLIMA||DPRK (NORTH KOREA)|
|CRANE ROK||(REPUBLIC OF KOREA)|
|JACKAL||HACKTIVIST|
|KITTEN||IRAN|
|LEOPARD||PAKISTAN|
|LYNX||GEORGIA|
|OCELOT||COLOMBIA|
|PANDA||PEOPLE’S REPUBLIC OF CHINA|
|SPIDER||ECRIME|
|TIGER||INDIA|
|WOLF||TURKEY|
Examples
Mandiant
Uses numbered APT, FIN and UNC groups.[name]||A candidate-name is selected once further evaluation is warranted|
|3||Advanced Persistent Threat (APT) or Financially Motivated Threat Group (FIN)||Once the motivation is established, the appropriate type is selected, and a formal name is selected|
Examples
Recorded Future
Uses a color plus phonetic alphabet:
|Color||Nation-state or Category|
|RED||PEOPLE’S REPUBLIC OF CHINA|
|GREEN||IRAN|
|PURPLE||NORTH KOREA|
|BLUE||RUSSIA|
|GRAY||CYBERCRIME|
Examples
Microsoft
According to a
recent taxonomy update,
threat actor groups will be named after weather events.|Name||Nation-state or Category|
|Typhoon||PEOPLE’S REPUBLIC OF CHINA|
|Sandstorm||Iran|
|Rain||Lebanon|
|Sleet||North Korea|
|Blizzard||Russia|
|Hail||South Korea|
|Dust||Turkey|
|Cyclone||Vietnam|
|Tempest||Financially motivated|
|Tsunami||PSOAs|
|Flood||Influence operations|
|Storm||Groups in development|
Examples
Secureworks
Uses elements plus nickname:
|Element||Nation-state or Category|
|BRONZE||PEOPLE’S REPUBLIC OF CHINA|
|ZINC||INDIA|
|COBALT||IRAN|
|NICKEL||NORTH COREA|
|TUNGSTEN||SOUTH KOREA|
|COPPER||PAKISTAN|
|ALUMINUM||PALESTINE|
|IRON||RUSSIA|
|PLATINUM||UNITED STATES|
|TIN||VIETNAM|
|GOLD||CYBERCRIME|
Examples
IBM
Uses numbered ITG or Hive.
Link: https://andreafortuna.org/2023/07/17/threat-actor-naming-conventions-a-big-mess/
AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud
script
This article discusses a sophisticated cloud-credential stealing and cryptomining campaign targeting Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP) environments.
It is believed to be linked to the TeamTNT threat actor, and has been making incremental refinements since December.
Key takeaways:
The same core attack scripts are being used in the AWS, Azure, and GCP campaigns.
The threat actor has begun targeting exposed Docker services as of last month.
The threat actor is prepping an “aggressive cloud worm” designed to deploy in AWS environments.
Counter arguments:
The Azure and GCP capabilities are less developed than the AWS tooling.
The attacker is likely only testing its tools in Azure and GCP environments.
Link: https://www.darkreading.com/cloud/aws-cloud-credential-stealing-campaign-spreads-azure-google
Thales to Create a World-class Global Cybersecurity Leader, Acquiring US-based Cyber Champion Imperva from Thoma Bravo
Business Wire
NEW YORK, July 25, 2023 /PRNewswire/ — Today, Gem Security, the industry leader in cloud detection and response, announced a strategic investment from Silicon Valley CISO Investments (SVCI).
One of the most highly regarded investment collectives in technology today, SVCI is an investment syndicate comprised of the world’s leading Chief Information Security Officers (CISOs).
Gem Security’s industry-leading platform automates Cloud Detection and Response (CDR).
Gem gives security operations teams a turn-key solution to detect threats, investigate alerts, and contain attacks in the cloud in real-time.
Gem’s solution analyzes data from infrastructure-as-a-service (IaaS) platform telemetry and APIs, as well as third-party integrations like identity providers and ticketing systems.
When Gem detects an attack, it fuses information from all cloud data sources to automate the construction of threat timelines and visualizations, immediately providing full context on every user, machine, or other cloud entity involved in the incident.
With this acquisition, Thales is taking its cybersecurity business to the next level.
Imperva will enable growth in data security and Thales’ entry into the attractive application security market.
Thales total cybersecurity business will generate more than € 2.4 billion revenues2.
The transaction price is based on a $3.6 billion enterprise value1.
