CISO2CISO.COM & CYBER SECURITY GROUP

THREAT INTELLIGENCE Notepads & resources
socprime.com
moveit-transfer-critical-vulnerability-detection:-a-new-zero-day-actively-exploited-by-threat-actors-to-steal-data-from-organizations-–-source:-socprime.com
MOVEit Transfer Critical Vulnerability Detection: A New Zero-Day Actively Exploited By Threat Actors to Steal...
socprime.com
detect-smokeloader-malware:-uac-0006-strikes-again-to-target-ukraine-in-a-series-of-phishing-attacks-–-source:-socprime.com
Detect SmokeLoader Malware: UAC-0006 Strikes Again to Target Ukraine in a Series of Phishing Attacks...
socprime.com
cve-2023-2825-exploit-detection:-gitlab-urges-users-to-promptly-patch-a-maximum-severity-flaw-–-source:-socprime.com
CVE-2023-2825 Exploit Detection: GitLab Urges Users to Promptly Patch a Maximum Severity Flaw – Source:...
not known
Threat Intelligence & Dark web Monitoring Tools
SHADOW DRAGON
A Practical Guide for OSINT Investigators to Combat Disinformation and Fake Reviews Driven by AI...
Rahmat Nurfauzi "@infosecn1nja"
Red Team Security Open Source Toolkit
socprime.com
chinese-state-sponsored-cyber-actor-detection:-joint-cybersecurity-advisory-(csa)-aa23-144a-sheds-light-on-stealty-activity-by-volt-typhoon-targeting-us-critical-infrastructure-–-source:-socprime.com
Chinese State-Sponsored Cyber Actor Detection: Joint Cybersecurity Advisory (CSA) AA23-144a Sheds Light on Stealty Activity...
BlackBerry CyberSecurity
BlackBerry Cybersecurity Global Threat Intelligence Report April-2023 Edition
socprime.com
uac-0063-cyber-espionage-activity-detection:-hackers-target-organizations-in-ukraine,-kazakhstan,-kyrgyzstan,-mongolia,-izrael,-and-india-to-gather-intelligence-–-source:-socprime.com
UAC-0063 Cyber-Espionage Activity Detection: Hackers Target Organizations in Ukraine, Kazakhstan, Kyrgyzstan, Mongolia, Izrael, and India...
SONICWALL
2023 SONICWALL CYBER THREAT REPORT – Charting Cybercrime´s Shifting Frontlines
FATF
Countering Ransomware Financing – FATF Report March 2023
socprime.com
merdoor-malware-detection:-lancefly-apt-uses-a-stealthy-backdoor-in-long-running-attacks-against-organizations-in-south-and-southeast-asia-–-source:-socprime.com
Merdoor Malware Detection: Lancefly APT Uses a Stealthy Backdoor in Long-Running Attacks Against Organizations in...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection...
socprime.com
cve-2023-25717-detection:-new-malware-botnet-andoryubot-exploits-rce-flaw-in-the-ruckus-wireless-admin-panel-–-source:-socprime.com
CVE-2023-25717 Detection: New Malware Botnet AndoryuBot Exploits RCE Flaw in the Ruckus Wireless Admin Panel...
socprime.com
snake-malware-detection:-cyber-espionage-implant-leveraged-by-russia-affiliated-turla-apt-in-a-long-lasting-campaign-against-nato-countries-–-source:-socprime.com
Snake Malware Detection: Cyber-Espionage Implant Leveraged by russia-Affiliated Turla APT in a Long-Lasting Campaign Against...
socprime.com
detecting-abused-legitimate-tools-applied-by-hackers-in-the-human-operated-ransomware-attacks-–-source:-socprime.com
Detecting Abused Legitimate Tools Applied by Hackers in the Human-Operated Ransomware Attacks – Source: socprime.com
socprime.com
smokeloader-malware-detection:-uac-0006-group-reemerges-to-launch-phishing-attacks-against-ukraine-using-financial-subject-lures-–-source:-socprime.com
SmokeLoader Malware Detection: UAC-0006 Group Reemerges to Launch Phishing Attacks Against Ukraine Using Financial Subject...
exabean
The Ultimate Guide to Insider Threats eBook by exabeam
Apress
Wireshark for Network Forensics – An Essential Guide for IT and Cloud Professionals by Nagendra...
Orange Cyberdefense
Orange Cyberdefense Security Navigator 2023 – Research-driven insights to build a safer digital society
socprime.com
rokrat-detection:-malware-adopts-new-deployment-methods-relying-on-large-lnk-files-–-source:-socprime.com
ROKRAT Detection: Malware Adopts New Deployment Methods Relying on Large LNK Files – Source: socprime.com
socprime.com
winrar-as-cyberweapon:-uac-0165-targets-ukrainian-public-sector-with-roarbat-–-source:-socprime.com
WinRAR as Cyberweapon: UAC-0165 Targets Ukrainian Public Sector with RoarBat – Source: socprime.com
HeimdalSecurity.com
security-alert:-danish-customers-targeted-by-active-postnord-dk-phishing-campaign-–-source:-heimdalsecurity.com
SECURITY ALERT: Danish Customers Targeted by Active PostNord DK Phishing Campaign – Source: heimdalsecurity.com
BlackBerry CyberSecurity
Global Threat Intelligence Report – Delivering Actionable and Contextualized Intel to Increase Cyber Resilience by...
