Serge DrozOct 12, 2023
Long and awaited...the #FIRSTCON23 @firstdotorg TLP:CLEAR recordings have been published to our YouTube! Check them out here https://www.youtube.com/c/firstdotorg
FIRST

FIRST is the premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to more effectively respond to security incidents reactive as well as proactive. FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organizations. FIRST aims to foster cooperation and coordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large.

YouTube
Chris John Riley  Jul 21, 2023

Slightly behind on announcements 📢

#FIRSTCON23 may be over, but we still have content to share! Tune in this #FIRSTFriday for Diamond sponsor, @Cisco’s First Time Attendee guest Blog article: ow.ly/2ROl50P8IvK + @Cisco’s CSIRT CTO, Vinay Bansal’s #FIRSTImpressions interview here: https://media.first.org/podcasts/FIRST_Impressions-cisco.mp3

Chris John Riley  Jul 5, 2023
Been editing a bunch of podcasts from #FIRSTCON23. Great collection of smart people… Can't wait for the podcasts to be released.
Chris John Riley  Jul 3, 2023
Did you miss #FIRSTCON23? Have no fear; the #FIRSTImpressions podcast is here! Check out the newest episode to learn about the critical role #PSIRT plays in Customer Trust, Adoption, and Renewal from con speakers, Kevin Hagopian and Emer O’Neill. ow.ly/IXa950OZIQB
John KristoffJun 23, 2023

#DNS #zip TLD fun facts.

There are about 14,000 names in the .zip zone.

un.zip is not in the zone, but it is reserved and you can't register it.

bidenleak.zip and trumpleak.zip were both registered on May 13 seemingly at the same time by the same registrant, and are currently parked.

There are dozens of names that have "install" in the first label, those might be good ones for a rainy day analysis.

dataplane.zip has a secret message if you can find it (some did at #FIRSTCON23).

Some .zip names aren't cheap. For example, boston.zip is currently available, but it'll cost ya.

Daniel AJ SokolovJun 19, 2023

#Canada's top #cybercrime cop wanted to talk about common misunderstandings of #police work, and how he hopes to limit the impact of cybercrime in a #holistic way. So we talked.

Read at @heiseonline in German:

https://www.heise.de/hintergrund/Kanadas-oberster-IT-Polizist-Verhaftungen-sind-keine-Loesung-9190869.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#FIRSTcon23

Kanadas oberster IT-Polizist: Verhaftungen sind keine Lösung

Digitale Straftaten wird es immer geben und mit Verhaftungen allein wird man ihrer nicht Herr, sagt Kanadas Cybercrime-Coordinator. Er setzt auf Teamgeist.

Security
Daniel AJ SokolovJun 16, 2023

Welche digitalen Bedrohungen gibt es in einem Land, in dem mit #Ransomware und #Crypto #Betrug nichts zu holen ist?

Ich hatte die Gelegenheit, mit dem Leiter des Malawi #CERT zu sprechen. #Malawi ist eines der ärmsten Länder der Welt, dennoch setzt die Regierung auf Digitalisierung. Allein, es gibt keine Fachkräfte für #IKT #Sicherheit.

Täter zu verhaften ist oft unmöglich - denn sie sitzen bereits in ganz furchtbaren Gefängnissen.

https://www.heise.de/hintergrund/IT-Sicherheit-in-Malawi-ist-auch-Kampf-gegen-Haeftlinge-9185459.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#FIRSTcon23 #FIRST #Armut #Afrika

IT-Sicherheit in Malawi ist auch Kampf gegen Häftlinge

Nicht Ransomware, sondern Betrug um Mobile Money ist die derzeit größte IT-Sicherheitsbedrohung in Malawi. Malawis CERT hat keinen leichten Auftrag.​

Security
Dataplane.orgJun 12, 2023

The Internet Last Week

* BGP unknown attribute disruption
https://labs.ripe.net/author/emileaben/unknown-attribute-28-a-source-of-entropy-in-interdomain-routing/
* FIRST 2023
https://www.first.org/conference/2023/
* Microsoft 365 disruption
https://twitter.com/MSFT365Status/status/1665734492122742790

#BGP #FIRSTCON23 #Microsoft

Unknown Attribute 28 - A Source Of Entropy in Interdomain Routing?

On 2 June 2023, there was a disruption in Internet interdomain routing. We got notified of recurring resets of some routers that take care of routing between networks, due to malformed BGP packets with BGP attribute 28. Here we take a first look at the event through RIS and offer some initial ideas…

RIPE Labs
Dave Dugal 🔒 Jun 9, 2023
The Forum of Incident Response and Security Teams (#FIRST) is proud to announce the official release of #CVSS v4.0 #ThePublicPreview. The latest information on CVSS v4.0 can be found at https://first.org/cvss/v4-0/ #FIRSTCON23
Common Vulnerability Scoring System

FIRST — Forum of Incident Response and Security Teams
Chris John Riley  Jun 9, 2023

"Prevention without pursuit is toothless, but
pursuit without prevention is endless"

#FIRSTCON23