Sign in Subscribe
2 min read Newsletter

Sources & Methods Newsletter #17 - March 2024

๐Ÿ“ Sources

Cloud Threat Landscape - Cloud-focused compilation of incidents, targeted tech, threat groups, tools, and techniques. Maintained by Wiz, who add new incidents every week. I used FetchRSS to generate a feed I can subscribe to.

๐Ÿ“ฐ Information

Anton Chuvakin - Frameworks for DE-Friendly CTI (Part 5) #detection

Mandiant - AI and the Five Phases of the Threat Intelligence Lifecycle #tooling #AI

Robin Dimyanoglu - Geopolitical Cyber Risk: Going Beyond the Industry and Region #landscape #threatmodeling

Vertex Project - Vertex Tag Tree Overview #tooling #taxonomies

@BushidoToken - Tracking Adversaries: UAC-0050, Cracking The DaVinci Code #groups

Pulsedive - CTI Networking Report 2024 #sharing

Proofpoint - Bumblebee Buzzes Back in Black #malware #analysis

Objective See - Apple Gets an 'F' for Slicing Apples #macOS #research

๐Ÿ›  Tools

AIL framework v5.3

github.com/ail-project/ail-framework/releases/tag/v5.3

AIL (Analysis of Information Leaks) framework 5.3 released with chat explorer, Discord and Telegram monitoring, automatic translation, new features and various bugs fixed.

CALDERA v5

Announcing MITRE Calderaโ„ข v5!

MITRE released a major new version of their CALDERA adversary emulation framework with a completely refreshed UI and improved usability.

auto-archiver

pypi.org/project/auto-archiver

Bellingcat's auto-archiver helps you automatically collect links to online content of interest like videos and social media posts.

excalibur

github.com/The-OSINT-Newsletter/excalibur

This new CLI tool from Jake Creps of The OSINT Newsletter (which I recommend) will tell you if a given Twitter account is archived, and find associated Medium, Product Hunt, and Mastodon accounts.

argos-translate

github.com/argosopentech/argos-translate

Can't, or don't want to, use Google Translate on a project? Argos Translate is an open source alternative using OpenNMT that works offline as a Python library or CLI tool. Web and native GUI interfaces are available, as well.

๐Ÿ’ก Tip

Next time you're threat hunting, try the Pomodoro Technique to limit yourself to intense bursts of focus mixed with short breaks. Using the technique to its fullest will help you plan and timebox your hunts, stay sharp while working, and keep from burning out.

๐Ÿ“† Events

FIRST CTI

๐Ÿ“ Berlin, DE
๐Ÿข Mercure Hotel MOA
๐Ÿ“… April 15-17
๐Ÿ”— https://www.first.org/conference/firstcti24/

BSidesSF

CFP for workshops, villages, and BoF will close on February 5th

๐Ÿ“ San Francisco, CA, US
๐Ÿข City View at Metreon
๐Ÿ“… May 4-5
๐Ÿ”— https://bsidessf.org/
๐Ÿ”— CFP https://bsidessf.org/cfp

PIVOTcon

Invite-only, up to a maximum of 150 attendees

๐Ÿ“ Malaga, ES
๐Ÿข Hotel Pez Espada
๐Ÿ—ฃ๏ธ Fireside chat May 8
๐Ÿ“Š Conference May 9-10
๐Ÿ”— https://pivotcon.org/

SLEUTHCON

CFP closes April 5th

๐Ÿ“ Arlington, VA, US and online
๐Ÿข Hyatt Regency Crystal City
๐Ÿ“… May 24
๐Ÿ”— https://www.sleuthcon.com/
๐Ÿ”— CFP https://www.sleuthcon.com/cfp

Published by:

Matthew Conway

You might also like...

Jun
02

Sources & Methods Newsletter #24 - June 2025

Well we're nearly half-way through 2025. ๐Ÿ˜ฎโ€๐Ÿ’จ Kicking off June sharing a new tool of my own, synapse-claude, and
2 min read
Mar
31

Sources & Methods Newsletter #23 - March 2025

๐Ÿ“ Sources What is this Stealer - Here's a collection of examples of credential stealer information formats, and accompanying
2 min read
Mar
02

Sources & Methods Newsletter #22 - February 2025

The past month has been a year. Let's pretend I published this two days ago when it was
2 min read
Jan
28

Sources & Methods Newsletter #21 - January 2025

๐Ÿ“ Sources JA4+ Database - Online and downloadable database of JA4+ TLS fingerprints ๐Ÿ“ฐ Information Vertex Project - More Than Malware Families:
2 min read
Nov
15

Sources & Methods Newsletter #20 - November 2024

๐Ÿ“ Sources OSSF Malicious Package Registry - theย Securing Critical Projects Working Groupย of theย Open Source Security Foundation (OpenSSF) maintains
2 min read

Member discussion