Running EZ Tools Natively on Linux: A Step-by-Step Guide : https://www.sans.org/blog/running-ez-tools-natively-on-linux-a-step-by-step-guide/
Running EZ Tools Natively on Linux: A Step-by-Step Guide : https://www.sans.org/blog/running-ez-tools-natively-on-linux-a-step-by-step-guide/
Extracting Memory Objects with MemProcFS/Volatility3/Bstrings: A Practical Guide: https://medium.com/@cyberengage.org/extracting-memory-objects-with-memprocfs-volatility3-bstrings-a-practical-guide-3e4f84341a74
Canadian Electric Utility Hit by Cyberattack – Source: www.securityweek.com https://ciso2ciso.com/canadian-electric-utility-hit-by-cyberattack-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #IncidentResponse #NovaScotiaPower #securityweekcom #securityweek #Cyberattack #Electric #FEATURED #Utility #Canada #Emera
NIST released revision 3 of their security incident response document, the amazing 800-61r3 in April. I haven't read it yet, but I poured over the initial public draft a few months ago and it's really solid.
If you're interested in cybersecurity incident response, it's definitely worth a read:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r3.pdf
#Cybersecurity #IncidentResponse #InformationSecurity
Canadian Electric Utility Hit by Cyberattack https://www.securityweek.com/canadian-electric-utility-hit-by-cyberattack/ #IncidentResponse #NovaScotiaPower #cyberattack #electric #Featured #utility #Canada #Emera
Drum Roll!
Join us for the 37th Annual FIRST Conference from June 22-27, 2025 in Denmark, Copenhagen. Save the date for your favorite annual conference
#annualconference #incidentresponse #secconf #savethedate https://go.first.org/Nz2u9
Text file compression never ceases to amaze me. 900mbs of log files compresses to a single 50mb zip file. Always cool.
Thank you to @networkdefense for your continued support of #BSidesAugusta 2025. Your efforts help us empower more defenders!
#IncidentResponse #BlueTeam #InfoSec #CyberSecurity
Commvault’s March breach shows even the biggest players aren’t immune— a nation-state exploited a zero-day flaw, yet customer backups stayed safe. What does this mean for our digital defenses?
https://thedefendopsdiaries.com/commvaults-march-breach-lessons-in-cybersecurity-resilience/
#commvaultbreach
#cybersecurityresilience
#zerodayvulnerability
#incidentresponse
#cisa
UK's Co-op preemptively shut down parts of its IT after a cyberattack attempt—proving that even retail giants aren’t immune. How secure is our shopping experience these days? Read more.
https://thedefendopsdiaries.com/the-cyberattack-a-wake-up-call-for-retail-cybersecurity/
#retailcybersecurity
#cyberattack
#incidentresponse
#itsecurity
#dataprotection
Part 2 of our Threat Intelligence Q&A with TechWize.io CEO Adrien Cohen is now on-demand!
For our French-speaking audience, here is a sneak peek of one of the questions answered by Philippe Hameau
“Quels sont les pièges à éviter lors de l’intégration de la Threat Intelligence dans des processus de détection et de réponse aux incidents ?”
Want the answers to this and other critical Threat Intelligence questions? Watch the full discussion to uncover best practices and expert insights: https://app.livestorm.co/crowdsec/threat-intelligence-partie-2
Server exposed data from Miscorp S.A.
Miscorp was alerted about this situation, and the server is no longer exposed as of a few days ago.
The server exposed files such as: identity cards, electronic records of individual employment contracts, temporary certificates of no claims, diplomas, resumes, criminal background reports, and health cards.
Data of employees or former employees, including names, DPI, phone numbers, addresses, dates of birth, nationality, marital status, home ownership information, etc.
read more:
https://newschu.substack.com/p/misconfigurations-capitulo-11-servidor
Join us for this week's security communications drill designed to strengthen your communication skills during the chaos of a critical open-source vulnerability!
You’ll practice:
Creating effective technical communications for diverse stakeholders
Managing sensitive non-public vulnerability information
Coordinating emergency response across engineering teams
Balancing immediate mitigation with long-term security strategy
Leveraging personal relationships in the open-source community
Remember, you can now choose from two different time slots to fit your schedule.
Register at DiscernibleInc.com/drills
We appreciate @SteelgateL for sponsoring #BSidesAugusta 2025 at the Gold level. Your support is crucial for our mission!
#ThreatIntel #InfoSec #CyberSecurity #IncidentResponse
This is new. Attackers are stealing cloud CPU resources to train LLMs in big data rather than mining crypto.
I guess it is more profitable in the long run? I am curious who might be behind this activity.
Sam, is training #OpenAI on others IP getting too expensive?
This week's Discernible Drill is an incident involving open source dependencies.
Subscribe now to join one of our live sessions:
Wednesday, April 30, 1-2pm ET
Thursday, May 1, 1-2pm PT
DiscernibleInc.com/drills
ToyMaker’s LAGTOY backdoor is fueling CACTUS ransomware double extortion attacks! Discover how this cybercrime supply chain works and how to defend your org.
Learn more: https://zerodaily.me/blog/2025-04-26-toymaker-lagtoy-cactus-ransomware-supply-chain
Major data leak alert: A Microsoft Defender XDR false positive led to 1,700+ sensitive docs being exposed via ANY.RUN. Learn why detection tuning & user awareness matter for cloud security!
Learn more: https://zerodaily.me/blog/2025-04-26-microsoft-defender-xdr-false-positive-sensitive-documents-leak
Thanks to @SoteriaSecurity for being an awesome Basic sponsor of #BSidesAugusta! Your support is what makes the event a success.
#CyberSecurity #Networking #ThreatIntel #IncidentResponse