Issue 6  

Welcome

Welcome New and Current Members :)

Glad to have Returning Members and also New Members.

Be sure to visit our website and Pay your Annual Dues. Only members that pay dues will have access to Chapter special events and online content.

July 28th, we had a fantastic presenter. Many thanks to Jon Gorenflo, Founder of Fundamental Security.

Many Thanks for your support.

ISC2CT  

GitTech (Use Caution)

GitHub - fastfire/deepdarkCTI: Collection of Cyber Threat Intelligence sources from the deep and dark web

Collection of Cyber Threat Intelligence sources from the deep and dark web - GitHub - fastfire/deepdarkCTI: Collection of Cyber Threat Intelligence sources from the deep and dark web

github.com  

GitHub - mattnotmax/cyberchef-recipes: A list of cyber-chef recipes and curated links

A list of cyber-chef recipes and curated links. Contribute to mattnotmax/cyberchef-recipes development by creating an account on GitHub.

github.com  

GitHub - Yamato-Security/hayabusa: Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Main Goals Threat Hunting and Enterprise-wide DFIR Hayabusa currently has over 2400 Sigma rules and over 130 Hayabusa built-in detection rules with more rules being added regularly. It can be used for enterprise-wide proactive threat hunting as well as DFIR (Digital Forensics and Incident Response) for free with Velociraptor's Hayabusa artifact. By combining these two open-source tools, you can essentially retroactively reproduce a SIEM when there is no SIEM setup in the environment. You can learn about how to do this by watching Eric Cupuano's Velociraptor walkthrough (on site).

Fast Forensics Timeline Generation Windows event log analysis has traditionally been a very long and tedious process because Windows event logs are 1) in a data format that is hard to analyze and 2) the majority of data is noise and not useful for investigations. Hayabusa's goal is to extract out only useful data and present it in a concise as possible easy-to-read format that is usable not only by professionally trained analysts but any Windows system administrator. Hayabusa hopes to let analysts get 80% of their work done in 20% of the time when compared to traditional Windows event log analysis...

github.com  

Cyber News

North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware - Microsoft Security Blog

A group of actors originating from North Korea that MSTIC tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name.

microsoft.com  

(1) New Messages!

Topics that are top of mind for the week ending July 15 | Government cybersecurity efforts tripped by technical debt. Neglect SaaS security at your own risk. A ranking of the most dangerous software weaknesses. Lessons learned about critical infrastructure security. And much more!

tenable.com  

How Microsoft and Google use AI red teams to “stress test” their systems

Since 2019, some Big Tech firms have implemented AI red teams to reveal shortcomings, biases, and security flaws.

emergingtechbrew.com  

Purple Team Interactive Poster Walkthrough | SANS Institute

Join SANS Purple Team courses author and Senior Instructor, Erik Van Buggenhout, and SANS Purple Team Ambassador and Principal Instructor, Jorge Orchilles, as they walk you through the new, innovative, and interactive Purple Team Poster. Download the poster ahead of time here: https://www.sans.org/posters/purple-concepts-bridging-the-gap/

A Purple Team is a collaboration between multiple information security skill sets, that means this webcast is for everyone: Cyber Threat Intelligence, Blue Team, and Red Team. Erik and Jorge will cover the basics of Purple Team to get you started on your journey. They will then walk you through how to navigate the interactive poster to find what you need, when you need it. The webcast will be packed with info on 3 different threat actors, how to emulate them, and how to detect and respond to their behaviors/TTPs.

sans.org  

How to Access the Dark Web Safely in 2022 - YouTube

Tor...Tails...and more.

youtube.com  

Blake Lemoine, Who Claimed an AI Bot Was Sentient, Was Fired by Google

Blake Lemoine published conversations between himself and the Google AI chatbot LaMDA, which led him to believe the bot was sentient.

businessinsider.com  

No spam, EVER. We'll never share your email address and you can opt out at any time. Newsletter is sent on the first of every month.