socprime.com
apt28-aka-uac-0001-group-leverages-phishing-emails-disguised-as-instructions-for-os-updates-targeting-ukrainian-state-bodies-–-source:-socprime.com
APT28 aka UAC-0001 Group Leverages Phishing Emails Disguised As Instructions for OS Updates Targeting Ukrainian...
socprime.com
CVE-2023-27524 Detection: New Vulnerability Exposes Thousands of Apache Superset Servers to RCE Attacks – Source:...
socprime.com
cve-2023-27350-exploit-detection:-critical-papercut-rce-vulnerability-added-to-the-cisa’s-known-exploited-vulnerabilities-catalog-–-source:-socprime.com
CVE-2023-27350 Exploit Detection: Critical PaperCut RCE Vulnerability Added to the CISA’s Known Exploited Vulnerabilities Catalog...
socprime.com
domino-malware-detection:-ex-conti-and-fin7-threat-actors-collaborate-to-spread-a-new-backdoor
Domino Malware Detection: Ex-Conti and FIN7 Threat Actors Collaborate to Spread a New Backdoor
socprime.com
lazarus-hacker-group-shifts-targets-and-applies-advanced-techniques-in-a-new-deathnote-campaign
Lazarus Hacker Group Shifts Targets and Applies Advanced Techniques in a New DeathNote Campaign
KELA INTELLIGENCE
Telegram – How a Messenger Turned into a Cybercrime Ecosystem by 2023 by Kela Cybercrime...
Cyborg Security
Threat Hunting Framework by Cyborg Security
socprime.com
guloader-detection:-malware-targets-us.-financial-organizations-via-phishing-emails
GuLoader Detection: Malware Targets U.S. Financial Organizations via Phishing Emails
Joas Antonio
OSINT – The Most Complete Open Source Intelligence Overview by Joas Antonio
PRASANNAKUMAR MUNDAS
Threat Hunting Playbooks for MITRE Tactics – Starting your first threat hunting today by PRASANNAKUMAR...
socprime.com
detect-cve-2023-28252-&-cve-2023-21554-exploitation-attempts:-windows-zero-day-actively-used-in-ransomware-attacks-and-a-critical-rce-flaw
Detect CVE-2023-28252 & CVE-2023-21554 Exploitation Attempts: Windows Zero-Day Actively Used in Ransomware Attacks and a...
osint - Open Source Intelligence
Awesome OSINT(Open-Source Intelligence) – Best curated list of amazingly awesome open source intelligence tools and...
Flashpoint
State of Cyber Threat Intelligence 2023 – A deep dive into perpetual cycles of cybercrime...
NACD - Intenet Security Alliance
Director´s Handbook on CYBER-RISK OVERSIGHT by NACD – Internet Security Alliance
Recorded Future
The Security Intelligence Handbook – How to Disrupt Adversaries and Reduce Risk with Security Intelligence...
Red Canary
2023 THREAT DETECTION REPORT – TECHNIQUES, TRENDS AND TAKEAWAYS BY Red Canary
socprime.com
darkcrystal-rat-malware-detection:-uac-0145-hackers-exploit unlicensed-microsoft-office-software-as-the-initial-attack-vector
DarkCrystal RAT Malware Detection: UAC-0145 Hackers Exploit Unlicensed Microsoft Office Software as the Initial Attack Vector
socprime.com
3cxdesktopapp-supply-chain-attack-detection:-active-intrusion-campaign-targeting-millions-of-3cx-customers
3CXDesktopApp Supply Chain Attack Detection: Active Intrusion Campaign Targeting Millions of 3CX Customers
socprime.com
detect-cve-2022-47986-exploits:-critical-pre-authenticated-remote-code-execution-vulnerability-in-ibm-aspera-faspex
Detect CVE-2022-47986 Exploits: Critical Pre-Authenticated Remote Code Execution Vulnerability in IBM Aspera Faspex
socprime.com
macstealer-macos-malware-detection:-novel-malicious-strain-steals-user-credentials-from-icloud-keychain
MacStealer macOS Malware Detection: Novel Malicious Strain Steals User Credentials from iCloud KeyChain
socprime.com
ferrari-data-breach-disclosed:-attackers-gain-access-to-the-company’s-network-while-demanding-ransom-to-prevent-data-leakage
Ferrari Data Breach Disclosed: Attackers Gain Access to the Company’s Network While Demanding Ransom to...
socprime.com
detect-cve-2023-23397-exploits:-critical-elevation-of-privilege-vulnerability-in-microsoft-outlook-leveraged-in-the-wild-to-target-european-government-and-military
Detect CVE-2023-23397 Exploits: Critical Elevation of Privilege Vulnerability in Microsoft Outlook Leveraged in the Wild...
