🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Slides for #devBcn23: "Enriching Data with the Elastic Stack" — xeraa.net/talks/enrichin… * when: index- vs runtime * where: edge vs central vs in-cluster * how: logstash vs beats vs agent (fleet) vs OTel collector vs elasticsearch ingest pipeline vs elasticsearch runtime fields

Can 9 lines of Python make history in cloud security? We believe that #PyLoose is the first publicly documented Python-based #fileless attack targeting cloud workloads in the wild. Read more about it 👇 wiz.io/blog/pyloose-f… Oren Ofer Itamar Gilad

The Future Of Security Operations Roadshow: Using Github For Automated Case Management youtube.com/watch?v=PqMI6e…

MSTICPy 2.6.0 released - Parallel queries for multiple instances of MS Sentinel workspaces and Kusto clusters - Parallel split queries (large time-range queries divided by smaller time periods) - Velociraptor data provider for querying exported data sets github.com/microsoft/msti…

We're thrilled to announce BloodHound Community Edition (CE) -- the next evolution of #BloodHound. Scheduled for release on 8/8, BloodHound CE has many new features & enhancements, making it easier for users to deploy, manage, and utilize. Learn more: ghst.ly/458lIGX

some unofficial info about how Python in Excel works: we have Excel that allows running Python in Jupyter notebook initiated by a .NET dll running in a Linux CBL-Mariner container inside of a Windows VM which are both managed by Azure Service Fabric 🙃

Experimenting with Elastic and built a (wip) search engine to aggregate open source detection content from multiple platforms. Currently indexing elastic, sigma, splunk and sentinel content ☺️ decon-search.vercel.app

Made some changes to the detection search engine and started importing hunting queries + added the additional filter to the UI ☺️ Next up is looking into indexing content from Jupyter notebooks as well. PS. I moved the page to decon.optyx.io

Starting today, if you know one of the SIEM, EDR or Data Lake languages, you know them all! Dear industry, please meet RootA roota.io RootA is a public-domain language for collective cyber defense, created to make threat detection, incident response, and actor

MSTICPY 2.9.0 released Includes new Threat Intel provider IPQualityScore and updated M365D to use MS Graph API for hunting queries. Fixes to startup, Synapse compat issues, Entities and more. See the release notes for a full rundown github.com/microsoft/msti…

is this you? PLEASE RETURN JSON, NO TALKING, ONLY JSON all of that drama only for json.loads() to fail... If you use Pydantic theres a better way to steer llms into models that work within the python ecosystem blog.pydantic.dev/blog/2024/01/0…

Rewrote the detections/threat hunts search UI for more flexibility. Everything should be much more responsive on decon.optyx.io now ☺️

We created Skrapa, a zero dependency and customizable Python library for scanning Windows and Linux process memory. Harnessing memory attributes, Skrapa elevates your capability to explore patterns in memory. 🔍 blog.fox-it.com/2024/01/25/mem…

Our Cloned Website Canarytoken¹ has caught attackers all over the world. Jacobs new CSS Canarytoken² allows this to work when all u can control is ur sites CSS. (It also works a treat to detect AitM phishing on Azure login portals) blog.thinkst.com/2024/01/defend… __ ¹ Free ² Also Free

The invention of the blue LED, one of the most difficult and important inventions ever, is some of the most Chad shit I have ever heard youtu.be/AF8d72mA41M

🔥🔥New goody dropped for Outflank Security Tooling customers: PhisherPrice PhisherPrice helps with Device Code Flow abuse without sending codes/QRs via email. Easy to setup and host a phishing website, easy to receive auth tokens. Just as you like it.

Congrats to our #DEFCON32 Logs in the Shell #GraylogCTF winner — d3vzer0! Out of 180 players averaging 110 minutes of playtime, our winner scored a perfect game! 💯👏 🎮 Enjoy the OLED Steam Deck. You've earned it.🥇🏆 #Graylog #DEFCON #HackerSummerCamp Blue Team Village

"Being able to call Elasticsearch and Kibana Open Source again is pure joy." — Shay Banon, Elastic Founder and CTO. Read more from Shay Banon: go.es.io/4dNtVVR #Elasticsearch

Introducing the BloodHound Query Library! 📚 Martin Sohn & Joey Dreijer explore the new collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem. ghst.ly/4jTgRQQ

ICYMI: Two weeks ago, we released the 𝗕𝗹𝗼𝗼𝗱𝗛𝗼𝘂𝗻𝗱 𝗤𝘂𝗲𝗿𝘆 𝗟𝗶𝗯𝗿𝗮𝗿𝘆 - a community-driven collection of BloodHound Cypher queries available here: queries.specterops.io Special thanks to LuemmelSec for being the first community member to contribute!