2 min read

Sources & Methods Newsletter #2 - October 2022

Hello to all the new subscribersโ€”I hope you get something out of every issue. I have a few updates this time:

  • SRC&MTD IRL: I'll be at CYBERWARCON November 10-11 in Washington, D.C. I hope to see some of you there!
  • Custom domain: I've moved newsletter archives to newsletter.sourcesmethods.com and email delivery to sourcesmethods.com. Please update your contacts or email rules accordingly, which should stay the same going forward.
  • Events: I've also added a new Events section to announce dates for conferences and other happenings. If there are any upcoming dates I should be aware of or conferences I should track every year, let me know at hello@sourcesmethods.com.

๐Ÿ“ Sources

deepdarkCTI - Collection of Cyber Threat Intelligence sources from the deep and dark web

๐Ÿ“ฐ Articles

Introducing Campaigns to MITRE ATT&CK #standards

8220 Gang Cloud Botnet Targets Misconfigured Cloud Workloads #analysis #botnet

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities #analysis #malware

Welcome โ€œFrappoโ€ โ€“ The New Phishing-As-A-Service Used By Cybercriminals To Attack Customers Of Major Financial Institutions And Online-Retailers #phishing #ecosystem

MISP 2.4.164 released with new tag relationship feature, improvements and a security fix #tools #MISP

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 #analysis #Exchange #vulnerability

Breaking Into the CTI Field: Demystifying the Interview Process and Practice Interview Questions #career

๐Ÿ›  Tools



Markwhen is a text-to-timeline tool. You write markdown-ish text and it gets converted into a nice looking cascading timeline.



Scrape VK URLs to fetch info and media - Python API or command line tool.



STIX2 graph visualisation library in JS.



Script to check whether a specific phone number is connected to a Telegram account.



yari is an interactive debugger for YARA.

Periodic Table of Visualization Methods


An interesting reference to help you find the right visualization for the data/information you're describing. Hopefully this provides some inspiration for your documents and slides!

๐Ÿ’ก Tip

Did you know you can build your own Vertex Synapse Power-Up? Check out the official guide and give it a go.

๐Ÿ“† Events

FIRST Cyber Threat Intelligence Symposium 2022

๐Ÿ“ Berlin, DE
๐Ÿ“š Training Nov 1
๐Ÿ“Š Conference Nov 2-3
๐Ÿข Mercure Hotel MOA
๐Ÿ”— https://www.first.org/events/symposium/berlin2022/program


๐Ÿ“ Arlington, VA, US & Virtual
๐Ÿ“Š Conference Nov 10
๐Ÿณ BRUNCHCON Nov 11 - Hilton Crystal City
๐Ÿข Hyatt Regency Crystal City
๐Ÿ”— https://www.cyberwarcon.com/
๐Ÿ”— https://www.cyberwarcon.com/brunchcon

Cyber Threat Intelligence Summit 2023

Submit your talk proposal by tomorrow, October 18th, to speak next January!

๐Ÿ“ Arlington, VA, US & Virtual
โœ๏ธ CFP closes Tuesday, October 18th at 5 pm CDT
๐Ÿ“Š Summit: Jan 30-31 2023
๐Ÿ“š Training: Feb 1-6 2023
๐Ÿ”— CFP: https://www.sans.org/mlp/cti-summit-cfp/
๐Ÿ”— Event: https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2023/