5am, 3 months ago to Cybersecurity

Every time I think I'm pronouncing #SIEM correctly, I hear it pronounced the other way and I doubt myself. Is it "seem" or "sim", or is it just preference? #cybersecurity

r1cksec, 3 months ago to infosec

A cool post about how to search for threats in Windows services🕵️‍♂️​

https://detect.fyi/threat-hunting-suspicious-windows-service-names-2f0dceea204c?gi=25697c91242b

#infosec #cybersecurity #dfir #threatintel #windows #siem

chiefgyk3d, 4 months ago to infosec

Had a meeting with #Datadog last week about their #SIEM option and they were showing how we can gather information from #InfoSec Twitter with IoC and such information discovered. I interjected and said basically, "With InfoSec Twitter pretty much dead can we use Mastodon if we just setup our own API connections?" They said that's of no issue. So yes #Mastodon will be a source of information we can analyze, and no it will not be running off this server
#Cybersecurity #OpenSource

deltatux, 5 months ago to random

There is a new remote code execution vulnerability in Splunk that has been recently disclosed. It has a CVSS score of 8.8/10 and is currently tracked as CVE-2023-46214.

Splunk recommends admins to upgrade to 9.0.7 or 9.1.2 depending on which branch you're currently on.
www.helpnetsecurity.com/2023/11/27/cve-2023-46214-poc/

#Splunk #RCE #vulnerability #patch #SIEM #CVE_2023_46214

infosec_jobs, 7 months ago to infosec

HIRING: Cyber Security Specialist, SIEM Operations / Ottawa, ON 👉 https://infosec-jobs.com/J44189/ #InfoSec #infosecjobs #CyberSecurity #CyberCareer #cyber #security #Debian #jobsearch #CISSP #hiring #HybridWork #bankofcanada #ottawa #ONjobs #SIEM #blueteaming

thefreehunter, 7 months ago to random

Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.

#libwebp #cve20234863 #blastpass #splunk #siem

chiefgyk3d, 10 months ago to pfSense

I’m about $300 away from my goal of purchasing a new #pfsense firewall. Once I transfer everything to the new firewall I will try and do a #twitch stream setting up a firewall from scratch using my cell backup internet. Then once I run through that for y’all I will wipe it clean and make the current box a @grafana and #SIEM box using #Wazuh probably.

So if you want to help out please tip me in my links or subscribe on #tiktok or twitch #streamer #linux #opensource #cybersecurity #infosec

bitwarden, 10 months ago to Cybersecurity

Not using Splunk Enterprise? Use Bitwarden APIs to ingest events to the tool of your choice! Learn more here: https://bitwarden.com/blog/using-splunk-with-bitwarden-password-manager/

#cybersecurity #passwordmanager #passwordmanagement #passwordsecurity

anton_chuvakin, 10 months ago to random

Episode 125 "Will #SIEM Ever Die: SIEM Lessons from the Past for the Future" of Cloud Security Podcast where hosts Anton Chuvakin and Timothy Peacock interview David Swift at Netenrich, Inc. about that eternal theme: SIEM

https://cloud.withgoogle.com/cloudsecurity/podcast/ep125-will-siem-ever-die-siem-lessons-from-the-past-for-the-future/

bitwarden, 11 months ago (edited 11 months ago) to Cybersecurity

Did you know Bitwarden has an official Splunk app? Use it to add #SIEM protection to Bitwarden accounts and the credentials within! https://bitwarden.com/blog/using-splunk-with-bitwarden-password-manager/

#cybersecurity #security #passwordsecurity #passwordmanager