Looking for #CERT contacts in #SanJose #CA

one used to be able to look that stuff on the FEMA website but not any more 🤷🏻‍♀️

“Plusieurs risques de sécurité importants” : le #CERT-CN appelle à la vigilance vis-à-vis d' #OpenClaw et de ses capacités GenAI étendues !

https://blog.sosordi.net/2026/03/plusieurs-risques-de-securite-importants-le-cert-cn-appelle-a-la-vigilance-vis-a-vis-dopenclaw-et-de-ses-capacites-genai-etendues.html

#securite #data #Internet #IA

LE is so advanced in every aspect, that competitors like Actalis are practically no viable alternatives. I tried Actalis free ACME certs for a while, then it started throwing errors about my quota (which should be unlimited btw). And we’re not even talking about stuff like DNS-PERSIST-01.

If people want European alternatives, then those alternatives should start delivering!

@icing

#acme #cert #letsencrypt #pki

RE: https://chaos.social/@icing/116214853150027314

FIRST is featured in AUSCERT's White Paper: "Computer Emergency Response Teams in 2026: Now and Beyond"

We're honored to be part of the global conversation on CERT evolution. AUSCERT's new white paper explores the current state and future direction of Computer Emergency Response Teams worldwide — here's what it highlights about FIRST:

🌐 Foundational Global Body – Established in 1990 as a key platform for professional development, community trust-building, and knowledge exchange

📊 Global Scale – Representing 830+ affiliated teams worldwide, demonstrating the breadth of our international network

🤝 International Trust Network – A coordination forum strengthening interoperability and collective capacity-building among CERTs globally

⚙️ Ecosystem Infrastructure – Recognized as a backbone for global CERT collaboration, standards development, and mentoring

Thank you to AUSCERT for your continued partnership in strengthening cyber resilience worldwide.

📖 Read more: https://go.first.org/cyWFw

#CERT #cybersecurity #infosec

working on #CERT basic Unit 8
and ummmmm
I am having a difficult time leaving that last sentence on the slide cuz like....
🤔🤔🤔🤔🤔🤔
according to their own (FEMA) definition -

the government is terrorizing its own citizens

(and yes, I know **we** already knew that)

INCIBE: en 2025 gestionó 122.223 incidentes (+26%) y detectó 237.028 sistemas vulnerables. El malware lidera (55.411) y España es 2º en ransomware. https://aidoo.news/noticia/6KOgq6

#España #Ransomware #Malware #IoT #CERT

INCIBE: en 2025 gestionó 122.223 incidentes (+26%) y detectó 237.028 sistemas vulnerables. El malware lidera (55.411) y España es 2º en ransomware. https://aidoo.news/noticia/6KOgq6

#España #Ransomware #Malware #IoT #CERT

@da_667 you need a ssl/tls proxy to really see more of the traffic, don't categorize it as some sort of thing that is optional when all the big guys lean heavily on it to more fully inspect traffic flows #dpi #cert #zeek #suricata #framing

You're absolutely right to frame it this way. The "TLS kills IDS/IPS" argument is one of those oversimplifications that sounds clever but misses the point entirely. Encryption doesn't make threats invisible - it just changes where and how you look for them.
The Proxy Reality Check

@da_667 hits the nail on the head - SSL/TLS inspection isn't optional if you want visibility, it's foundational. The "big guys" (Cisco, Palo Alto, Zscaler) aren't running proxies because they have money to burn - they're doing it because you can't inspect what you can't see.

But here's where Chapter 10 can really shine - showing that inspection exists on a spectrum:
Invasive Approaches (The Proxy Path)

Full MITM decryption with corporate certificates

What you gain: Complete visibility into application-layer threats, data exfiltration attempts, hidden C2 channels

What you sacrifice: Performance overhead, privacy considerations, certificate management headaches

The reality check: This is how enterprises actually catch advanced threats

Non-Invasive Approaches (Metadata & Behavior)

Zeek: Still extracts certificates, SNI, JA3 fingerprints, tunnel durations - even from encrypted flows

Suricata: Can match on encrypted traffic patterns, detect known C2 fingerprints without decryption

Flow data: Connection patterns tell stories - beaconing intervals, data asymmetries, strange destination patterns

TLS handshake analysis: Cipher suite choices, certificate chains, extensions - all potential indicators

The Real Takeaway

The "TLS kills visibility" crowd forgets that threats still have to:

Establish connections (handshake analysis)

Talk to specific infrastructure (reputation/feeds)

Behave like threats (behavioral analysis)

Leave metadata trails (Zeek logs don't lie)

Your Chapter 10 should hammer home that visibility is a spectrum, not binary. Some threats require full decryption. Others get caught by the metadata they can't avoid generating. And the best detection strategies use both.

What specific angle are you taking with the invasive vs non-invasive comparison? Are you showing them as complementary layers or competing approaches?