BenPretty cool #blackhat2023 talk about messing with log files using ANSI escape characters
YouTube
CorelightWhat distinguishes a SecOps incident from a NetOps incident? Eldon Koyle shares how the @blackhatevents NOC team was able to get to the truth with Zeek network monitoring data accessed directly within @corelight’s Open NDR Platform and how you can distinguish between network disruption or an attack on core systems. https://corelight.com/blog/open-ndr-platform-for-netops
If you’re at #BHEU, stop by the NOC to see Eldon in action with his other teammates from Corelight, Arista Networks, Cisco Secure, NetWitness, and @paloaltontwks. Want to learn more about Zeek? Follow @zeek and visit our website: https://corelight.com/products/zeek/
#BlackHat #BlackHat2023 #NetworkSecurity #NetOps #Cybersecurity
We’re proud to be a part of the NOC at @blackhatevents Europe alongside @Arista Networks, Cisco Secure, NetWitness, and @paloaltontwks! Thank you to our @corelight colleagues Ben Reardon, Dustin Lee, Eldon Koyle, James Pope, and Ignacio Arnaldo for their service in the Black Hat NOC all this week—you go team 💪 To learn more about the NOC, be sure to stop by the NOC presentations at 10:20 a.m. on December 6 and at 2:30 p.m. on December 7, as well as our booth with @crowdstrike (432): https://corelight.com/resources/events/2023/black-hat-eu
Want to learn what it’s like to be in the Black Hat NOC? Check out Dustin's latest blog: https://corelight.com/blog/blueprints-from-2023-black-hat-noc
#BlackHat #BlackHat2023 #BlackHatEMEA #BlackHatEurope #NetworkSecurity #Cybersecurity
Going to #BlackHatEurope? Stop by @blackhatevents booth 432 on Dec. 6-7 to meet with @corelight and @crowdstrike experts to learn how to gain superior attack visibility and improved threat hunting capabilities with our seamless integration. corelight.com/resources/events/2023/black-hat-eu
#BlackHat #BlackHat2023 #BlackHatEMEA #BlackHatEurope #NetworkSecurity #Cybersecurity
@blackhatevents MEA is next week! If you’ll be at the show, stop by Spire Solutions booth H3-G30 to learn more about accelerating network detection and response. Also, be sure to join @corelight's Basil Shahin at 2 p.m. for a special talk where he’ll share how the evidence from your network can turn your security team into threat hunting pros while supporting defensible disclosure. Learn more: https://corelight.com/resources/events/2023/black-hat-mea
#BHMEA23 #BlackHat #BlackHat2023 #NetworkSecurity #ThreatHunting
In a new blog, @corelight's own Dustin Lee shares the blueprint for a high-functioning security team, a lesson that he learned while serving in the NOC at the @blackhatevents in Asia and Las Vegas. Read Dustin’s reflections as he prepares for his third NOC appearance at #BlackHat Europe in December with Arista Networks, Cisco Secure, NetWitness, and @paloaltontwks, as well as his fellow Corelight NOC colleagues: https://corelight.com/blog/blueprints-from-2023-black-hat-noc
Going to Black Hat MEA in Saudi Arabia next week? Stop by the Spire Solutions booth to talk to our team of experts!
#BlackHat2023 #BlackHatEMEA #BlackHatEurope #NetworkSecurity #Cybersecurity
An alert for a potential command and control check-in for a remote access trojan (RAT) called TripleNine from an internal IP goes off. You think it’s coming from an infected host, but you’re not sure—what do you do next? In a new blog, Mark Overholser shares this exact scenario and what steps his Corelight team and other partners within the #BlackHat NOC took to investigate, validate, and triage the alert with @corelight’s Open NDR Platform and GPT explainability. Read this and other things Mark learned while in the NOC: https://corelight.com/blog/5-takeaways-from-black-hat-noc-usa-2023
A big thank you to our fellow partners within the Black Hat NOC Arista Networks, Cisco Secure, Lumen Technologies, NetWitness, and @paloaltontwks— we enjoyed working with you!
#BlackHat2023 #BlackHatUSA #ThreatDetection #NetworkSecurity #Cybersecurity
DEFCON 201If you went to anything in #lasvrgas #vegas during #HackerSummerCamp like @DianaInitiative, @BSidesLV #bsideslv, #bhusa #blackhat2023, #squadcon...
And especially @defcon for #Defcon31, please get #COVID19 tested!
If you got a positive result, please fill out this forum by @dcskytalks:
Jon GreigBlack Hat and DefCon were amazing. the amount of thoughtful researchers, experts, hackers and gov't officials gives you hope that we're (kinda) on the right path
here are some stories from Las Vegas last week #BlackHat #DEFCON31 #blackhat2023
-- Taiwan
https://therecord.media/china-taiwan-critical-infrastructure-attacks-us-easterly
-- CIRCIA/ransomware
https://therecord.media/cyber-incident-reporting-cisa-circia-ransomware-easterly
-- Cryptocurrency zero-days
https://therecord.media/multiple-vulnerabilities-affecting-crypto-platform-bitforge
-- Viasat attack update
https://therecord.media/viasat-hack-was-two-incidents-and-resulted-in-sanctions
-- Open Source and Memory Safe languages
https://therecord.media/white-house-calls-for-help-on-open-source-security
-- Belarus using #MoustachedBouncer
https://therecord.media/espionage-hackers-targeting-embassies-belarus
-- Moovit vulnerabilities
https://therecord.media/moovit-vulnerabilities-allow-free-subway-rides
-- CODESYS vulnerabilities
https://therecord.media/microsoft-reveals-vulnerabilities-codesys
-- DDoS attacks on gaming
https://therecord.media/ddos-attacks-tied-to-gaming-business-disputes-fbi-says
-- Yashma ransomware
see ya next year!
Marco Squarcina#BHUSA and #usesec23 have been a blast! Check out our work "Cookie Crumbles: Breaking and Fixing Web Session Integrity"!
🍪🧑🍳🍪
Paper https://www.usenix.org/conference/usenixsecurity23/presentation/squarcina
Slides https://minimalblue.com/data/papers/BHUSA23_cookie_crumbles-slides.pdf
Artifacts https://github.com/SecPriv/cookiecrumbles
With Pedro Adão, Lorenzo Veronese, and Matteo Maffei
#websecurity #webdev #usesec2023 #blackhat #blackhat2023 #cookies