APT_CyberCriminal_Campagin_C
APT_CyberCriminal_Campagin_Collections
Our great sponsors
APT_CyberCriminal_Campagin_C | APT_CyberCriminal_Campagin_Collections | |
---|---|---|
1 | 5 | |
- | 3,496 | |
- | - | |
- | 8.7 | |
- | 17 days ago | |
YARA | ||
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
APT_CyberCriminal_Campagin_C
-
Ask HN: Are most security breaches based on social engineering?
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
APT_CyberCriminal_Campagin_Collections
- Where do I find at least somewhat detailed information about famous data breaches/Hacks?
- What are some good resources for staying up to date with current APT developments?
-
Ask HN: Are most security breaches based on social engineering?
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
-
Sources, methodology and process used to populate this subreddit
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/
-
What’s everyone’s “go to” sites for updates on recently exposed vulnerabilities, attacks, and just security news in general?
Cybermonitor on github for a collection of APT reports: cybermonitor
What are some alternatives?
VCDB - VERIS Community Database
DoubleStar - A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
data - APTnotes data
Resetter - The easiest way to reset your debian or ubuntu based linux back to stock
Lobsters - Computing-focused community centered around link aggregation and discussion
aptly - aptly - Debian repository management tool
doublestar - Implements support for double star (**) matches in golang's path.Match and filepath.Glob.