I love how this download and information isn't behind some sort of wall. Don't ever change Cisco Talos.

“Happy Holidays” - LastPass

Courses you can take in 2023 { for free }:

I think there is a solid middle ground that each org has to figure out for themselves- this isn't rocket science- but I'm generally a fan of less is more.

Certifications you can take in 2023 { for free }:

I was thinking about this last week... though I was thinking adversaries would offer paid services to fill out their org charts and criminal networks to help with attribution...

Some level of paranoia is healthy in the security space, but jumping to conclusions isn't. I'd recommend every team have a set of security checks they perform every time there is some level of IT disruption- knowing full well that 99.9% of the time it's not a security issue.

Great talk on ASO and CD/CR that's worth a watch if you're in the Defense/SecOps/IR space. youtu.be/62dNxb5bals?t=…

Great meeting with Rob Fuller & our Red Team earlier. We hit our highest payout month ever in December for our Vulnerability Disclosure Program! Thank you to all of our researchers out there. If you want to get involved, check out our program on bugcrowd - bugcrowd.com/united-vdp

It's almost as if storing all your secrets in one place and entrusting that knowledge to a company that prioritizes revenue first and foremost is a bad thing...

Ransomware actors aren't necessarily going after the big pay day anymore- most ransoms are running ~$200k. What this article is missing, is once inside and prior to deploying ransomware, actors are using BEC techniques to ensure they take home some money darkreading.com/attacks-breach…

lilly sharples If anyone wants to work on software at United Airlines, send me a DM. We have front end, mobile and Full stack dev roles as well as cloud ops jobs open. Come where you can have an impact and help 500K people a day get to the events in their lives that matter most! #beingunited

Some really great insights: The airlines’ cyber chief believes storytelling, facilitation, and a marketing mindset are vital for moving IT and cybersecurity up the organizational value chain to the benefit of the business overall. cio.com/article/480461

YES!!! This is awesome!

North Korean hackers have stolen more than $3 billion in crypto over the last 5 years, and their heists are now funding fully half of its ballistic missile program, alarming U.S. officials. Here's how they did it. w/ Robert McMillan wsj.com/articles/how-n…

Talos IR has repeatedly observed adversaries abusing VCAs in different ways during incident response engagements. These accounts are frequently leveraged for initial access and then used to move laterally through the organization’s network, especially when the victim hasn’t

This is one of the reasons why I struggle when it comes to trusting Microsoft. They created a target rich environment that helped incubate the cybersecurity problem, sat by and did next to nothing while it's been rampant, and now are profiting from it.

No, we aren’t turning the internet off @google. We experiment continuously to raise the cost of attacks for bad guys and are running a short test on a small # of very specific machines; testers have full internet access on other devices, and can also opt out of the test!

Hospital #ransomware have a huge impact on patient mortality, it turns out. WHO KNEW?? 42-67 deaths in just patients covered by Medicare in the US, not those covered by other insurance or those in other parts of the world. Cybersecurity is healthcare. buff.ly/3RgZAoO

Yes, it is the "if you're going to be at RSA..." time of year again! If you're going to be at RSA, I'd love to see you at my talk: "How I Screwed Up #ThreatHunting a Decade Ago, and How We're Fixing it Now with #PEAK" buff.ly/3TMOngF