Significant value creation for Thales shareholders:
$110 million of run rate cost and revenue synergies
Financial profile of DIS segment enhanced
Significant medium-term adjusted EPS accretion
Transaction adjusted ROCE3 above WACC in Year 5 post-closing
Imperva’s integration into Thales will significantly expand Thales’ addressable market in an already fast-growing sector.
The new financial targets set for Thales’ Digital Identity and Security (DIS) activity are:
2024-2027 organic sales growth: +6 to +7%,
2027 EBIT3 margin to reach 16.5%.
The acquisition is in line with Thales’ disciplined capital deployment framework, with no impact on the Group existing dividend policy or ongoing share buyback programme.
Closing of the transaction is expected by the beginning of 2024, upon completion of customary anti-trust and regulatory approvals.
Link: https://www.businesswire.com/news/home/20230724699723/en
Vulnerability in Ivanti Endpoint Manager Mobile: Tenable
Technology for You
A vulnerability has been discovered in Ivanti Endpoint Manager Mobile that allows unauthenticated access to specific API paths.
Exploiting this vulnerability grants attackers access to users’ personally identifiable information (PII) on vulnerable systems, including names, phone numbers, and other mobile device details.
Additionally, attackers can carry out other configuration changes, even creating an administrative account within EPMM to make further modifications to the system.
Ivanti has reported that a credible source has provided information regarding active exploitation of this vulnerability.
To safeguard our system and the sensitive data it holds, we must take swift action.
With patches available for this flaw, organisations that utilise Ivanti Endpoint Manager Mobile (formerly MobileIron Core) should apply these patches immediately.
Link: https://www.technologyforyou.org/vulnerability-in-ivanti-endpoint-manager-mobile-tenable/
NETSCOUT introduces next generation Omnis Cyber Intelligence solution
Help Net Security
OCI is an advanced network detection and response (NDR) solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.
Next-generation features include:
Hierarchical threat detection that combines ML-based behavioral analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence.
A new security event dashboard with mappings to the MITRE ATT&CK framework that reduces the time needed for security operations center (SOC) teams to triage alerts and conduct more efficient threat analysis.
Enhanced data optimization and export capabilities that improve and reduce the cost of integration into existing security ecosystems such as Splunk, Palo Alto Networks, or custom data lakes.
Link: https://www.helpnetsecurity.com/2023/07/25/netscout-oci-solution/
Announcing The Detection And Response Development Lifecycle (DR-DLC) For Detection Engineering
Allie Mellen
Announcing The Detection And Response Development Lifecycle (DR-DLC) For Detection Engineering
The security operations center (SOC) has reached the same tipping point that software development faced many years ago: It’s dealing with too much data (big data and log management), struggling to innovate and update monolithic software (detection and incident response processes), and lacking ownership beyond initial deployment (content management).In this blog, we get into one of the most critical principles: following a development lifecycle, specifically the detection and response development lifecycle (DR-DLC).I was a software developer in a previous life, and I’ve seen our clients leverage a development lifecycle in their detection engineering practice to build, test, update detections, and improve analyst experience.Apply The Principles Of Software Development To Detection And Response Engineering
Software development frameworks such as the software development lifecycle (SDLC) provide a foundation for development improvement and differentiation, with a central focus on business value.
Link: https://www.forrester.com/blogs/announcing-the-detection-and-response-development-lifecycle-dr-dlc-for-detection-engineering/
NETSCOUT Releases Next Generation Omnis Cyber Intelligence for Advanced Network Detection and Response
Business Wire
WESTFORD, Mass.–(BUSINESS WIRE)–NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT), a leading provider of enterprise performance management, carrier service assurance, cybersecurity, and DDoS protection solutions, today announced its next-generation Omnis Cyber Intelligence (OCI) solution.
OCI is an advanced network detection and response (NDR) solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.
Next-generation features include:
Hierarchical threat detection that combines ML-based behavioral analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence.
A new security event dashboard with mappings to the MITRE ATT&CK® framework that reduces the time needed for security operations center (SOC) teams to triage alerts and conduct more efficient threat analysis.
Enhanced data optimization and export capabilities that improve and re
Link: https://www.businesswire.com/news/home/20230725543135/en/
NETSCOUT Releases Next Generation Omnis Cyber Intelligence for Advanced Network Detection and Response
Business Wire
WESTFORD, Mass.–(BUSINESS WIRE)–NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT), a leading provider of enterprise performance management, carrier service assurance, cybersecurity, and DDoS protection solutions, today announced its next-generation Omnis Cyber Intelligence (OCI) solution.
