The SAVE Act could change how Americans register to vote. Find out what documents you need — state-by-state guide: www.savethevotes.org
#thesaveact #usa #democracy #voting #elections
Check out this blog post to learn more about our Incident Response team at Cisco Talos and how we can help your organization.
Experiencing a security incident? The Cisco Talos Incident Response team delivers fast, expert support to help you identify, contain and remediate threats when every second counts: www.youtube.com/watch?v=XFw0...
Quarterly Trends
Watch out for threat actors who try to reel you in! 🎣 Phishing to achieve initial access soared this quarter, comprising 50% of all Talos IR incidents. Read our Quarterly Trends report for Q1 2025: http://cs.co/633252gat3
Hot off the press! Check out the Talos 2024 Year In Review report to learn about threat actor activities we encountered last year.
The post-SB set list.. GNX
Get the latest on what our team is seeing in the quarterly trends report!
#dfir #cybersecurity
Found one of my favorites in the used bin at the record store today.
Cat Stevens - Buddha and the Chocolate Box (1974)
New addition to the family today, Tater Tot the tortoise. 🐢
#liltottie #tortoise
While there are some awesome methods to detect web shells with Yara, sometimes structured data can help solve the case. In this oversimplified example, I go over how you can use two artifacts with Velociraptor to help you find evil on your Linux server.
#dfir #blueteam #cybersecurity
While there are some awesome methods to detect web shells with Yara, sometimes structured data can help solve the case. In this oversimplified example, I go over how you can use two artifacts with Velociraptor to help you find evil on your Linux server.
#dfir #blueteam #cybersecurity
#Linux lacks a resource like the Windows Master File Table ($MFT). I've developed this #Velociraptor artifact to collect metadata from files and folders recursively in selected paths to create a bodyfile. This may bring an MFT-like feel to filesystem analysis. #dfir
github.com/chrisdfir/Ve...
Played The Incredible Machine a lot as a little kid. Same dev has a modern version on Steam. store.steampowered.com/app/241240/C...
#games #steam
"According to Cisco Talos’ data, roughly 60% of all email containing a QR code is spam."
Malicious QR codes - how big of a problem is it really? Check out this 60 second recap. The full analysis is available at cs.co/6010tMy7s
#cybersecurity #qrcodes #talosthings
Russian spies—likely Russia's GRU intelligence agency—used a new trick to hack a victim in Washington, DC: They remotely infected another network in a building across the street, hijacked a laptop there, then breached the target organization via its Wifi. www.wired.com/story/russia...
The 2025 Snort Calendar has arrived 🎉 This year’s theme is Video Games! To get your copy of the 2025 Snort Calendar, fill out our short survey here: cs.co/6018sNeKi Calendars will begin shipping in December 2024. U.S. shipping only, available while supplies last.
#cybersecurity #snort #talosthings
New edition of the Talos Threat Source Newsletter is out. Drums, leadership communications, and the intersection between. Good stuff although I wouldn't say Travis Barker is "easy".. those hands are fast.
#cybersecurity #threatintel #talosthings
Those children will have the strongest passwords in all of the land.
Topics covered with the kids:
- What is cybersecurity? (high level)
- How does the Internet work?
- Underwater sea cable map
- How technology can be used for bad
- Stranger danger
- Password security hands-on
- Don't click random things
#cybersecurity #education #teachin
Speaking at the elementary school teach-in tomorrow. Building a small cyber army one class room at a time. It's the long game...
#cybersecurity
🔥 You can now allow/block FQDNs using Windows Firewall
learn.microsoft.com/en-us/window...
Hey #infosec and #cybersecurity folks. I have a couple thinky questions I'd like to get perspective on:
- What makes a "good" cybersecurity partner in this day and age?
- What services or capabilities are table stakes for you?
always curious what you folks are seeing or would like to see
Random Monday thoughts…
As most of us have come here to find a safe haven from extremism, I feel it’s important not to use this sanctuary to intentionally sow further division.
Paraphrasing Ram Dass, “individualism leads to war, anger, insecurity, and fear.”
Securing a #web server? Consider using CSPBypass to check your HTTP headers for flaws in your Content Security Policies (CSP). Designed for ethical hacking, this is can be multi-purpose. Protect ya neck! #cybersecurity #blueteam #websecurity #http
github.com/renniepak/CS...
This git is full of resources for event logs/auditing. Covers everything from tool configs to audit cheatsheets to event attack chains and data samples. In #DFIR visibility is key. This is a solid resource for those responding to an incident or trying to prevent one. #grc
github.com/stuhli/aweso...
Beastie Boys - License To Ill
"Now here's a little story I've got to tell about three bad brothers you know so well"
Vulnerabilities from 2021 still haunt orgs. When I respond to attacks where these have been exploited I commonly hear "We were just about to upgrade that server next quarter." Yesterday's threats may still present risks today. Focus on asset and vulnerability management.. among other things.
Determining how a process interacted on a Linux host can be a hassle without the data laid out in front of you. The goal of the ProcFD output is to provide the analyst structured data for quick sorting, making the analysis of running processes more efficient. #linux #dfir
The response for this artifact has been overwhelmingly positive. I wanted to provide a screenshot of the output to illustrate the value to those who haven't had a chance to tinker. The ability to sort the filesystem output based on timestamps can be very helpful during an investigation.
#dfir #linux
