APT notes
@aptnotes
https://otx.alienvault.com/user/aptnotes http://keybase.io/aptnotes
You might like
Have you ever wondered what are the main sources of Windows vulns in kernel mode. I went through Microsoft's CVE portal over the past three years to find out which Windows km components have been patched most frequently - consuming company's resources. aibaranov.github.io/windrivers/
How to develop an Adversary Emulation Plan: youtu.be/1N49x1EWw7s @aptnotes
youtube.com
YouTube
Developing An Adversary Emulation Plan
Incredible. CERT India published a list of file hash IOCs as an image and have also turned off right-click on their website 🤣 smh 💀
When a vendor shares IOC's in an image so you can't copy paste the SHA256
NEW: @apple announces #LockdownMode, a major change to iPhone security that promises to help high risk users + other actions to hold the mercenary spyware industry to account nr.apple.com/d2I3Q1s4s0 My thread w context & details 👇
For at least a decade, an interlocking set of Indian APT groups has been hacking lawyers & litigants on behalf of Western private eyes. Their goal? Winning lawsuits & arbitration battles. @specialreports takes a look at India's cyber mercenary industry. reuters.com/investigates/s…
oh cool and it looks like our Github webhook died, off to fix that -- anywho -- we merged the tools fix from github.com/Taskr repo this morning #infosec #DFIR #aptnotes
apologies all for the masso backlog -- things have been crazy busy in the "things we get paid to do" category -- we are working through it and trying to sort out better forms of automation #DFIR #infosec #aptnotes
Dear dear #infosec vendors, here’s an idea: maybe you could make a PDF version of your reporting so it’s easier to save for posterity. I know of a group that would really appreciate not having to modify things by hand so it doesn’t look like vomit #DFIR
github.com/aptnotes/data/… Add multiple reports Fixes #187 Fixes #186 Fixes #185 Fixes #182 Fixes #177 Fixes #176 Fixes #175 Fixes #174 Fix...
github.com/aptnotes/data/… Add multiple reports Fixes #197, Fixes #196, Fixes #194, Fixes #193, Fixes #192, Fixes #191, Fixes #190, Fixes #...
github.com/aptnotes/data/… updated to add tools link
ADVISORY: We have identified a new version of the Turla group’s Neuron malware which has been modified to evade previous detection methods. See our updated report here ncsc.gov.uk/alerts/turla-g…
ADVISORY: We have identified a new version of the Turla group’s Neuron malware which has been modified to evade previous detection methods. See our updated report here ncsc.gov.uk/alerts/turla-g…
We've released the APT3 Adversary Emulation Plan based on ATT&CK. These plans help describe a threat group's behavior for the purposes of testing security. Special thanks to @ckorban, Doug Miller, Adam Pennington, and @its_a_feature_ for their work attack.mitre.org/wiki/Adversary…
we concur
If you are writing or consuming reports that include assessments of adversary campaigns or activity groups be sure to read the Diamond Model activeresponse.org/wp-content/upl…
United States Trends
- 1. Daboll 36.2K posts
- 2. Pond 238K posts
- 3. Schoen 18.6K posts
- 4. Schoen 18.6K posts
- 5. Veterans Day 21.4K posts
- 6. Giants 71.9K posts
- 7. Joe Burrow 5,663 posts
- 8. Go Birds 11.5K posts
- 9. Dart 23.3K posts
- 10. Kim Davis 12.8K posts
- 11. #ROBOGIVE 1,075 posts
- 12. Joe Dirt N/A
- 13. Marines 61.5K posts
- 14. Zendaya 8,114 posts
- 15. #jimromeonx N/A
- 16. Hanoi Jane 1,005 posts
- 17. Jeffries 40.8K posts
- 18. Johnny Carson N/A
- 19. Semper Fi 11.7K posts
- 20. Mike Kafka 2,743 posts
You might like
-
Nextron Systems
@nextronsystems -
Steve YARA Synapse Miller
@stvemillertime -
Joe Security
@joe4security -
Seongsu Park
@unpacker -
volatility
@volatility -
Bart
@bartblaze -
Christopher Glyer
@cglyer -
Tom Hegel
@TomHegel -
MalShare
@mal_share -
Hybrid Analysis
@HybridAnalysis -
Andreas Sfakianakis / @[email protected]
@asfakian -
Matthew Dunwoody
@matthewdunwoody -
Philippe Lagadec @ UYBHYS
@decalage2 -
Devon Kerr
@_devonkerr_ -
DeepBlue Security & Intelligence
@DeepBlueInfoSec
Something went wrong.
Something went wrong.