OCI is an advanced network detection and response (NDR) solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.
Next-generation features include:
Hierarchical threat detection that combines ML-based behavioral analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence.
A new security event dashboard with mappings to the MITRE ATT&CK® framework that reduces the time needed for security operations center (SOC) teams to triage alerts and conduct more efficient threat analysis.
Enhanced data optimization and export capabilities that improve and re
Link: https://www.businesswire.com/news/home/20230725543135/en/
Kyndryl guns for $47B managed security services market with new offerings – Channel Asia
Julia Talevski (ARN)
Kyndryl, an IBM-spinoff, has officially launched today with new offerings to help companies build and secure cloud-based applications faster.
The company will use AI-driven insights to help enterprises become more agile and secure in their cloud-based operations.
Kyndryl is setting its sights on the estimated USD$47 billion managed security services market with its new product set.
The company’s assortment of AI-driven technologies include a modern cloud cost and security platform designed to help companies organize, secure, and optimize their public cloud services; an operations platform to simplify and automate cloud operations; a suite of cloud compliance and security products to help close policy and compliance gaps; a cloud security strategy consultancy offering to guide organizations to better align with future requirements; and a cloud security staffing solution.
The goal is to provide customers with a single source of cloud security expertise and tools, so that they can focus on the bigger picture tasks of innovation and product delivery.
Kyndryl is confident that its advanced automated cloud tooling and offerings can provide substantial cost savings to businesses while enhancing their overall security posture.
Cyndryl is also aiming to provide a better customer experience than what is currently available from current cloud security vendors.
Kyndry
Link: https://www.arnnet.com.au/article/708182/kyndryl-guns-for-47b-managed-security-services-market-with-new-offerings/
The Atypical OSINT Guide. The most unusual OSINT guide you’ve… | by Officer’s Notes | Jul, 2023 …
Officer’s Notes
Today I would like to talk about how to become a good OSINT investigator, but to continue the conversation I would like to make a small disclaimer — I will tell you only some aspects because the topic is very vast and I can not describe everything in a single guide, however, I will try to show you the way and how to pass this path.osint.sh All in One OSINT Tools List The Not Yet Exploited Goldmine of OSINT: Opportunities, Open Challenges and Future Trends Always think twice before acting, follow the law, and follow the OpSec rules.That is my vision, which I hope you will embrace…
Intelligence Studies: Types of Intelligence Collection Understanding the Different Types of Intelligence Collection Disciplines inteltechniques.com A History of OSINT: From Informing Spies to Detecting Lies Open Source Intelligence Investigation: From Strategy to Implementation Rverse Image Search May the Force be with you!Introduction: Civil OSINT To begin with, I want to say that I will consider OSINT as a set of skills or a mindset, because it can be directly related to doxing, military GEO-INT performed by a security company employee or just media OSINT performed by a VC fund employee in order to find new projects for investment, taking the theory of handshakes as a basis…
OSINT Is A State Of Mind Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) A Brief History of Open Source Intelligence How OSINT powered the largest criminal investigation in US history …Or even a crypto-forensics specialist investigating a major Web3.0 hack case.Meet the Blockchain Detectives Who Track Crypto’s Hackers and Scammers Special «Blockchain Investigations» Compilation How I investigate crypto hacks and security incidents: A-Z On-Chain Investigations Handbook The Beginner’s Guide to Open-Source Intelligence (OSINT): Techniques and Tools Awesome Intelligence All of what I said above you can develop in yourself, but the essence of all directions is the same — the ability to notice valuable information, anomalies, see the differences, carefully analyze the facts and build a logical chain — while being in the flow of information.SERM ORM Examples of opsec and privacy fails when doing OSINT WhatBreach More OpSec Studies Basic OPSEC Tips & Tricks for OSINT researchers The Osint Me ultimate guide to Telegram OSINT and privacy Dork yourself before “someone” does I would like to give you the first lesson, all resources which I will advise you — I studied by myself earlier:
So You Think You Can Google?— Workshop With Henk van Ess OSINT Origins #1 — Jean-Marc Manach/@manhack An Awesome OSINT Mind-map Telegram & Discord Security Best Practices A definitive guide to generating usernames for OSINT purposes Resisting Deterministic Thinking Mind-Mapping First, let’s break down such a concept as mind-mapping.Top OSINT & Infosec Resources for You and Your Team (2022 Edition): 100+ Blogs, Podcasts, YouTube, Books, and more!Understanding OSINT Fundamentals, according to VEEXH : a.
