Security Weekly NewsSubscribe
Vulnerability Management, Compliance Management, Phishing

Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News – SWN #353

Full Audio

View Show Index

Segments

1. Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News – SWN #353

Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News on the Security Weekly News.

Hosts

Professor at Roger Williams University
  1. 1. Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V
  2. 2. New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
  3. 3. Mandiant X/Twitter hacker linked to $900K cryptocurrency phishing scheme
  4. 4. SEC X/Twitter account hack: How 2FA could have stopped SIM swap scam
  5. 5. Crooks pose as researchers to retarget ransomware victims
  6. 6. US to hospitals: Meet security standards or no federal money
  7. 7. From work devices to resumes: Resources to help you navigate a layoff
  8. 8. Surveyed drivers prefer low-tech cars over data-sharing ones
Cyber security lead EMEA at Defence
  1. 1. Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats
    1. Zeek (formerly Bro): https://zeek.org/ - A powerful network traffic analyzer and intrusion detection system (IDS) that captures and analyzes full packet captures, enabling proactive threat hunting based on network behavior.
    2. Suricata: https://suricata.io/ - Open-source network IDS/IPS engine that monitors network traffic for indicators of compromise (IoCs) and other suspicious activity, offering real-time threat detection and prevention.
    3. Moloch: https://arkime.com/ - Large-scale full packet capture and search tool ideal for storing and analyzing massive amounts of network traffic data for retrospective threat investigations.
    4. Watcher: https://github.com/thalesgroup-cert/Watcher - Open-source threat hunting platform built with Django and ReactJS, providing a centralized hub for collecting, analyzing, and visualizing threat data to streamline proactive threat hunting efforts.
    5. TheHive Project: https://thehive-project.org/ - Open-source incident response platform that manages and responds to security incidents, integrating with various threat intelligence feeds for a holistic view of the threat landscape.
    6. MISP: https://github.com/MISP/MISP - Threat intelligence sharing platform enabling secure collaboration and data exchange between organizations to combat cyber threats collectively.
    7. TaxII: https://docs.oasis-open.org/cti/taxii/v2.1/csprd02/taxii-v2.1-csprd02.html - Standardized protocol for sharing threat intelligence data between different platforms and organizations, facilitating seamless information exchange for broader detection and mitigation efforts.
    8. Cortex Analyzers: https://github.com/TheHive-Project/Cortex-Analyzers - Collection of open-source threat intelligence analyzers for TheHive Project, enriching and analyzing threat data from various sources to enhance operational efficiency.
    9. Python Security Project: https://pypi.org/security/ - Extensive collection of open-source Python libraries for security researchers and developers, offering versatile tools for building custom security solutions and tools.

Related

Fortinet, Palo Alto, VMWare – PSW #852

Fast cars kill people, Apple 0-Days, memory safety, poisoning the well, babble babble and malware that tries really hard to be stealthy, Palto Alto and Fortinet have some serious new vulnerabilities, open-source isn't free, but neither is commercial software, get on the TPM bus, find URLs with stealth, stealing credentials with more Palto Alto and ...