With the timing of this issue, I decided to include more articles and tools than usual as a way to say thank you for being a subscriber of this humble newsletter. I hope your holidays are restful and fun. See you in 2023!
Intelligence Failures of Lincoln’s Top Spies: What CTI Analysts Can Learn From the Civil War #intelligence #history
Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns #infrastructure #trends
The Move To Mastodon: Tips and Tricks #osint #socmint
Vertex Synapse: Rapid Power-Up Development #tools #development
Using OpenAI Chat to Generate Phishing Campaigns #trends #phishing
Old Services, New Tricks: Cloud Metadata Abuse by UNC2903 #analysis #cloud
OpenCTI Ecosystem Snapshot #tools #enrichment
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself #ecosystems #ransomware
PhoneInfoga is an information gathering framework for phone numbers.
Manuka is an honeypot focused on the tricky task of detecting reconnaissance by adversaries by seeding OSINT data for them to find.
Here's a simple Python script that extracts MITRE ATT&CK Technique IDs from web-based reports and generates JSON you can load into the ATT&CK Navigator.
pygreynoise is both a command line tool and Python library you can use to integrate with GreyNoise.
Yet another handy plugin for Obsidian—now you can embed runnable Python code in your notes like a Jupyter notebook.
ENISA have shared their Threat Landscape Methodology for everyone to read and incorporate in their own threat landscape analysis.