Grasp the concept of OSINT and its significance in intelligence gathering.b.
Familiarize yourself with the types of OSINT sources (e.g., social media, public records, online forums, news outlets).By following this framework, beginners can systematically develop their OSINT skills and become proficient in open source intelligence collection, analysis, and dissemination.Sometimes ordinary people were able to solve crimes which the police could not solve for years with OSINT and GEOINT alone (I could put in here links to subreddits, movies and news but since you and I are now doing OSINT I advise you to find it on your own).GEOGUESSR SunCalc Calculator Mind Hacks — Psychological profiling, and mental health in OSINT investigations A Method for Teaching Open Source Intelligence (OSINT) Using Personalised Cloud-based Exercises Attack Simulations Method: Example Also check out: Alternate Reality Game reddit.com/r/ARG Net.art Applied Anthropology Research Methods Reflections on Becoming an Applied Anthropologist Applied Anthopology (really, study it!)Act like a Lion 🦁 obsidian.md OSINT Templates OSINT Browser Extensions Science + OSINT: Peering into the Mind: Psychological Profiling Through AI and Large Language Models..
Occam’s razor How Occam’s Razor Works Occam’s Razor as a Scientific Principle CASE STUDY: Personality Profiling and the Power of OSINT An Enriched Threat Intelligence Platform for improving OSINT correlation, analysis, visualization and sharing capabilities ‘Deduction’ vs. ‘Induction’ vs. ‘Abduction’ The Difference Between Deductive and Inductive Reasoning Induction Rhetoric Deductive and Inductive Reasoning: Definition, Differences & Examples Practising: So, follow OpSec rules and don’t make too many mistakes.Call of PSYOPS OSINT Trends for 2023 and Beyond The Wide-Ranging Uses of OSINT in Military Intelligence Publicly Available Information (PAI) Explained Publicly Available information: The Digital Battlefield Better Utilizing Publicly Available Information Practices of Science: False Positives and False Negatives False Positives and False Negatives in Information Security Minimize False Positives in Your OSINT Investigations Cognitive bias mitigation & decision-making when doing OSINT: There are no perfect practitioners-analysts, everyone makes mistakes and gets into difficult ambiguous situations (at least once in their life), all the more in conditions of acutely intensive and chronic work overload.Cognitive vulnerabilities (in the established understanding) are exposures and/or tendencies to defects in thinking: significant cognitive distortions, erroneous beliefs, cognitive biases (biases), or stereotyped patterns of thinking that create the basis for a person’s predisposition to cognitive failures and lead to distortions and dysfunctions of thought processes .DMBOK2 US Comission Report — 2005 5 Cognitive Biases could affect your OSINT investigations Most of us experience ‘gut feelings’ we can’t explain, such as instantly loving (or hating) a new property when we’re househunting or the snap judgments we make on meeting new people.The Potential of Integrating Intelligence and Intuition Social Engineering and the Protection of High-Value Targets Trace My Shadow Game What we talk about when we talk about OSINT Publicly Available Information: The Secret to Unclassified Data, Part I & Copy Also: According to wondersmith_rae : In classical rhetoric, the “elements of circumstance” created by Aristotle have been used to analyze rhetorical questions for ages.The Power of Shutting Down Your Senses: How to Boost Your Creativity and Have a Clear Mind Training Yourself to be an Analytical Thinker Using the OSINT Mind-State for Better Online Investigations Latest Trends in SOCMINT, OSINT & Cyber-Psychology 5 Cognitive Biases That Could Affect Your OSINT Investigations Citizen OSINT Analysts: Motivations of Open-Source Intelligence Volunteers New guide on investigating and mapping perpetrators in open-source investigations An Overseas Businessman Died and Left Me $4.6M, So I Used OSINT & Social Engineering to Scam a Scammer Cchatgpt-unlock-geolocation-data Telegram-osint-vm-part-2 Studies in Intelligence Safeguarding OSINTers: Shielding Against Disinformation Manipulation Unveiling the Digital Detective: Essential OSINT Tools and Techniques for Investigators.Beginners Field Guide: Where & How to Learn OSINT Traps used by cyber detectives… MAC Address Investigation The ULTIMATE Guide to Writing Intelligence Reports… Business Resilience Resources Person OSINT