Sign in Subscribe
1 min read Newsletter

Sources & Methods Newsletter #3 - November 2022

Welcome to issue 003 of Sources & Methods newsletter, the CYBERWARCON edition. What am I changing for this special edition? Well, not much, actually. But I am publishing early this time to kick off the conference! Stay tuned for a recap of CYBERWARCON and BRUNCHCON (yes).

๐Ÿ“ Sources

ORKL Cyber Threat Intelligence Library - "Over time, the goal is to collect a complete corpus of all publicly released CTI reports to be used as a reference in scientific research and CTI reporting"

๐Ÿ“ฐ Articles

Hundreds of U.S. news sites push malware in supply-chain attack #malware

Beneath the surface: Uncovering the shift in web skimming - especially important as holiday shopping intensifies #trends #retail

[VIDEO] Pivoting from Art to Science #tradecraft #presentation

ENISA Threat Landscape 2022 #FYSA #trends

DFIR Report: Follina Exploit Leads to Domain Compromise #analysis

A Menu of Threat Intelligence Use Cases #program #stakeholders

๐Ÿ›  Tools

DocIntel

github.com/docintelapp/DocIntel

(Now open source!) Platform for storing, organizing, and searching documents related to cyber threats.

badflare

github.com/LeeBrotherston/badflare

OSINT tool for discovering the real IP addresses of services which are behind Cloudflare but not properly locked down.

slack-tlp

github.com/magoo/slack-tlp

Slack emojis to indicate Traffic Light Protocol (TLP) marking of information shared in chat. I recommend using this alongside text-only TLP markings for clarity and accessibility, with these images as eye-catching enhancements.

osintui

github.com/wssheldon/osintui

Terminal UI for querying various OSINT data sources.

mattreduce/cti-self-study

github.com/mattreduce/cti-self-study

Remember Katie Nickels' (@likethecoins) CTI Self Study Plan series from issue 001? I converted Katie's great list of suggested things to read, watch, do, and think about related to CTI to an Obsidian notebook. If you're working through the atudy plan, I hope like me you use this notebook template to track your progress and keep notes on what you learn. It even includes a plugin for annotating assigned reading if they're in PDF or ePub format.

๐Ÿ’ก Tip

The TryHackMe training platform now has a free Intro to Cyber Threat Intel "room" that'll introduce you to CTI, some frameworks, and tools like YARA, OpenCTI, and MISP.

๐Ÿ“† Events

Cyber Threat Intelligence Summit 2023

๐Ÿ“ Arlington, VA, US & Virtual
โœ๏ธ CFP is closed
๐Ÿ“Š Summit: Jan 30-31 2023
๐Ÿ“š Training: Feb 1-6 2023
๐Ÿ”— https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2023/

Published by:

Matthew Conway

You might also like...

Nov
15

Sources & Methods Newsletter #20 - November 2024

๐Ÿ“ Sources OSSF Malicious Package Registry - theย Securing Critical Projects Working Groupย of theย Open Source Security Foundation (OpenSSF) maintains
2 min read
Jul
09

Sources & Methods Newsletter #19 - July 2024

Welcome to issue #19 of the Sources & Methods newsletter! I paused for a bit while visiting London and Dublin,
2 min read
Apr
28

Sources & Methods Newsletter #18 - April 2024

Welcome to the April 2024 issue of the Sources & Methods newsletter! This month, we dive into the importance of
2 min read
Mar
10

Sources & Methods Newsletter #17 - March 2024

๐Ÿ“ Sources Cloud Threat Landscape - Cloud-focused compilation of incidents, targeted tech, threat groups, tools, and techniques. Maintained by Wiz, who
2 min read
Jan
29

Sources & Methods Newsletter #16 - January 2024

Happy New Year! I hope your holidays were restful and you're ready to get back to it. At
2 min read

Member discussion