taylorparizo

@taylorparizo@infosec.exchange

Cyber Threat Intelligence #ThreatIntel | Tracking threat actors and #Malware | Home barista

This profile is from a federated server and may be incomplete. Browse more on the original instance.

AAKL, to apple
@AAKL@noc.social avatar

deleted_by_author

    •
    taylorparizo,

    @AAKL @zdnet @lancewhit
    FINALLY. When I tried out Apple Music I didn't realize iTunes was the only way on Windows (web player doesn't count). Couldn't believe how horrendous iTunes was. It actually swayed my decision away from using Apple Music for that reason. I hope the new Windows app actually works

    taylorparizo, to homelab

    I'm planning to write an updated homelab guide on my blog this year but I think I'm about to rebuild some parts for a new purpose ๐Ÿ˜…โ€‹

    It might be time to try out OpenCTI given what I do in my lab should be representative of what I do during < dayjob >. That also means I need to tear down Wazuh and configure an ELK stack instead (resource constraint).

    taylorparizo,

    @ironicbadger That is true. I could at least focus on the infrastructure changes switching from VirtualBox on a shared desktop to a standalone Intel NUC running Proxmox.

    selenalarson, to random
    @selenalarson@mastodon.social avatar

    I hope someone will be keeping track of all the companies who have done mass layoffs that also run Super Bowl ads this weekend

    taylorparizo,

    @selenalarson I'll be keeping tabs
    https://layoffs.fyi/

    avuko, to nin

    deleted_by_author

    •
    taylorparizo,

    @avuko thanks I have my morning workout album now

    taylorparizo,

    @avuko as Trent Reznor intended

    taylorparizo, to random

    I saw an email about Proton Pass pricing changes and was worried at first. This is such a relief to know companies still value customers over profits. A notice about a price DECREASE because they're doing so well?! Never thought I'd see the day.

    taylorparizo, to random

    Looks like APT37 is continuing to distribute RokRAT through LNK files. Not much has changed in campaign activity since May of last year.

    https://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals/

    orci, to random
    @orci@mastodon.social avatar

    New web browser dropped.
    https://pissandshittium.org/

    taylorparizo,

    @rtificial @orci It's going to be good

    taylorparizo, to random

    MITRE just published the Sensor Mappings to ATT&CK Project (SMAP). SMAP builds on MITRE ATT&CK Data Sources by connecting the conceptual data source representations of information that can be collected to concrete logs, sensors, and other security capabilities that provide that type of data.

    https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/sensor-mappings-to-attack/
    https://center-for-threat-informed-defense.github.io/sensor-mappings-to-attack/

    BleepingComputer, to random

    Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps.

    https://www.bleepingcomputer.com/news/security/russian-military-hackers-target-nato-fast-reaction-corps/

    taylorparizo,

    @BleepingComputer
    APT28 loooooves that Outlook vulnerability

    https://infosec.exchange/@taylorparizo/111531266524692595

    taylorparizo, to Powershell

    Anyone know the status of lists on mastodon? I want to create a list for but I can only add people I follow. Seems redundant to follow people to create a list intended for content I don't want on my main feed.
    Also adding hashtags to the list would be very useful.

    taylorparizo,

    @jerry ah good to know it exists somewhere at least. I guess I should use my account there a bit more to see the difference.
    https://infosec.town/@taylorparizo

    taylorparizo,

    @jerry @computerywar Oh ok that makes sense. Thanks

    catsalad, to random

    Server has a strange log on it... ๐Ÿชต๐Ÿค”

    taylorparizo,

    @catsalad Time to use the Chainsaw
    https://github.com/WithSecureLabs/chainsaw

    nf3xn, to random
    @nf3xn@mastodon.social avatar

    deleted_by_author

    •
    taylorparizo,

    @nf3xn I need it for my meetings โ˜น๏ธ

    taylorparizo,

    @nf3xn

    video/mp4

    shellsharks, to infosec

    For folks out there, whatโ€™s your routine/strategy for โ€œstaying currentโ€ in the field? Iโ€™ve written about my daily reading routine here for anyone interested.

    https://shellsharks.com/notes/2023/11/06/keeping-current-in-infosec

    taylorparizo,

    @shellsharks RSS feed and Mastodon. I can no longer rely on algorithms to feed me recommended content because it all sucks. Reddit went downhill fast, most have ditched that other site, then bluesky and threads have very low interaction and infosec communities.
    Rather than bouncing around a lot, the two solutions I have work. Focus on using both to the best of your ability and be patient.

    taylorparizo, to Notion

    Ok Notion just wins in notetaking apps. Sometimes I'll read a writeup on my phone and think "this would be a good article to add to my Red Team notebook."
    When I send the article to that folder, it extracts all text and images to it's own page. Not only can I read/annotate through the whole article now, but if I ever search for something through my entire notebook, keywords from said article would be identifiable

    taylorparizo,

    @eric_capuano and just like all technology, when I want to reproduce something, it doesn't work. This was a few days ago and I just noticed today.

    jerry, to random

    To those people celebrating a year on the fediverse, Iโ€™m glad youโ€™re here and Iโ€™m honored to be part of this community weโ€™ve built together.

    Itโ€™s someone saying โ€œIโ€™m glad youโ€™re hereโ€

    taylorparizo,

    @jerry Wouldn't be here almost a year without your support

    dismantl, to random

    deleted_by_author

    •
    taylorparizo,

    @dismantl I rarely watch movies let alone TV shows. For over 5 years, the plex/sonarr/radar setup has been my streaming platform and itโ€™s all I need.

    taylorparizo, to random

    Only SANS can provide a python course for $8k
    https://www.sans.org/cyber-security-courses/automating-information-security-with-python/

    taylorparizo,

    @shellsharks For $8k I better become the documentation

    taylorparizo, to random

    Another way of implementing BYOVD to evade EDRs. MATA, linked to Lazarus, uses CallBackHell as a LPE exploit against CVE-2021-40449 to either execute with SYSTEM privileges or wipes pointers to kernel callback routines related to process/thread creation within specific drivers. Endpoint security products are then unable to monitor specific behavior.
    If a system patched that vulnerability, a second tool is used. This one takes two arguments: a driver file path and antivirus name to target. The driver used is ene.sys, developed by ENE Technology.

    It is becoming increasingly common to pair "EDR Evasion" with "BYOVD"

    https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • โ€ข
  • JUstTest
  • kavyap
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • tacticalgear
  • khanakhh
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • everett
  • ngwrru68w68
  • Durango
  • megavids
  • InstantRegret
  • cubers
  • GTA5RPClips
  • cisconetworking
  • ethstaker
  • osvaldo12
  • modclub
  • normalnudes
  • provamag3
  • tester
  • anitta
  • Leos
  • lostlight
  • All magazines
    •