Day one of @mitreattack #attackcon. Iām excited to be back in the DC area and looking forward to speaking with my coworker James Nutland on Akira ransomware. I hope you enjoy!
#ATTACKcon
Exciting news! š£ Join me at ATT&CK CON 4.0 on October 24-25, 2023, in McLean, VA or online. I'll be presenting alongside my colleague Michael Raggi from Mandiant/Google Cloud. We're unveiling a groundbreaking technique, never seen before, exploiting the .lnk shortcut format. Don't miss out! Register here: [Registration Link](https://na.eventscloud.com/website/58627/) #ATTACKCON #malwareresearch
#attackcon 4.0
It's coming!
Quick recap MITRE ATT&CK con with several projects and repositories to check out, some ideas and notes also https://hannahsuarez.github.io/2019/mitre-attackcon-2019/
Whew! Just finished watching/listening to a 6 hour livestream of MITRE #ATTACKcon (while working). Lots of new ideas and projects to look into.
Tomorrow doing a cloud #security workshop (all day, online).
#ATTACKcon on #purpleteam-ing -- Focus on a single TTP. Rapid emulation and validation allows for more rapid response against high threat activity. Instead of a large engagement, determine if it's an event trigger/s make sure you are covered. (Emma MacMullan, Federal Reserve)
Very nice approach, to go small. No wonder it came out as a response to working in a large enterprise like Federal Reserve.
Livestream: https://www.youtube.com/watch?v=L3KxKAGSJp4&feature=youtu.be
#ATTACKcon #watchparty Another good visualization is to think of the MITRE ATT&CK Framework as a periodic table of elements, where a mixture of particular elements (ie tactics, techniques, etc) provide a chemical reaction
https://www.youtube.com/watch?v=L3KxKAGSJp4&feature=youtu.be
#ATTACKcon Check out http://mordor.readthedocs.io
The Mordor project provides pre-recorded security events generated by simulated adversarial techniques. The pre-recorded data is categorized by platforms, adversary groups, tactics and techniques defined by the Mitre ATT&CK Framework.
#ATTACKcon #watchparty #infosec #windows #eventlog Check out https://github.com/hunters-forge/api-to-event
A repo focused primarily on documenting the relationships between API functions and security events that get generated when using such functions.
Nawww I got a shoutout from Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE :flan_aww:
@TheGibson #attackcon #watchparty
11am EDT is "Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate Your Data Analytics!" by makers of HELK (https://github.com/Cyb3rWard0g/HELK)
TIL Misinfosec
The Misinfosec group is where misinformation and information security people meet and learn from each other.
Now listening to Day 2 of the #ATTACKcon livestream
I really like the idea have a threat/attack framework , and you visualize it like a board game. You land on a 'square' and you can do X, Y, Z.. I mean, not an actual -game board- but more like a visualization technique #ATTACKcon
We actually change the game for the adversary, maybe it's not tomorrow, maybe it's not next year, but we can get to the point where we're inside the adversary's decision loop. #ATTACKcon
"Advanced Persistent Defender" #ATTACKcon
Spent about 7 hours today with the MITRE #livestream learning about various defence techniques. Another full day of #ATTACKcon tomorrow.
There is at least a few things on my to do list incorporating that framework.
This is a first - #ATTACKcon presenter from Argentina is channelling 90s-00s Siouxsee & The Banshees goth vibes and I'm loving it.
#ATTACKcon Loving the whole Indiana Jones theme! "Raiders of the MITRE Framework: How to Build Your Own Threat Library"
Livestream: https://www.youtube.com/watch?v=xiUvOGr7Zfg
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst