Still building and upgrading my home lab.
| https://twitter.com/fancy_4n6 | |
| Website | http://www.fancy4n6.com |
| Work | https://www.cosive.com |
| ComfyCon | https://au.comfycon.rocks |
| Pronouns | she/her |
Shannaniggans
- 418 Followers
- 92 Following
- 110 Posts
I think I am very quickly taking the SANS approach to Mac M1/Silicon laptops for training courses - not supported.
OMG what a hassle and shit fight!
polaryseIt's been a minute, but here is my write up on WannaSmile ransomware. A nicely deobfuscated sample. I'll be updating this post soon with a decryptor written in python. https://polaryse.github.io/posts/wannasmile/
#reverseengineering #ransomware #malware #eCrime #YARA #dnSpy
#reverseengineering #ransomware #malware #eCrime #YARA #dnSpy
Seems like my hibernation is coming to an end very soon ..... you can catch me at ...
πΈ the Australian Information Security Association (AISA) #Cybercon2023 March 21-22 in Canberra ... I'll be on stage 4 times so I'm pretty sure you won't miss me π€£
πΈ @0xCC I'll be delivering training in May 5 and 6 in Melbourne.
πΈ @blackhatevents #BHAsia2023 I'll be in attendance swanning around the talks.
πΈ Have you got your tickets to BSides Brisbane yet in July and @bsidescbr in September? I have!
Are you tired yet reading this?
I'm also going to try and make BHUS and Defcon in August .... someone want to fly me over?????
I thought I'd share a little bit more about the talk I'm giving at #cybercon2023 ...
<<Threat intelligence without boiling the ocean>>
Whilst no one will ever tell you that threat intelligence is easy, setting out on the path to use it in smart ways doesn't need to be overwhelming. Today, the amount of open source intelligence feeds, documents, blog posts and information shared in the community can easily leave operational or Intel analysts feeling unsure where to start.
#DocIntel is an open source project that was created to help streamline this process by providing a platform to collect, store, process, and organise information from various threat intelligence sources.
Using DocIntel we can take input from threat intel reports both public and private, RSS feeds, and blog posts. In this talk we'll cover how DocIntel is helping to reduce the effort required to transform this data into information that can be utilised to protect and respond. The audience will learn how to set this up in DocIntel and we'll walk through the workflow from adding a source to reviewing and registering a document.
After we have distilled our information in DocIntel, we will walk through how to connect DocIntel to a #MISP instance to easily share and disseminate the indicators across various technology platforms and sharing groups.
The talk will explain the high level concepts as well as demonstrate how this works in practice to give the audience a guide on how best to start with collecting and dealing with open source threat intelligence.
Merry Christmas to everyone, where ever you are. I'm off on a holiday today for a few weeks somewhere tropical.
Thomas Roccia 
π’ In the recent Microsoft Cyber Signal report, we observed an increase in threats exploiting devices in almost every part of an organization, including traditional IT equipment, OT controllers, and IoT devices. This spike in attackers' presence in these environments and networks is fueled by the convergence and interconnectivity that many organizations have adopted over the past few years.
π Attackers can have various motives for compromising devices beyond traditional laptops and smartphones. Nation State sponsored cybercriminal activity shows that some countries view cyberattacks against critical infrastructure as a way to achieve military and economic objectives.
Find out more in the report πβ
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5daTD
π€I have released my slides from my recent presentation on the #UnprotectProject at @bsidessydney. If you're interested in learning more about this project, be sure to check them out! #cybersecurity #infosec #malware
https://speakerdeck.com/fr0gger/x-ray-of-malware-evasion-techniques-analysis-dissection-cure
https://speakerdeck.com/fr0gger/x-ray-of-malware-evasion-techniques-analysis-dissection-cure
X-Ray of Malware Evasion Techniques: Analysis, Dissection, Cure?
This presentation has been presented at Bsides Sydney (https://bsidessydney.org/) Malware evasion consists of techniques used by malware to bypass security in place, circumvent automated and static analysis as well as avoiding detection and harden reverse engineering. There is a broad specter of techniques that can be used. In this talk we will review the history of malware evasion techniques, understand the latest trends currently used by threat actors and bolster your security analysis skills by getting more knowledge about evasion mechanisms.
I did find myself asking #ChatGPT about assembly yesterday ....
Not sure if they are "problems" to be solved, but it certainly is making learning new things much much easier.
CosiveIntroducing Episode 4 of the Cosive #Podcast! ππ
How #ChatGPT Could Transform the CTI Analyst Role, with Chris Horsley
Just 15 minutes - and well worth a listen π
#ThreatIntel #ThreatIntelligence #CyberSecurity #CyberSecurityTips
Episode #004: How ChatGPT Could Transform the CTI Analyst Role with Chris Horsley β Cosive
Cosive CTO Chris Horsley conducted early experiments using ChatGPT to help assign ATT&CK IDs to threat intelligence reports. While the tool wonβt replace an experienced analyst as of today, it will likely change the way we do this kind of work.