Recent searches

No recent searches

Search options

Only available when logged in.
sigmoid.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A social space for people researching, working with, or just interested in AI!

Administered by:

Server stats:

595
active users

sigmoid.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.2

#soc

2 posts2 participants0 posts today
Brian Greenberg :verified:

Scattered Spider 🕷️ a loosely structured collective of young English‑speaking attackers, has re‑emerged in recent months, hitting airlines, insurers, and retailers. Its primary edge remains social engineering, especially with help‑desk impersonation and MFA bypass. What stands out is their agility. They treat industries like clusters, learning system platforms and then striking multiple targets in quick succession, a tactical shift in ransomware campaigns. Frankly, it feels like our defense is still catching up. The weakest link... us. 🤷🏻‍♂️ 🫵

TL;DR
🕷️ Excellent Social engineering competence
⚠️ Airlines added to target sectors
🔄 Cluster targeting by industry
🧠 Reemergence after 2024 slowdown

wired.com/story/scattered-spid
#ScatteredSpider #Cybersecurity #ThreatIntelligence #SOC #Ransomware #security #privacy #cloud #infosec #SocialEngineering

WIRED · A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right NowBy Matt Burgess
Yann Sionneau

SucréLA open-source sw/hw/gateware Logic Analyzer now supports a new exciting feature: x2 and x4 oversampling ! 🥳

Meaning that while the capture pipeline in the SoC runs @ X MHz on N probes, it can now also sample:
* N/2 probes @ 2*X MHz 😍
or
* N/4 probes @ 4*X MHz 🥵

While continuously streaming data to the host PC running sigrok/PulseView via USB 3.0 ⚡

Wanna see how this feature has been developed? 🫣

gitlab.com/yannsionneau/SucreL 🤓

#opensource#fpga#ecp5
Kunai Project

📢 Exciting Announcement! 📢

Join us tomorrow at 14:00 CET for the Kunai Workshop Virtual Summer School (VSS) organized by CIRCL! 🌟

🔍 What You'll Learn:
- The basics of Kunai
- Using Kunai tools (github.com/kunai-project/pykun)
- Configuring Kunai with MISP IoCs
- Building advanced log filtering and detection rules
- How to use Kunai and Yara

📝 Program and Prerequisites:
Make sure to check out the program and complete the prerequisites before joining: github.com/kunai-project/works

🌐 How to Join VSS: circl.lu/pub/vss-2025/

🎓 Don't miss this opportunity to enhance your skills with Kunai! See you there! 🚀

#Linux#ThreatHunting#SOC
Continued thread
Chris Sanders 🔎 🧠

Playbooks don't replace or restrict analysts; however, they can help them perform more thorough investigations. Creating and using them also serves as an excellent learning tool. I hope this standard and its adoption will help folks along that path. #SOC #DFIR

Replied in thread
*
Kevin Karhan :verified:

@cleverboi @FandaSin @BrodieOnLinux @neal as for #i386 I understood why cuz it was more and more painful m, but the problem with #i486 is that in several #embedded and #industrial setups there are still newly deloyed systems based off it.

I.e. #Vortex86 #SoC's cuz #MSDOS and shit still gets used in #industrial equipment.

  • And #Linux is kinda necessary to keep that rollin'...

Linux stopped supporting i386 with versions 3.4.99 (longterm) & 3.6.9 respectably.

  • And unlike with i386 where none of the toolchain (#musl) and utilities (#toybox) supoort it, i486 is still supported there.

And I really want to continue developing a minimalist "rescue" distro that can handle such legacy hardware because it may be the only option to ddrescue stuff from certain systems or to properly & reproduceably backup & restore them!

*
Kunai Project

🚀 New Blog Post: Kunai vs io_uring (why.kunai.rocks/blog/kunai-vs-) 🚀

💡 Ever wondered how io_uring revolutionizes I/O operations in the Linux kernel? Inspired by Armo's blog post (armosec.io/blog/io_uring-rootk) about a PoC rootkit using io_uring, we explored this feature's security implications and how tools like Kunai can monitor these operations.

🔍 Key Takeaways:
🔹 io_uring boosts I/O performance by reducing system call overhead and enabling asynchronous operations
🔹 Security tools struggle to monitor io_uring due to its unique handling of operations
🔹 Kunai now provides visibility into io_uring operations, though blocking malicious activities remains challenging
🔹 Recent kernel versions have introduced auditing and security controls for io_uring, but these are still limited

📖 Read more: why.kunai.rocks/blog/kunai-vs-

why.kunai.rocks · Kunai vs io_uring | KunaiIntroduction
#Linux#io_uring#Security
Replied in thread
*
Kevin Karhan :verified:

@sodiboo @tauon @puppygirlhornypost2 @silly I don't think it's much of a "#freedom" on #iOS but rather that the few devices and OS versions in circulation, alongside everyone from #jailbreaker to #malware (espechally #govware #developers) want to crack it open result in way more personnel and money behind it.

  • OFC the fact that the #Android experience is worse from that POV is the lack of #regulation re: #repairability and #openness that would make shit work. Most cheap #phones are done with even cheaper #SoC's by manufacturers who can't be assed (or frankly don't give a shit at all!) when it comes to #Linux #mainline support. (I mean, you've seen the video where @SexyCyborg demanded a vendor to give her the sourcecode as per #GPLv2 for her device?)

Granted @GrapheneOS does limit their support to devices that can comply with their #security standards.

  • The issues are mostly caused by hostile app developers that specifically decided to knee-jerk their users / customers for no good reason.

I do wish for both vendors like #Fairphone to up their game and regulators like @EUCommission to actually push for more #transparency, #openness and #LongTermSupport of #Smartphones, because #ManufacturedEwaste like #SOYES, #WiKo, #Unihertz and others that ship #outdated #AndroidDevices and never even a single update are a major problem!

  • I don't blame projects like @LineageOS that they can't cover every device & SoC even tho they propably have the widest compatibility, I just think that there needs to be pressure that manufacturers don't just vomit stuff on the market and let customers frustratingly figure out the rest.

I do have to give #Apple credit where it is due, and that is that #iOS does have consistency and accessibility nailed down very well. Something that they obviously are able being the "#BenevolentDictator" of a #SingleVendor & #SingleProvider - platform.

  • Obviously since they are the #vendor for #hardware and the sole ["legitimate" / official] #distributor for any #Apps they do OFC cross-finance their relatively long #support with their 15-30% cut from #App #sales & #InAppPurchase|s they charge, which is why #AndroidPhones suffer the "#3DO syndrome": Needing to charge more since they only get to make money once with hardware sales and not after that, so there's no incentive for them to give a shit beyond "brand value" to care. #Google, #Samsing, #Fairphone and very few others do, but most don't as they close the books on the product once launched and sold out (angrily stares at Unihertz)...

Maybe one day the folks at @frameworkcomputer acquire Fairphone and decide to bring the same modularity to #Smartphones and get something done that makes it easy to maintain long-term and that even #GrapheneOS are willing to support.

#enshittification
megabyteGhost

Found a $1000 #OSINT certification I signed up for back in November 2019 I never finished and completely forgot about somehow. Working on that now.

Also applied for 2 entry level OSINT related jobs and one entry level #SOC job even tho I don’t know any of that stuff but have tons of books and a few courses…I can learn it quick (and I was honest in the cover letter)

TrendingLive feeds
About