Blog and monthly digest of Cyber Threat Intelligence (CTI) information sources, tools, articles, events, and helpful tips.

Latest

Nov
15

Sources & Methods Newsletter #20 - November 2024

šŸ“ Sources OSSF Malicious Package Registry - theĀ Securing Critical Projects Working GroupĀ of theĀ Open Source Security Foundation (OpenSSF) maintains
2 min read
Jul
09

Sources & Methods Newsletter #19 - July 2024

Welcome to issue #19 of the Sources & Methods newsletter! I paused for a bit while visiting London and Dublin,
2 min read
Apr
28

Sources & Methods Newsletter #18 - April 2024

Welcome to the April 2024 issue of the Sources & Methods newsletter! This month, we dive into the importance of
2 min read
Mar
29

Backdoor Discovered in xz/liblzma Compression Library

A sophisticated backdoor was uncovered in recent versions of the widely-used xz/liblzma compression library, potentially compromising any Linux system
2 min read
Mar
10

Sources & Methods Newsletter #17 - March 2024

šŸ“ Sources Cloud Threat Landscape - Cloud-focused compilation of incidents, targeted tech, threat groups, tools, and techniques. Maintained by Wiz, who
2 min read
Jan
29

Sources & Methods Newsletter #16 - January 2024

Happy New Year! I hope your holidays were restful and you're ready to get back to it. At
2 min read
Dec
22

Sources & Methods Newsletter #15 - December 2023

I hope everyone had a great yearā€”it was for Sources & Methods: * Moved the newsletter to Ghost.io to
3 min read
Dec
14

Evilginx Phishing Proxy

Learn about the threat of free Adversary-in-the-Middle (AiTM) phishing proxy Evilginx and how to mitigate it.
4 min read
Nov
22

Sources & Methods Newsletter #14 - November 2023

Have questions or suggestions? Send them my way at sources.methods@protonmail.com. Thanks for reading, Matthew Conway (@mattreduce) šŸ“ Sources
2 min read
Oct
17

Sources & Methods Newsletter #13 - October 2023

šŸ“ Sources Living off the Foreign Land Cmdlets and Binaries - In the style of LOLBins, a collection of trusted Microsoft
2 min read