apologies all for the masso backlog -- things have been crazy busy in the "things we get paid to do" category -- we are working through it and trying to sort out better forms of automation #DFIR #infosec #aptnotes

oh cool and it looks like our Github webhook died, off to fix that -- anywho -- we merged the tools fix from github.com/Taskr repo this morning #infosec #DFIR #aptnotes

Just added the 500th report to #aptnotes! #infosec #DFIR

For at least a decade, an interlocking set of Indian APT groups has been hacking lawyers & litigants on behalf of Western private eyes. Their goal? Winning lawsuits & arbitration battles. Reuters Investigates takes a look at India's cyber mercenary industry. reuters.com/investigates/s…

NEW: @apple announces #LockdownMode, a major change to iPhone security that promises to help high risk users + other actions to hold the mercenary spyware industry to account nr.apple.com/d2I3Q1s4s0 My thread w context & details 👇

When a vendor shares IOC's in an image so you can't copy paste the SHA256

Incredible. CERT India published a list of file hash IOCs as an image and have also turned off right-click on their website 🤣 smh 💀

How to develop an Adversary Emulation Plan: youtu.be/1N49x1EWw7s APT notes

Have you ever wondered what are the main sources of Windows vulns in kernel mode. I went through Microsoft's CVE portal over the past three years to find out which Windows km components have been patched most frequently - consuming company's resources. aibaranov.github.io/windrivers/

please be gracious with us - we are dealing with some fun time shortage and technology issues atm - we love you, Happy New Year #infosec #DFIR #aptnotes

we concur x.com/RobertMLee/sta…

We've released the APT3 Adversary Emulation Plan based on ATT&CK. These plans help describe a threat group's behavior for the purposes of testing security. Special thanks to Chris Korban, Doug Miller, Adam Pennington, and Cody Thomas for their work attack.mitre.org/wiki/Adversary…

#DFIR #infosec #mobile #aptnotes EFF Lookout x.com/evacide/status…

#aptnotes #DFIR #infosec #Turla x.com/ncsc/status/95…

github.com/aptnotes/data/… updated to add tools link

github.com/aptnotes/data/… Add multiple reports Fixes #197, Fixes #196, Fixes #194, Fixes #193, Fixes #192, Fixes #191, Fixes #190, Fixes #...

github.com/aptnotes/data/… Update Readme

github.com/aptnotes/data/… Add multiple reports Fixes #187 Fixes #186 Fixes #185 Fixes #182 Fixes #177 Fixes #176 Fixes #175 Fixes #174 Fix...

Dear dear #infosec vendors, here’s an idea: maybe you could make a PDF version of your reporting so it’s easier to save for posterity. I know of a group that would really appreciate not having to modify things by hand so it doesn’t look like vomit #DFIR

#aptnotes #DFIR #infosec @FireEye x.com/campuscodi/sta…