investigation workflow from a privacy perspective Setting Your Moral Compass: A Workbook for Applied Ethics in OSINT Reddit Bureau of Investigation The Dark Arts of OSINT OSINT Wiki OSINT Map Also check out: Recent surveys show that over 97% of businesses store data in the Cloud.Criminals Language from a Psycholinguistics point of view USING LANGUAGE ANALYSIS FOR IDENTIFYING AND ASSESSING OFFENDERS Forensic Psycholinguistics Using Language Analysis for Identifying and Assessing The Ultimate Guide to Human Intelligence (HUMINT) Undermining social engineering using open source intelligence gathering Signal OSINT — SIGINT E-Discovery, Forensics, and Open Source Intelligence in Legal Research From Dissent to OSINT?A system for organizing, collecting, and presenting open-source intelligence Training & Practicing Good training materials:
Python for OSINT 21 days Googledorking + dorksearch.com Searchlightosint Shodan Geolocatingimages Instruments-on-the-radio-waves + websdr.org + try 😅 Somesint osintframework.com OSINT At Home YouTube Playlist myosint.training Awesome Cyber Skills Awesome Maps Here is a very good brain-stretching game will help to train associative thinking — a very important skill for anyone in OSINT :
Wikipedia:Wiki Game When I was young we played «5 steps till Ragnarok» — the goal was to find the page about this myth in 5 steps (5 clicks) from any random Wikipedia page!🙂
Follow top OSINT specialists: twitter.com/UKOSINT — news, tools, jokes twitter.com/dutch_osintguy — famous specialist, speaker twitter.com/jakecreps — posts awesome tools every Thursday twitter.com/OSINTtechniques — follow the Digital Bread Crumbs The Sleuth Sheet OSINT Essentials Sector035 — Week in OSINT Igor S.
Bederov — Sherlock Holmes of the digital age… twitter.com/OSINTHK — volunteers using OSINT A global OSINT Community — OSINT Community from France twitter.com/OSINT_Research — tools and awesome data twitter.com/OSINTtechniques — tools and awesome data twitter.com/OsintJobs — jobs in OSINT www.reddit.com/r/OSINT — the biggest thematic subReddit Channels about OSINT, Hacking, Security and so on More Resources: In addition to its traditional function of enabling less miscalculated decisions, the audience of modern intelligence is growing beyond state or corporation leadership, and is expanding to the public.Awesome OSINT + Crypto Google Hacking GOSI: GIAC Open Source Intelligence SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis Inteltechniques.net IT security lecture r4ven Tool Unredacter forensicdots.de Meta-secret App Image Research OSINT 15 tools you should know as a security analyst Portable Secret App Open Source Intelligence Techniques The Internet Intelligence & Investigation Handbook NATO OSINT HandBook osintnewsletter.com Geolocation OSINT geodetective.io Yet another awesome OSINT book Social Media OSINT Fascinating Search Engines That Search for Faces OSINT Tools MegaList Future of OSINT: People Searching with ChatGPT Geolocation: At The Retail Park Tools (AI, ChatGPT, ML, Others): In recent years, public interest in open-source intelligence gathering and analysis has increased exponentially.OSINT Tools Map Sherlock gpt.censys.io ChatGeoPT ChatGPT for OSINT: Example | Tip: Use deepl.com Emoji OSINT Advangle searchcode.com dorkgpt.com OSINT & ChatGPT: 103 Ideas OSINT + AI OSINT — SAN OSINT Buddy ChatGPT: The AI-Powered Secret Weapon for OSINT Do not treat a tool like a silver buller for all task!The New OSINT Cheat Code: ChatGPT Harnessing the Power of ChatGPT for OSINT: A Practical Guide to Your AI OSINT Assistant Awesome Free ChatGPT Offensive AI Bitcoin Investigation Manual AML Choosing a Pathway to Follow… Some will enjoy analyzing images , satellite images , calculating time and place from the angle of shadows from a photo , or measuring mountain peak size in order to perform private detective investigations.Explore data terminals: Open-Source Intelligence (OSINT) Reconnaissance A collection of several hundred online tools for OSINT This page is for anyone who loves open source investigating Start.me + OSINT Open-Source Intelligence (OSINT) in 5 Hours — Full Course — Learn OSINT!OSINT Cheatsheet The Application of Abductive and Retroductive Inference for the Design and Analysis of Theory-Driven Sociological Research Abduction as an Aspect of Retroduction Abduction as an Aspect of Retroduction — 2 Abductive reasoning You may even want to de-anonymize telegram users ( read this channel ) or, conversely, join counter-OSINT bros.But in doing so, I urge you not to forget the key skills of information retrieval, information analytics, and information application…
