food for naught

#patheticsnake #food #sticks #stix #cheezit #groceries #supermarket #shopping #grocerystore #fooddesert

Consultatie over standaarden voor dreigingsinformatie

Forum Standaardisatie is een internetconsultatie gestart over het verplicht stellen van vernieuwde standaarden voor het delen van cyberdreigingsinformatie binnen de overheid. Reageren kan tot en met 16 februari 2026.

Om welke verplichting gaat het?

De consultatie gaat over versie 2.1 van de standaarden STIX en TAXII. Deze maken het mogelijk om informatie over cyberdreigingen gestructureerd en geautomatiseerd uit te wisselen tussen organisaties. Zoals Security Operations Centers en CERT’s.

Op dit moment staan oudere versies van deze standaarden op de lijst ‘pas toe of leg uit’. Met de consultatie wordt voorgesteld om versie 2.1 hiervoor in de plaats te laten komen. Deze versie sluit beter aan op de huidige praktijk en wordt al gebruikt door onder andere het NCSC (Nationaal Cyber Security Centrum).

Mening geven?

Via internetconsultatie.nl kun je reageren op het expertadvies om deze versie verplicht te stellen. De reacties worden meegenomen in het definitieve advies van Forum Standaardisatie aan het Overheidsbreed Beleidsoverleg Digitale Overheid (OBDO).

Dit is een automatisch geplaatst bericht. Vragen of opmerkingen kun je richten aan @[email protected]

#cyberdreigingen #digitaleWeerbaarheid #forumStandaardisatie #gegevensuitwisseling #informatiebeveiliging #internetconsultatie #NDS #nieuwsbrief22026 #openStandaarden #overheidIt #pasToeLegUit #STIX #TAXII

CTI-Transmute v1.0 released

An online and open source service for converting cyber threat intelligence format, built to promote interoperability and seamless data exchange.

#opensource #cti #stix #misp #openstandard

@misp

🔗 Online version https://cti-transmute.org/
🔗 Source code https://github.com/MISP/cti-transmute

We are pleased to announce the release of CTI-Transmute.org, a new free and open-source service designed to facilitate conversions between MISP and STIX 2.x formats.

The service is available both through a web interface and an API, allowing users to convert CTI data easily. The web UI also gives users the option to share or keep private their conversions for further review or collaboration.

You can view an example conversion here: 🔗 https://cti-transmute.org/convert/detail/4

Access the service: 🔗 https://cti-transmute.org

Source code of the service: 🔗 https://github.com/MISP/cti-transmute

Our goal is to make the use of standard CTI formats easier and to support the sharing and review of online conversions within the community.

The service will be gradually extended to support additional formats, such as detection rules and other widely used CTI standards.

We invite you to try the service and report any issues or feature requests directly on GitHub.

#cti #interoperability #misp #cybersecurity #threatintelligence #threatintel #stix #opensource

@circl @misp

Support for #STIX and #TAXII in #IntelMQ

For collecting and processing #threatintel feeds, #IntelMQ is a good tool. Simple to deploy and configure, used by several #CSIRT teams.
For long time, it was sufficient for me, however, with recent changes in #ESET #ThreatIntelligence feeds, I realized that IntelMQ lacks support for TAXII protocol and STIX language and objects...

After hours of studying the STIX/TAXII documentation, I decided to develop some basic support for collecting the feeds from TAXII servers and parsing the STIX indicators objects.
This way, IntelMQ can process not only the current #ETI feeds, but also some other sources.

The commits are currently waiting in pull request in IntelMQ GitHub:
https://github.com/certtools/intelmq/pull/2611

#cybersecurity #development #blueteam #cyberdefense #soc #siem

@avuko

There's STIG. I know some of the people who work[ed?] on it at INL.

https://github.com/idaholab/STIG

#STIX #OpenCTI #infosec

I'll try to find time during the following weekends to retake my preliminary work on what I've called #STIX Patterns Universal Conversor (SPUC)... I had already done some work to build simple Snort and Suricata rules in the past and had started targetting other query languages but now I understand that I probably need a nearly full refactor of the code.

I'll try to make something testable in the following weeks.

🚨 Did you know? 🚨

Over 50% of all cyber incidents could be prevented by better threat intelligence sharing. That's where STIX comes into play—a universal language for cybersecurity that lets organizations share threat data seamlessly.

🔐 Tip: Embrace STIX to level up your defense! It helps convert complex cyber threats into a readable format, so everyone in your network speaks the same language when tackling attacks. 🌐

How does your organization share threat intel? Are we ready for the STIX revolution? 🤔

🛡️ Dive deeper into STIX and why it's the next big thing in cybersecurity: https://guardiansofcyber.com/learning-hub-guides-tutorials/what-is-stix-in-cybersecurity-the-next-big-thing-you-need-to-know/

#Cybersecurity #ThreatIntelligence #STIX #TAXII #GuardiansOfCyber #Guardians #CyberDefense #InfoSec #DataSharing #TechTalk

«Unveiling the Art and Science of Virtual HUMINT» is coming VERY soon. The second pre-print is already in the oven.

#HUMINT #CyberHUMINT #VirtualHUMINT #STIX #Methodology #Frameworks #Books