Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News – SWN #353
Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News on the Security Weekly News.
Hosts
Doug White
Professor at Roger Williams University
- 1. Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V
- 2. New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
- 3. Mandiant X/Twitter hacker linked to $900K cryptocurrency phishing scheme
- 4. SEC X/Twitter account hack: How 2FA could have stopped SIM swap scam
- 5. Crooks pose as researchers to retarget ransomware victims
- 6. US to hospitals: Meet security standards or no federal money
- 7. From work devices to resumes: Resources to help you navigate a layoff
- 8. Surveyed drivers prefer low-tech cars over data-sharing ones
Aaran Leyland
Cyber security lead EMEA at Defence
- 1. Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats
- Zeek (formerly Bro): https://zeek.org/ - A powerful network traffic analyzer and intrusion detection system (IDS) that captures and analyzes full packet captures, enabling proactive threat hunting based on network behavior.
- Suricata: https://suricata.io/ - Open-source network IDS/IPS engine that monitors network traffic for indicators of compromise (IoCs) and other suspicious activity, offering real-time threat detection and prevention.
- Moloch: https://arkime.com/ - Large-scale full packet capture and search tool ideal for storing and analyzing massive amounts of network traffic data for retrospective threat investigations.
- Watcher: https://github.com/thalesgroup-cert/Watcher - Open-source threat hunting platform built with Django and ReactJS, providing a centralized hub for collecting, analyzing, and visualizing threat data to streamline proactive threat hunting efforts.
- TheHive Project: https://thehive-project.org/ - Open-source incident response platform that manages and responds to security incidents, integrating with various threat intelligence feeds for a holistic view of the threat landscape.
- MISP: https://github.com/MISP/MISP - Threat intelligence sharing platform enabling secure collaboration and data exchange between organizations to combat cyber threats collectively.
- TaxII: https://docs.oasis-open.org/cti/taxii/v2.1/csprd02/taxii-v2.1-csprd02.html - Standardized protocol for sharing threat intelligence data between different platforms and organizations, facilitating seamless information exchange for broader detection and mitigation efforts.
- Cortex Analyzers: https://github.com/TheHive-Project/Cortex-Analyzers - Collection of open-source threat intelligence analyzers for TheHive Project, enriching and analyzing threat data from various sources to enhance operational efficiency.
- Python Security Project: https://pypi.org/security/ - Extensive collection of open-source Python libraries for security researchers and developers, offering versatile tools for building custom security solutions and tools.