Counter OSINT Guide HUMINT VS Social Engineering Resources From oblivion to illumination.— Knowmad OSINT The Art of Attack Ontology Population for Open-Source Intelligence Cryptography & OSINT — The fundamentals Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks) OSINT: username search tool Geolocation Challenge Writeup All About Web Recon & OSINT Immersive & Gamified Learning: Games (b) Join communities, of course and chat, chat!DozoR Team Night Game Codebreaking GeoCaching Escapology Lock-Picking Check out: Ingress Geocaching Escapology Best Tool For Information Gathering 🔎 Awesome Intelligence OSINT-Games: kasescenarios.com Sourcing.games OSINT Exercise #018 osint.games spyingchallenge.com 10 Beginner OSINT CTF Solutions More OSINT CTFs OSINT Challenges List — Reddit 2 great OSINT Training Tools OSINT-Related Games — Reddit The 10 best location-based games 7 Geolocation Games to Get You Exploring the Outdoors Location-based game What is a Fox Hunt in Ham Radio?Comprehensive Counter OSINT Counter OSINT Open Source Intelligence Investigation: From Strategy to Implementation Intelligence in the internet age: The emergence and evolution of Open Source Intelligence (OSINT) A Guide to Open-Source Intelligence (OSINT) Intelligent evidence: Using open source intelligence (OSINT) in criminal proceedings The Intelligence Cycle: Generating OSINT from OSINF Since this is an atypical guide, I think it’s worthwhile to offer you a list of TV shows and movies that I think involve OSINT in one way or another:
SEARCHING The Most Hated Man on the Internet Why Did You Kill Me?Web of Make Believe: Death, Lies and the Internet Don’t F**k With Cats: Hunting an Internet Killer Reddit Ruined Their Lives: The Innocent Victims Of Internet Justice Cyber Hell: Exposing an Internet Horror Who Am I — Kein System ist sicher The History of Analog Horror Dark Web: Cicada 3301 Movie 43 (LOL) Mr.Robot Open Windows Män som hatar kvinnor References: Open Source Intelligence, commonly referred to as OSINT, is the collection, collation, and analysis of publicly available information.OSINT Movies List OSINT Movie Time for the Holidays The best films about OSINT Intelligence Television and Movies About Spies, Spying, Intelligence and Espionage DOD film list — spreadsheet version Week in OSINT 2020–12 ARG SubReddit OSINT SubReddit Blockchain OSINT John Doe Strikes Again Measurement and Signature Intelligence (MASINT) One Search To Rule Them All — Boolean Searches For Images SOC Puppet Creation Guide The Three Types of Intelligence for Threat Intelligence: A Comprehensive Guide Unmasking OSINT: A Data Aggregation Journey OSINT Bookshelf: My recently read OSINT & security books — recommendations geodetective.io Training The Open Source Intelligence Analysis Bookshelf 7 OSINT Books Every Analyst Should Read Books by Michael Bazzell What to read to understand intelligence and espionage The Official CIA Manual of Trickery and Deception — H.
Keith Melton, Robert Wallace (2009) & Link & Link2 Offensive OSINT Tools Spycraft & Link Ultimate Spy Bestselling Books by Kevin Mitnick Zettelkasten Method: Zettelkasten Method With Obsidian- How to Take Smart Notes Setting Up a Zettelkasten in Obsidian: More Than a Note-Taking App obsidian-zettelkasten Getting started with Zettelkasten Awesome OSINT OSINT Guide Work: A-Z I would see it as learning a foreign language.“There’s No Such Thing As Open Source Intelligence” How to Become an Open-Source Intelligence (OSINT) Investigator Actually a great book about attacks & defenses OSINT Guide — Open Source Intelligence The Art of Proactive Defense: Mastering Threat Hunting with OSINT Tools The Missing Semester of Your OSINT Education OSINT For Searching People AaronCTI’s OSINT Resource Collection Work: anonfriendly.com osintjobs I’ll show you how to make money using OSINT Python for OSINT 21 days osintjobs.sociallinks.io On-Chain Investigations Tools List How to find a job in Web3?PRs are… github.com
Support is very important to me, with it I can spend less time at work and do what I love — educating DeFi & Crypto users 💖
If you want to support my work, please consider donating me to the address:
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A — ERC20 & ETH officercia.eth 17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU — BTC 4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR You can also send me a donation to the address from this repository !
