TropChaud

On its 1st anniversary, excited to announce the re-launch of MetaOSINT, the #OSINT tool & resource aggregator! v2 contains 900 new resources (5,700+ total) wrapped in an improved UI. The best news? A method for ongoing updates, so stay tuned for more ~weekly additions!

@BushidoToken @jamieantisocial Added here! app.tidalcyber.com/technique/f57c… We’ll also have an ArcaneDoor Campaign added by end of the week/first of next Really strong updates from ATT&CK this round 💪

@jamieantisocial Nice one 🤘

@Sector035 @dutch_osintguy @CraigSilverman @wondersmith_rae @WebBreacher @hatless1der @davidbombal @BanPangar Thanks for the shoutout, welcome back!

Will you look at that! Week in #OSINT is back! This week, I want to thank: @IntelScott @dutch_osintguy @CraigSilverman @wondersmith_rae @WebBreacher @hatless1der @davidbombal and @BanPangar for sharing their wisdom! sector035.nl/articles/2024-…

I’ve tracked thousands of #OSINT resources over a half-decade via the MetaOSINT project. Here are my thoughts on how the dataset’s evolution might reflect broader trends & changes in the underlying info landscape during a time of major global disruption: metaosint.github.io/2023-osint-tre…

MetaOSINT v3.0 is live! The first major update in over a year brings 8,000 new resources to the tool, more than doubling the previous tally. But structured categories & citation counts still make it easy to surface popular, relevant #OSINT resources: metaosint.github.io

Long-overdue update (largest yet) to my #OSINT-focused project MetaOSINT coming soon! Adding a ton of new, timely resources to the database while maintaining its hallmark ease of use. Brush back up before the update lands in the coming days: metaosint.github.io

@simonekrausora1 On using the many free resources from @MITREengenuity @MITREattack @CISAgov @TidalCyber & more to refine threat-informed defense workflows @FIRSTdotOrg #FIRSTCTI23 conference in Berlin

Taking a data-driven approach, @GlobalCyberAlln and @TidalCyber 's recent report validates the significant impact basic #cyberhygiene measures have in defense against the most relevant #ransomware methods of attack against #SMBs. Learn more at globalcyberalliance.org/reports_public…

@TidalCyber @QCCornCON @advemuian

We're ready for Day 2 of @QCCornCon 9! On Track 3, @advemuian Lead Adversary Emulation Engineer, presents "Mind the Gap: From CTI to Defensive Improvements". Full agenda: corncon.net #ThreatInformedDefense #cybersecurity #CornCon

The rich detail in recent threat reporting is an extremely welcome trend. But the reality is that longer/denser reports can place more burden on teams, if they’re attempting to (or leadership expects them to) thoroughly process each one

If you've felt like it's taking longer to get through a typical CTI report lately, you're not wrong

Meet us in Iowa at the 2023 @QCCornCON on 10/5-7. @advemuian will be presenting "Using ATT&CK for Threat Profiling, Defensive Stacks, and Coverage Maps" and "Mind the Gap: From CTI to Defensive Improvements." Use code "TID25" for 25% off! corncon.net #mitreattack

@jamieantisocial Big hill to climb but confident they’ll summit 🫡

@IntelScott objective transparency & conciseness + usability are certainly tough to ⚖️😅 I'm curious to see what the current team does next

this view is neat attackevals.mitre-engenuity.org/enterprise/tec…

Wholeheartedly believe that most in the #threatintel, #detectionengineering, and #adversaryemulation spaces can benefit by bookmarking this free-to-use tool as we push regular updates into the platform

@rafaelgrobinson Thanks for sharing! So glad it was useful

@Cyb3rMonk Important points worth remembering. It will always be reactive by nature, but we see a lot more timely, TTP-focused CTI these days, and we've started to capture it in our knowledge base to help address the recency gap (some good examples on our homepage: app.tidalcyber.com)

Friendly reminder #ThreatHunting #DetectionEngineering #MITRE posts.bluraven.io/an-alternative…

NEW Community Edition content derives from @CISAgov's detailed new advisory. Start w/ the new Campaign object, pivot to dozens of new & updated Tools, Malware, & @MITREattack Technique relationships just added: app.tidalcyber.com/campaigns/d25f…

The value here is organizing the exercise around a recent, prominent threat - recently enhanced Search in @TidalCyber Community Edition helps quickly surface relevant content, & pivoting on mapped @MITREattack techniques expands focus to include variations on observed procedures

A set of mini purple team exercises involved a typical cast of characters including @redcanary #AtomicRedTeam tests + @sigma_hq rules run via Chainsaw on logs configured via @olafhartong's Sysmon-Modular config Ultimately we contributed a new test aligned with an existing rule

New blog is out, walking through practical workflows for detecting & testing persistence behaviors used by #FlaxTyphoon #APT, entirely via free/community resources tidalcyber.com/blog/detecting…