lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

65
active users

#csirt

0 posts0 participants0 posts today
Josh Lemon<p>This is a timely reminder to ensure any third-parties with access to your systems follow the same cyber policies you'd expect your internal staff to follow.</p><p><a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScatteredSpider</span></a> are particularly good at <a href="https://infosec.exchange/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialEngineering</span></a> their way via a third-party to other victims.</p><p>For clarity, <a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScatteredSpider</span></a> are considered the initial access group, <a href="https://infosec.exchange/tags/DragonForce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DragonForce</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> is the malware deployed once <a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScatteredSpider</span></a> are inside your network.</p><p><a href="https://www.bleepingcomputer.com/news/security/mands-confirms-social-engineering-led-to-massive-ransomware-attack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/mands-confirms-social-engineering-led-to-massive-ransomware-attack/</span></a></p><p><a href="https://infosec.exchange/tags/IncidentReponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentReponse</span></a> <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://infosec.exchange/tags/CSIRT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSIRT</span></a></p>
Turris project<p>Thanks to our <a href="https://fosstodon.org/tags/TurrisSentinel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TurrisSentinel</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/research" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>research</span></a> program, <a href="https://fosstodon.org/tags/CZNIC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CZNIC</span></a> <a href="https://fosstodon.org/tags/CSIRT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSIRT</span></a> team discovered large scale <a href="https://fosstodon.org/tags/FTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FTP</span></a> <a href="https://fosstodon.org/tags/attack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>attack</span></a>. Coming from 45.78.4.0/22, it is <a href="https://fosstodon.org/tags/bruteforcing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bruteforcing</span></a> <a href="https://fosstodon.org/tags/slowly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>slowly</span></a> - it takes it 19 day to get through it's <a href="https://fosstodon.org/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a>. Big thanks to everybody who helps us by running our <a href="https://fosstodon.org/tags/minipots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>minipots</span></a> on their devices! Report in <a href="https://fosstodon.org/tags/Czech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Czech</span></a> is available on CSIRT website <a href="https://csirt.cz/cs/kyberbezpecnost/aktualne-z-bezpecnosti/distribuovany-ftp-bruteforcer/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">csirt.cz/cs/kyberbezpecnost/ak</span><span class="invisible">tualne-z-bezpecnosti/distribuovany-ftp-bruteforcer/</span></a></p>
Alexandre Dulaunoy<p>We are excited to announce that CIRCL has three open positions available.</p><p>As a team strongly oriented towards open-source development, we value contributions that drive innovation and strengthen the cybersecurity community. These roles are open to EU citizens, with the workplace based in Luxembourg. If you’re passionate about cybersecurity and open-source collaboration, we encourage you to apply and make a meaningful impact.</p><ul><li>CIRCL - Software Engineer and Intelligence Analyst (software-engineering-analyst) </li></ul><p>🔗 <a href="https://www.circl.lu/projects/position/software-engineering-analyst/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">circl.lu/projects/position/sof</span><span class="invisible">tware-engineering-analyst/</span></a></p><ul><li>CIRCL - Security Analyst and Researcher (Security-Analyst-and-Researcher)</li></ul><p>🔗 <a href="https://www.circl.lu/projects/position/security-analyst-researcher/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">circl.lu/projects/position/sec</span><span class="invisible">urity-analyst-researcher/</span></a></p><ul><li>CIRCL - Incident and Vulnerability Disclosure Coordinator/Analyst (nis2-incident-analyst)</li></ul><p>🔗 <a href="https://www.circl.lu/projects/position/nis2-incident-analyst/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">circl.lu/projects/position/nis</span><span class="invisible">2-incident-analyst/</span></a></p><p><span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>circl</span></a></span> </p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/europe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>europe</span></a> <a href="https://infosec.exchange/tags/csirt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>csirt</span></a> <a href="https://infosec.exchange/tags/cert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cert</span></a> <a href="https://infosec.exchange/tags/nis2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nis2</span></a></p>
Josh Lemon<p>One of my brilliant coauthors Megan Roddie did a write up from our SANS <a href="https://infosec.exchange/tags/FOR509" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOR509</span></a> <a href="https://infosec.exchange/tags/CloudForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudForensics</span></a> class on how to extract <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AWS</span></a> logs for analysis.</p><p><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/CSIRT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSIRT</span></a> <a href="https://infosec.exchange/tags/CERT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CERT</span></a><br> <a href="https://www.sans.org/blog/aws-cloud-log-extraction/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sans.org/blog/aws-cloud-log-ex</span><span class="invisible">traction/</span></a></p>
Josh Lemon<p>There has been a minor update to the 4624 Security.evtx event in Windows 11.Write-up below, plus a direct comparison (link below) if you're impatient like me and want to see the differences.</p><p><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/CSIRT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSIRT</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p><p>Comparison: <a href="https://aboutdfir.com/wp-content/uploads/4624Comparison.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">aboutdfir.com/wp-content/uploa</span><span class="invisible">ds/4624Comparison.html</span></a></p><p>Full Write-Up: <a href="https://aboutdfir.com/dfir-fyi-security4624-has-been-updated-in-windows-11-pro-22h2/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">aboutdfir.com/dfir-fyi-securit</span><span class="invisible">y4624-has-been-updated-in-windows-11-pro-22h2/</span></a></p>