Link: https://officercia.medium.com/the-atypical-osint-guide-ad1ce6bde895
SSH and Security Orchestration, Automation, and Response
admin
SSH and Security Orchestration, Automation, and Response (SOAR) – In today’s world, security is a top priority for organizations of all sizes.Two crucial tools for enhancing security are Secure Shell (SSH) and Security Orchestration, Automation, and Response (SOAR).In this article, we’ll explore what SSH and SOAR are, how they work, and how they can be used together to improve security in your organization.SOAR, or Security Orchestration, Automation, and Response, is a software platform that helps organizations manage security incidents more efficiently.It provides a centralized platform for security teams to manage security alerts, automate security processes, and orchestrate responses to security incidents.SOAR also provides a centralized platform for security teams to manage security alerts, track incident response activities, and generate reports.By integrating these two tools, you can leverage the benefits of both to create a more robust security infrastructure.Secondly, it enables you to automate security processes and orchestrate responses to security incidents using SOAR.One example is using SSH to access remote servers to perform vulnerability scans, while using SOAR to automate the process of identifying and prioritizing vulnerabilities.Another example is using SSH to access remote servers to perform forensic analysis, while using SOAR to automate the process of collecting and analyzing forensic data.Secondly, ensure that SOAR is configured correctly to automate security processes and orchestrate responses to security incidents effectively.Finally, ensure that security teams are trained on how to use SSH and SOAR effectively.Conclusion
In conclusion SSH and Security Orchestration, Automation, and Response (SOAR)Security Orchestration, Automation, and Response SOAR are two important tools that can be used to strengthen security in your organization.By integrating these two tools, you can leverage the benefits of both to create a more robust security infrastructure.While there are some challenges associated with integrating SSH and SOAR, following some best practices can help you overcome these challenges and enhance security in your organization.
Link: https://ssh.1suara.com/ssh-and-security-orchestration-automation-and-response-soar
Kaspersky launches new Professional Services Packages for SMBs
Press Release
Kaspersky’s new Professional Services Packages for SMBs cover the most in-demand cybersecurity needs: Assessment, Deployment and Configuration.There’s also a Health Check service offering three different levels of coverage, deployment of Kaspersky Endpoint Security for Business, Kaspersky Security for Virtualization Light Agent, Kaspersky Security Center Cloud Console and Kaspersky EDR Optimum, and Upgrade for Kaspersky Endpoint Security for Business.Kaspersky Professional Services packages for SMBs includes five packages:
Health Check Service Package Analysis of the customer’s policies, audit, health check, identification of current and potential issues in the customer’s Kaspersky infrastructure, reporting and recommendations.
Link: https://www.zawya.com/en/press-release/companies-news/kaspersky-launches-new-professional-services-packages-for-smbs-qmjaz732
Google Messages Getting Cross-Platform Finish-to-Finish Encryption with MLS Protocol
Dilanka Fernando
Google Messages is getting cross-platform, end-to-end encryption with the MLS protocol.
The Google Messages app has seen a steady stream of updates over the past few months, with the newest being the addition of cross-platform end-to-end encryption to the messaging app.
The end-to-end encryption is provided through the Message Layer Security (MLS) protocol, an end-to-end encryption protocol led by Google, Apple, and many other partners.
The MLS protocol allows users to send end-to-end encrypted messages to anyone, even if they’re using another messaging app, as long as that other messaging app is also using the MLS protocol.
This new feature is a major step forward for Google Messages, and a big boost for its growing number of users.
The end-to-end encryption provided by the MLS protocol also helps to keep private conversations private, providing another layer of security and peace of mind to users.
With this feature, users can rest assured that their conversations are secure, even if they’re using an app other than Google Messages to chat with their friends and family.
Link: https://trendingtechnews.online/google-messages-getting-cross-platform-end-to-end-encryption-with-mls-protocol/