APT_CyberCriminal_Campagin_Collections
APT_CyberCriminal_Campagin_C
APT_CyberCriminal_Campagin_Collections | APT_CyberCriminal_Campagin_C | |
---|---|---|
5 | 1 | |
3,661 | - | |
- | - | |
8.8 | - | |
3 months ago | - | |
YARA | ||
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
APT_CyberCriminal_Campagin_Collections
- Where do I find at least somewhat detailed information about famous data breaches/Hacks?
- What are some good resources for staying up to date with current APT developments?
-
Ask HN: Are most security breaches based on social engineering?
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB
-
Sources, methodology and process used to populate this subreddit
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/
-
What’s everyone’s “go to” sites for updates on recently exposed vulnerabilities, attacks, and just security news in general?
Cybermonitor on github for a collection of APT reports: cybermonitor
APT_CyberCriminal_Campagin_C
-
Ask HN: Are most security breaches based on social engineering?
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB
What are some alternatives?
VCDB - VERIS Community Database
data - APTnotes data
DoubleStar - A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
Resetter - The easiest way to reset your debian or ubuntu based linux back to stock
doublestar - Implements support for double star (**) matches in golang's path.Match and filepath.Glob.
Lobsters - Computing-focused community centered around link aggregation and discussion
aptly - aptly - Debian repository management tool