APT_CyberCriminal_Campagin_C
VCDB
APT_CyberCriminal_Campagin_C | VCDB | |
---|---|---|
1 | 3 | |
- | 563 | |
- | 0.7% | |
- | 7.1 | |
- | 3 months ago | |
Jupyter Notebook | ||
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
APT_CyberCriminal_Campagin_C
-
Ask HN: Are most security breaches based on social engineering?
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB
VCDB
-
2024 Verizon Data Breach Investigation Report [pdf]
The DBIR is an interesting dataset in that it only covers breaches that have been covered by the media.
It does not include the vast majority of breaches that happen every year and are reported to federal and state regulatory bodies or as posted to cybercrime / ransomware sites.
One of the coolest things is that this process though flawed is transparent and semi-open to the public.
The dataset and the underlying process for which events are selected takes place in the open on GitHub.
Kudos to their commitment to open source.
https://github.com/vz-risk/VCDB
- A dramatic new EPA rule will force up to 60% of new US car sales to be EVs in just 7 years
-
Ask HN: Are most security breaches based on social engineering?
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB
What are some alternatives?
APT_CyberCriminal_Campagin_Collections - APT & CyberCriminal Campaign Collection