heise+ | Cyberangriffe ohne Malware: Living off the Land | iX Magazin https://www.heise.de/hintergrund/Cyberangriffe-ohne-Malware-Living-off-the-Land-10348800.html #heiseplus #LoTL #LOL #CyberCrime #Hacking

Popular Medusa Ransomware utilizes many LOTL (Living of the Land) techniques - CISA https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-071a #cybersecurity #ransomware #Medusa #LOTL #Windows #CISA

for Route53 fanbois out there such as myself, I wrote a dynamic dns client under living off the land constraints.

#ddns #aws #lotl

https://www.new23d.com/living-off-the-land-dynamic-dns-for-route-53/

"Living off the Land (LOTL) attacks: How North Korea’s Lazarus Group Hackers Exploited Windows" published by SystemWeakness. #LOTL, #Lazarus, #DPRK, #CTI https://systemweakness.com/living-off-the-land-lotl-attacks-how-north-korea-lazarus-group-hackers-exploited-windows-a46ee8fb945f

More food for thought... Human operated attacks can be hard to detect.

Especially if they are of the #LOTL variety.

Or perhaps not hard to detect, but tricky to adjudicate. This is why an MDR service is valuable.
1/3

Was looking for a good Awesome list on Living Off the Land ( #LOL #LOtL ) tools/techniques. Found some helpful sites / repos but either nothing I could contribute to or it was limited.

So... I made one: https://github.com/danzek/awesome-lol-commonly-abused

Contributions welcome, whether by replying to this post or sending a PR on GitHub.

#lolbins #lolbas

🔍 "If you can’t see what’s happening on your network, you can’t defend it." – Brian Dye, CEO of Corelight.

What if the biggest threat isn’t something from outside, but something that’s already inside your network?

In the latest episode of Exploring Information Security, Brian Dye discusses with Timothy De Block the challenge of detecting Living off the Land (#LotL) attacks, why gaining complete network visibility is crucial for defending against these evolving threats, and much more... 👀

🎧 Catch the full episode here: https://exploresec.com/eis/2024/1/2/shownotes-template-y3ecp-l5yfp-7d4gw

#Cybersecurity #NetworkSecurity #NDR #podcast

Wer ist noch beim #Lordfest in der #sporthallehamburg ?

#lotl #lordofthelost #hamburg

Mift, wir werden es vermutlich aus gesundheitlichen Gründen nicht zum #Lordfest in #Hamburg am 14. Dez schaffen.

Mag jemand unsere beiden Tickets für 50 EUR + Versand übernehmen?

Bitte teilen 🙏

Edit: Schade, verfallen nun 😶

Versand per Einwurf-Einschreiben oder Abholung #Freudenstadt

#lotl #LordOfTheLost

Living off the Land: разбор задания от экспертов F.A.C.C.T. на CyberCamp2024

Привет Хабр! На связи Владислав Азерский , заместитель руководителя Лаборатории цифровой криминалистики компании F.A.C.C.T. и Иван Грузд , ведущий специалист по реагированию на инциденты и цифровой криминалистике компании F.A.C.C.T. В начале октября мы приняли участие в практической конференции по кибербезопасности CyberCamp 2024 в качестве спикеров. Ссылки на доклады вот и вот. Имея опыт в области реагирования на инциденты ИБ, было принято решение сфокусировать темы докладов на одном из наиболее популярных подходов к реализации современных атак среди злоумышленников – Living off the Land (LotL). Он подразумевает собой использование легитимных программ и инструментов для реализации задач на разных этапах атаки, будь то распространение по сети или выполнение команд на скомпрометированном устройстве.

https://habr.com/ru/companies/f_a_c_c_t/articles/861142/

#cybercamp_2024 #форензика #LotL #living_off_the_land #компьютерная_криминалистика #киберучения

NSA's Essential Guide to Combat Living Off the Land Attacks - https://www.redpacketsecurity.com/nsa-releases-guide-to-combat-living-off-the-land-attacks/

#threatintel #cybersecurity #NSA #LOTL

Reminder an mich: Wenn ich nächstes Mal mit meinen Earbuds beim Straßenkehren versehentlich zu dem #LOTL Song mitsinge, sollte ich ne Antwort parat haben, wenn mich mein Nachbar fragt „Wem denn?“…🙈

Wobei „PolitTalks“ als Antwort naheliegend gewesen wäre.😜

Schönes WE!
https://www.youtube.com/watch?v=_x-87xd_91w

I recently read this CISA + Joint Guidance on Living Off The Land Techniques (LOTL). The guidance put out talks about identifying and mitigating LOTL techniques, but if we're going to be honest - it wasn't anything ground breaking. However I think it goes to show that the basic hardening techniques may go a long way.

I agree and acknowledge that identifying may be difficult, but some of the mitigation techniques are pretty basic/elementary:

- change default admin settings & passwords
- remove unnecessary protocols
- Least privilege
- MFA
- UEBA

https://www.cisa.gov/resources-tools/resources/identifying-and-mitigating-living-land-techniques

#LOTL
#Hardening
#CISA

Visited the #lotl concert in #Stuttgart today and had a blast. Been years that I went to LKA Longhorn. Like.. dunno.. 20 or so? And nothing changed 😄

Show was great, felt familiar, what I really like. My personal highlight was “Unstoppable” (originally by Sia).

We did hear the struggle in the voice though. Band just recovered from Covid apparently. Hope they don’t overdo it 😅

Anyway, for the curious: The set list “15 Years Of #LordOfTheLost” is available on Spotify at https://open.spotify.com/playlist/2yZvahybiLwDjDJUjldqef (yes yes Spotify evil).

https://beko.famkos.net/2024/04/21/15-years-of-lord-of-the-lost/

#LordOfTheLost #lotl #Stuttgart

Visited the #lotl concert in #Stuttgart today. Been years that I went to LKA Longhorn. Like.. dunno.. 20? And nothing changed 🥲

Show was great. We did hear the struggle in the voice tho. Band just recovered from Covid apparently. Hope they don't overdo it 🤔

#LordOfTheLost

Just had the best night in recent memory. Lord of the Lost are epic on stage! #lotl #lordofthelost #amsterdam #melkweg

2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed
https://www.malwarebytes.com/blog/awareness/2024/04/2024-state-of-malware-in-education-report-top-6-threats-to-k-12-and-higher-ed #malware #education #cyberthreats #kindergarten #HigherEducation #LOTL

Die Ohren klingen, die Stimme ist rau und mir tut alles weh. Es war so grandios gut. 🥰 #lotl

Как собрать контейнер и не вооружить хакера

Известно, что с контейнерами бывает огромное количество разнообразных проблем, в том числе, связанных с информационной безопасностью. Как их избежать и не дать взломщику лазеек в ваш сервис — разбираемся в этой статье. Привет, Хабр! Это Алексей Федулаев и Антон Жаболенко из Wildberries. Мы работаем в сфере информационной безопасности (ИБ) уже больше 10 лет.

https://habr.com/ru/companies/oleg-bunin/articles/799773/

#контейнеры #уязвимости #docker #cve #living_off_the_land #LotL #тестирование #харденинг #capabilities #apparmor