Sign in Subscribe
1 min read Newsletter

Sources & Methods Newsletter #4 - December 2022

With the timing of this issue, I decided to include more articles and tools than usual as a way to say thank you for being a subscriber of this humble newsletter. I hope your holidays are restful and fun. See you in 2023!

šŸ“ Sources

Public IPFS Gateway list - Web gateways you may observe being used to access content via IPFS, like malware or phishing landing pages.

šŸ“° Articles

Intelligence Failures of Lincolnā€™s Top Spies: What CTI Analysts Can Learn From the Civil War #intelligence #history

Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns #infrastructure #trends

The Move To Mastodon: Tips and Tricks #osint #socmint

4 hiring tips for building a cyber threat intelligence team #team #hiring

Vertex Synapse: Rapid Power-Up Development #tools #development

Using OpenAI Chat to Generate Phishing Campaigns #trends #phishing

Old Services, New Tricks: Cloud Metadata Abuse by UNC2903 #analysis #cloud

OpenCTI Ecosystem Snapshot #tools #enrichment

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself #ecosystems #ransomware

šŸ›  Tools

PhoneInfoga

github.com/sundowndev/phoneinfoga

PhoneInfoga is an information gathering framework for phone numbers.

cti-stix-visualization

github.com/oasis-open/cti-stix-visualization

cti-stix-visualization is a JavaScript library for turning STIX 2.0+ object and relationship data into nice visualizations.

manuka

github.com/spaceraccoon/manuka

Manuka is an honeypot focused on the tricky task of detecting reconnaissance by adversaries by seeding OSINT data for them to find.

webpage2attack

github.com/tropChaud/webpage2attack

Here's a simple Python script that extracts MITRE ATT&CK Technique IDs from web-based reports and generates JSON you can load into the ATT&CK Navigator.

pygreynoise

github.com/GreyNoise-Intelligence/pygreynoise

pygreynoise is both a command line tool and Python library you can use to integrate with GreyNoise.

obsidian-jupyter

github.com/tillahoffmann/obsidian-jupyter

Yet another handy plugin for Obsidianā€”now you can embed runnable Python code in your notes like a Jupyter notebook.

šŸ’” Tip

ENISA have shared their Threat Landscape Methodology for everyone to read and incorporate in their own threat landscape analysis.

Published by:

Matthew Conway

You might also like...

Nov
15

Sources & Methods Newsletter #20 - November 2024

šŸ“ Sources OSSF Malicious Package Registry - theĀ Securing Critical Projects Working GroupĀ of theĀ Open Source Security Foundation (OpenSSF) maintains
2 min read
Jul
09

Sources & Methods Newsletter #19 - July 2024

Welcome to issue #19 of the Sources & Methods newsletter! I paused for a bit while visiting London and Dublin,
2 min read
Apr
28

Sources & Methods Newsletter #18 - April 2024

Welcome to the April 2024 issue of the Sources & Methods newsletter! This month, we dive into the importance of
2 min read
Mar
10

Sources & Methods Newsletter #17 - March 2024

šŸ“ Sources Cloud Threat Landscape - Cloud-focused compilation of incidents, targeted tech, threat groups, tools, and techniques. Maintained by Wiz, who
2 min read
Jan
29

Sources & Methods Newsletter #16 - January 2024

Happy New Year! I hope your holidays were restful and you're ready to get back to it. At
2 min read

Member discussion