Running EZ Tools Natively on Linux: A Step-by-Step Guide : https://www.sans.org/blog/running-ez-tools-natively-on-linux-a-step-by-step-guide/

Extracting Memory Objects with MemProcFS/Volatility3/Bstrings: A Practical Guide: https://medium.com/@cyberengage.org/extracting-memory-objects-with-memprocfs-volatility3-bstrings-a-practical-guide-3e4f84341a74

Canadian Electric Utility Hit by Cyberattack – Source: www.securityweek.com https://ciso2ciso.com/canadian-electric-utility-hit-by-cyberattack-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #IncidentResponse #NovaScotiaPower #securityweekcom #securityweek #Cyberattack #Electric #FEATURED #Utility #Canada #Emera

NIST released revision 3 of their security incident response document, the amazing 800-61r3 in April. I haven't read it yet, but I poured over the initial public draft a few months ago and it's really solid.

If you're interested in cybersecurity incident response, it's definitely worth a read:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r3.pdf

#Cybersecurity #IncidentResponse #InformationSecurity

Canadian Electric Utility Hit by Cyberattack https://www.securityweek.com/canadian-electric-utility-hit-by-cyberattack/ #IncidentResponse #NovaScotiaPower #cyberattack #electric #Featured #utility #Canada #Emera

Drum Roll! Join us for the 37th Annual FIRST Conference from June 22-27, 2025 in Denmark, Copenhagen. Save the date for your favorite annual conference #annualconference #incidentresponse #secconf #savethedate https://go.first.org/Nz2u9

Text file compression never ceases to amaze me. 900mbs of log files compresses to a single 50mb zip file. Always cool.

Thank you to @networkdefense for your continued support of #BSidesAugusta 2025. Your efforts help us empower more defenders!
#IncidentResponse #BlueTeam #InfoSec #CyberSecurity

Commvault’s March breach shows even the biggest players aren’t immune— a nation-state exploited a zero-day flaw, yet customer backups stayed safe. What does this mean for our digital defenses?

https://thedefendopsdiaries.com/commvaults-march-breach-lessons-in-cybersecurity-resilience/

#commvaultbreach
#cybersecurityresilience
#zerodayvulnerability
#incidentresponse
#cisa

UK's Co-op preemptively shut down parts of its IT after a cyberattack attempt—proving that even retail giants aren’t immune. How secure is our shopping experience these days? Read more.

https://thedefendopsdiaries.com/the-cyberattack-a-wake-up-call-for-retail-cybersecurity/

#retailcybersecurity
#cyberattack
#incidentresponse
#itsecurity
#dataprotection

Part 2 of our Threat Intelligence Q&A with TechWize.io CEO Adrien Cohen is now on-demand!

For our French-speaking audience, here is a sneak peek of one of the questions answered by Philippe Hameau

“Quels sont les pièges à éviter lors de l’intégration de la Threat Intelligence dans des processus de détection et de réponse aux incidents ?”

Want the answers to this and other critical Threat Intelligence questions? Watch the full discussion to uncover best practices and expert insights: https://app.livestorm.co/crowdsec/threat-intelligence-partie-2

Server exposed data from Miscorp S.A.

Miscorp was alerted about this situation, and the server is no longer exposed as of a few days ago.

The server exposed files such as: identity cards, electronic records of individual employment contracts, temporary certificates of no claims, diplomas, resumes, criminal background reports, and health cards.

Data of employees or former employees, including names, DPI, phone numbers, addresses, dates of birth, nationality, marital status, home ownership information, etc.

read more:

https://newschu.substack.com/p/misconfigurations-capitulo-11-servidor

Join us for this week's security communications drill designed to strengthen your communication skills during the chaos of a critical open-source vulnerability!

You’ll practice:

Creating effective technical communications for diverse stakeholders
Managing sensitive non-public vulnerability information
Coordinating emergency response across engineering teams
Balancing immediate mitigation with long-term security strategy
Leveraging personal relationships in the open-source community

Remember, you can now choose from two different time slots to fit your schedule.

Register at DiscernibleInc.com/drills

We appreciate @SteelgateL for sponsoring #BSidesAugusta 2025 at the Gold level. Your support is crucial for our mission!
#ThreatIntel #InfoSec #CyberSecurity #IncidentResponse

This is new. Attackers are stealing cloud CPU resources to train LLMs in big data rather than mining crypto.

I guess it is more profitable in the long run? I am curious who might be behind this activity.

Sam, is training #OpenAI on others IP getting too expensive?

This week's Discernible Drill is an incident involving open source dependencies.

Subscribe now to join one of our live sessions:

Wednesday, April 30, 1-2pm ET

Thursday, May 1, 1-2pm PT

DiscernibleInc.com/drills

ToyMaker’s LAGTOY backdoor is fueling CACTUS ransomware double extortion attacks! Discover how this cybercrime supply chain works and how to defend your org.

Learn more: https://zerodaily.me/blog/2025-04-26-toymaker-lagtoy-cactus-ransomware-supply-chain

Major data leak alert: A Microsoft Defender XDR false positive led to 1,700+ sensitive docs being exposed via ANY.RUN. Learn why detection tuning & user awareness matter for cloud security!

Learn more: https://zerodaily.me/blog/2025-04-26-microsoft-defender-xdr-false-positive-sensitive-documents-leak

Too Much Noise in DF/IR https://www.dfir.training/blog/too-much-noise-in-df-ir #DFIR #digitalforensics #incidentresponse

Thanks to @SoteriaSecurity for being an awesome Basic sponsor of #BSidesAugusta! Your support is what makes the event a success.
#CyberSecurity #Networking #ThreatIntel #IncidentResponse