Sign in Subscribe
2 min read Newsletter

Sources & Methods Newsletter #17 - March 2024

πŸ“ Sources

Cloud Threat Landscape - Cloud-focused compilation of incidents, targeted tech, threat groups, tools, and techniques. Maintained by Wiz, who add new incidents every week. I used FetchRSS to generate a feed I can subscribe to.

πŸ“° Information

Anton Chuvakin - Frameworks for DE-Friendly CTI (Part 5) #detection

Mandiant - AI and the Five Phases of the Threat Intelligence Lifecycle #tooling #AI

Robin Dimyanoglu - Geopolitical Cyber Risk: Going Beyond the Industry and Region #landscape #threatmodeling

Vertex Project - Vertex Tag Tree Overview #tooling #taxonomies

@BushidoToken - Tracking Adversaries: UAC-0050, Cracking The DaVinci Code #groups

Pulsedive - CTI Networking Report 2024 #sharing

Proofpoint - Bumblebee Buzzes Back in Black #malware #analysis

Objective See - Apple Gets an 'F' for Slicing Apples #macOS #research

πŸ›  Tools

AIL framework v5.3

github.com/ail-project/ail-framework/releases/tag/v5.3

AIL (Analysis of Information Leaks) framework 5.3 released with chat explorer, Discord and Telegram monitoring, automatic translation, new features and various bugs fixed.

CALDERA v5

Announcing MITRE Calderaβ„’ v5!

MITRE released a major new version of their CALDERA adversary emulation framework with a completely refreshed UI and improved usability.

auto-archiver

pypi.org/project/auto-archiver

Bellingcat's auto-archiver helps you automatically collect links to online content of interest like videos and social media posts.

excalibur

github.com/The-OSINT-Newsletter/excalibur

This new CLI tool from Jake Creps of The OSINT Newsletter (which I recommend) will tell you if a given Twitter account is archived, and find associated Medium, Product Hunt, and Mastodon accounts.

argos-translate

github.com/argosopentech/argos-translate

Can't, or don't want to, use Google Translate on a project? Argos Translate is an open source alternative using OpenNMT that works offline as a Python library or CLI tool. Web and native GUI interfaces are available, as well.

πŸ’‘ Tip

Next time you're threat hunting, try the Pomodoro Technique to limit yourself to intense bursts of focus mixed with short breaks. Using the technique to its fullest will help you plan and timebox your hunts, stay sharp while working, and keep from burning out.

πŸ“† Events

FIRST CTI

πŸ“ Berlin, DE
🏒 Mercure Hotel MOA
πŸ“… April 15-17
πŸ”— https://www.first.org/conference/firstcti24/

BSidesSF

CFP for workshops, villages, and BoF will close on February 5th

πŸ“ San Francisco, CA, US
🏒 City View at Metreon
πŸ“… May 4-5
πŸ”— https://bsidessf.org/
πŸ”— CFP https://bsidessf.org/cfp

PIVOTcon

Invite-only, up to a maximum of 150 attendees

πŸ“ Malaga, ES
🏒 Hotel Pez Espada
πŸ—£οΈ Fireside chat May 8
πŸ“Š Conference May 9-10
πŸ”— https://pivotcon.org/

SLEUTHCON

CFP closes April 5th

πŸ“ Arlington, VA, US and online
🏒 Hyatt Regency Crystal City
πŸ“… May 24
πŸ”— https://www.sleuthcon.com/
πŸ”— CFP https://www.sleuthcon.com/cfp

Published by:

Matthew Conway

You might also like...

Nov
15

Sources & Methods Newsletter #20 - November 2024

πŸ“ Sources OSSF Malicious Package Registry - theΒ Securing Critical Projects Working GroupΒ of theΒ Open Source Security Foundation (OpenSSF) maintains
2 min read
Jul
09

Sources & Methods Newsletter #19 - July 2024

Welcome to issue #19 of the Sources & Methods newsletter! I paused for a bit while visiting London and Dublin,
2 min read
Apr
28

Sources & Methods Newsletter #18 - April 2024

Welcome to the April 2024 issue of the Sources & Methods newsletter! This month, we dive into the importance of
2 min read
Jan
29

Sources & Methods Newsletter #16 - January 2024

Happy New Year! I hope your holidays were restful and you're ready to get back to it. At
2 min read
Dec
22

Sources & Methods Newsletter #15 - December 2023

I hope everyone had a great yearβ€”it was for Sources & Methods: * Moved the newsletter to Ghost.io to
3 min read

Member discussion