Top news of the week: 21.08.2020.
Null hypothesis, Federal Bureau of Investigation, Query language, Security, Detection theory, Information security
Mitre Attack
Research Casts Doubt on Value of Threat Intel Feeds
Two commercial threat intelligence services and four open source feeds rarely provide the same information, raising questions about how security teams should gauge their utility.
CISA Warns of Phishing Emails Delivering KONNI Malware
CISA has published an alert to provide information on attacks delivering the KONNI remote access Trojan
NSA and CISA Alert Highlights Urgency for OT Security
Let’s learn from the previous examples of economic warfare and use the detailed observations and recommendations from NSA and CISA to protect OT networks to our advantage.
Multiple Uninstallers Released for China-Linked 'GoldenSpy' Malware
Trustwave’s security researchers have identified a total of five uninstallers meant to remove the GoldenSpy backdoor from infected computers
RT @emerginged1: Our new Windows Enterprise Incident Response course, designed in partnership with @Mandiant, a @FireEye company, is now available online for the first time with EmergingEd.
Are you ready to train with the team that security experts turn to? Visit https://t.co/CTfqw4U8fx. https://t.co/AxihkySr88
OpenWindows Enterprise Incident Response
Learn the basics of Windows Enterprise incident response and threat hunting from the experts at Mandiant, powered by EmergingEd. Enroll today.
RT @falconforceteam: As of today, we will periodically release detection & hunting queries to detect advanced adversary techniques. Currently focused on DATP & Sysmon. Let us know what you think!
GitHub: https://t.co/QM01BZP4xe
Blog: https://t.co/Zgi3gBMi8t
OpenFalconForceTeam / FalconFriday
Bi-weekly hunting queries. Contribute to FalconForceTeam/FalconFriday development by creating an account on GitHub.
No one wants an adversary to penetrate their network. But it also presents a rare opportunity for #infosec practitioners to take steps including gathering their own intelligence. https://t.co/RtM1hjgbMg
OpenShields Up: A Good Cyber Defense Is an Active Defense
MITRE Shield offers a free resource for cyber defenders who want to take the advantage of what they can learn from intruders with an active defense.
RT @falconforceteam: As of today, we will periodically release detection & hunting queries to detect advanced adversary techniques. Currently focused on DATP & Sysmon. Let us know what you think!
GitHub: https://t.co/QM01BZP4xe
Blog: https://t.co/Zgi3gBMi8t
OpenIntroducing: Falcon Friday
Every two weeks on “Falcon Friday”, we’ll release hunting queries to detect offensive techniques.