socprime.com
blacklotus-uefi-bootkit-detection:-exploits-cve-2022-21894-to-bypass-uefi-secure-boot-and-disables-os-security-mechanisms
BlackLotus UEFI Bootkit Detection: Exploits CVE-2022-21894 to Bypass UEFI Secure Boot and Disables OS Security...
socprime.com
scrubcrypt-attack-detection:-8220-gang-applies-novel-malware-in-cryptojacking-operations-exploiting-oracle-weblogic-servers
ScrubCrypt Attack Detection: 8220 Gang Applies Novel Malware in Cryptojacking Operations Exploiting Oracle WebLogic Servers
socprime.com
on-the-frontline-of-the-global-cyber-war:-overview-of-major-russia-backed-apt-groups-targeting-ukraine-and-sigma-rules-to-proactively-defend-against-their-ttps
On the Frontline of the Global Cyber War: Overview of Major russia-backed APT Groups Targeting...
socprime.com
mqsttang-backdoor-detection:-new-custom-malware-by-mustang-panda-apt-actively-used-in-the-latest-campaign-against-government-entities- 
MQsTTang Backdoor Detection: New Custom Malware by Mustang Panda APT Actively Used in the Latest...
HeimdalSecurity.com
companies-affected-by-ransomware-[2022-2023]
Companies Affected by Ransomware [2022-2023]
MANDIANT
MANDIANT APT1 – Exposing One of Chinas Cyber Espionage Units
World Economic Forum
Global Cybersecurity Outlook 2023 Insight Report by WEF – World Economic Forum in collaboration with...
State service of Ukraine
Russia´s Cyber Tactics – Lessons Learnead 2022 by Information Protection of Ukraine
Microsoft Security
Threat Hunting Survival Guide by Microsoft Security Experts
CROWDSTRIKE
CROWDSTRIKE 2023 GLOBAL THREAT REPORT
CISA
Insider Threat Mitigation Guide by Cybersecurity Insfrastructure Security Agency
National Cyber Crime Agencie
Manual on Social Media Intelligence (SOCMINT) for Law Enforcement Agencies by National Cyber Crume Research...
Hague Centre Strategic Stud
Cyber Arms Watch An Analysis of Stated & Perceived Offensive Cyber Capabilities by The Hague...
PICUS
ILLUMINATING DARKSIDE – TTPs, Tools, and the Trend Towards Defense Evasion by PICUS
BONI YEAMIN
OPEN SOURCE SOC TOOLS BY BONI YEAMIN
ARCTIC WOLF
Definitive Guide to SOC as a Service – The Essential Elements of Advanced Threat Detection...
UK Government
Detecting the Unknown – A Guide to Threat Hunting by UK Government
ENDGAME
KERNEL MODE THREATS AND PRACTICAL DEFENSES BY Joe Desimone and Ganriel Landau – ENDGAME
Virusbulletin.com
LAZARUS AND BYOVD – EVIL TO THE WINDOWS CORE By Peter Kalnai – Matej Havranek...
CYBERSECURITY INSIDERS
THREAT HUNTING REPORT – Cybersecurity Insiders – DOMAINTOOLS 2021
PEERLYST
INTRUSION DETECTION GUIDE – The fields leading experts show exactly how to detect, deter, and...
Cencys
2022 State of the internet report by cencys
F-Secure Labs Hardware Security Team
THE FAKE CISCO – Hunting for backdoors in Counterfeit Cisco devices – by Dmitry Janushkevich...
RELIAQUEST
Threat Hunting 101 – A Framework for Building and Maturing a Proactive Threat Hunting Program...
MANDIANT
M-TRENDS 2022 Mandiant Special Report
MANDIANT
Remediation and Hardering Strategies for Microsoft 365 to Defend Against APT29 Group – Threat Intelligence...
sqrrl
HUNTPEDIA – Your Threat Hunting Knowledge Compendium by sqrrl
Joas Antonio
Ransomware Investigation (OSINT & HUNTING) Overview PT1 by Joas Antonio
OPEN RESEARCH SOCIETY
The Cyber Intelligence Analyst’s Cookbook by The OPEN RESEARCH SOCIETY
HADESS
Introduction to Doxing- OSINT methods for information gathering by HADESS
Microsoft
Microsoft Cyber Signal Report August 2022 edition – Extortion Economics – Ransomware´s new business model...
Pouyan Zamani
SNORT Rule Writing Guide by Pouyan Zamani
MORE RESOURCES
CISO Strategics
cyber operations & soc
red - blue & purple teams
THREAT INTELLIGENCE
VULNERABILITIES
CYBER ATTACKS
DATA BREACH
MALLWARE
RANSOMWARE
DDOS ATTACKS
CLOUD SECURITY
IOT SECURITY
ot security
devsecops
hacking
risk & compliance
governance
data privacy
MORE CISO2CISO RESOURCES LIBRARY TO VIEW
CISO Strategics
SOC OPERATIONS
THREAT INTELLIGENCE
vulnerabilities
cyber attacks
RansoNWARE
DDOS ATTACKS
RED - BLUE & PURPLE
DATA BREACH
DATA PRIVACY
CLOUD SECURITY
IOT - OT SECURITY
RISK & COMPLIANCE
DEVSECOPS