If you missed the first #ATTACKCon, let me catch you up in this thread: First, YES IT WAS RECORDED👍: ▫️Day 1 Morning: youtube.com/watch?v=NVgqx7… ▫️Day 1 Afternoon: youtube.com/watch?v=9Uhupy… ▫️Day 2 Morning: youtube.com/watch?v=LxzVtf… ▫️Day 2 Afternoon: youtube.com/watch?v=4saExq…

oscd.community progress presented yesterday on EU ATT&CK workshop. it is prolonged for a week! thanks to: Thomas Patzke Freddy Dezeure John Lambert Saâd Kadhi (M: https://infosec.exchange/@saadk) Alexandre Dulaunoy @[email protected] Victor Sergeev sn0w0tter mrblacyk Dan hack_lu @HelpAG_ME Cindicator Attack Detection @TietoCorp

In 2020, the conference will take place from the 20th until the 22nd of October. But also: * Blackhoodie: 17th - 19th * MISP (@[email protected]) summit: 19th * ATT&CK: 23rd And if you want to (re)watch the talks: administraitor.video/edition/Hack.l… (thanks to Cooper)

The coolest chart I saw at #ATTACKcon yesterday: techniques covered by data source (thanks Andy Applebaum)! Though there's some nuance/interpretation required here, overall this helps make a great case for the importance of process creation logging and many network data sources.

Verifying myself: I am zinin on Keybase.io. sBQAw7RH67nSxzrF8O1YCp05AsgByH5O2mk8 / keybase.io/zinin/sigs/sBQ…

Paged Out! #2 (Nov 2019) is out! And it's free to download :) pagedout.institute/?page=issues.p… This issue has 55 articles in 11 categories: Programming OS Internals Assembly Operating Systems GameDev Electronics Security/Hacking SysAdmin Reverse Engineering Algorithms Writing Articles

Just recently I recommended Cliff Stoll’s book ‘The Cuckoo’s Egg’ If your “want to read” book 📚 stack is as high as mine, you can watch Cliff’s keynote of CrowdStrike’s conference in Nov17 to get a summary or the right mood to finally start the book 😁 youtu.be/ddAtMMDeeq8

Looking for anything to do this weekend? 😊 ATT&CK open sourced its website code & I created a Docker image to automate the installation and help others in the community to start playing with it! 🍻💜 Docker Image: github.com/hunters-forge/… Docs: blacksmith.readthedocs.io/en/latest/atta…

⚙️Account Logon Flow / Process (#Windows) v0.1 📕[PDF]:speakerdeck.com/rimpq/account-… 🔗[DIRECT]:speakerd.s3.amazonaws.com/presentations/… ...for self understanding logon flow / process in windows system. Special thanks to Andrei Miroshnikov💪 "Find Evil – Know Normal" #SANS #threathunting #blueteam

We've got a huge pending pull request on our Sigma repo from many different contributors created during the OSCD sprint in October this year Pull request from `oscd` branch github.com/Neo23x0/sigma/… OSCD Sigma Sprint oscd.community

1. Create file containing only "0". 2. Check the digital signature with #PowerShell 3. Observe your file is properly signed by Microsoft. Are you still thinking that digital signatures are complicated? :D

Looking to up your game on using ATT&CK for #CTI? Katie Nickels and Adam Pennington recently recorded the ATT&CK for CTI training that they created and taught to multiple audiences over the past year. Exercises and links to the videos are now up at attack.mitre.org/training/cti.

Community based defense is a universal message. Thanks to the Russian infosec community who translated my post on the Githubification of InfoSec 🙏 🆕habr.com/en/post/487584/ How did it happen? By a pull request how else! Special thanks to Dan for leading the effort.

Dan Thanks to the contributors on twitter (noesall Timur Zinniatullin kekeke Suslik @alienjolka Dan @l1c3t @denisbalan), github, and beyond! 🙏🤜🤛👍

And it's merged into the master branch! Thanks to all contributors for their awesome work!

Got my first ever report resolved on HackerOne - hackerone.com/reports/881004, nothing special but it's a start anyway (: Thanks to yaworsk "Web Hacking 101", to PortSwigger "Web App Hacker's Handbook", OWASP® Foundation for the testing guide, and STÖK ✌️ for inspiration! #bugbounty

Glad to help

I've earned the Throwback Badge on TryHackMe for Hacking Throwback by exploiting a Windows AD network tryhackme.com/zinin/badges/t… #tryhackme by

Just merged the huge OSCD pull request into the Sigma master branch. Lots of new and improved rules. Big thanks to all contributors, it was a pleasure to review!

Today I finally got my #CISSP ! It feels great to become a member of ISC2 after all the effort.