Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News – SWN #353

Doug White

1. Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V
2. New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
3. Mandiant X/Twitter hacker linked to $900K cryptocurrency phishing scheme
4. SEC X/Twitter account hack: How 2FA could have stopped SIM swap scam
5. Crooks pose as researchers to retarget ransomware victims
6. US to hospitals: Meet security standards or no federal money
7. From work devices to resumes: Resources to help you navigate a layoff
8. Surveyed drivers prefer low-tech cars over data-sharing ones

Aaran Leyland

1. Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats
   1. Zeek (formerly Bro): https://zeek.org/ - A powerful network traffic analyzer and intrusion detection system (IDS) that captures and analyzes full packet captures, enabling proactive threat hunting based on network behavior.
   2. Suricata: https://suricata.io/ - Open-source network IDS/IPS engine that monitors network traffic for indicators of compromise (IoCs) and other suspicious activity, offering real-time threat detection and prevention.
   3. Moloch: https://arkime.com/ - Large-scale full packet capture and search tool ideal for storing and analyzing massive amounts of network traffic data for retrospective threat investigations.
   4. Watcher: https://github.com/thalesgroup-cert/Watcher - Open-source threat hunting platform built with Django and ReactJS, providing a centralized hub for collecting, analyzing, and visualizing threat data to streamline proactive threat hunting efforts.
   5. TheHive Project: https://thehive-project.org/ - Open-source incident response platform that manages and responds to security incidents, integrating with various threat intelligence feeds for a holistic view of the threat landscape.
   6. MISP: https://github.com/MISP/MISP - Threat intelligence sharing platform enabling secure collaboration and data exchange between organizations to combat cyber threats collectively.
   7. TaxII: https://docs.oasis-open.org/cti/taxii/v2.1/csprd02/taxii-v2.1-csprd02.html - Standardized protocol for sharing threat intelligence data between different platforms and organizations, facilitating seamless information exchange for broader detection and mitigation efforts.
   8. Cortex Analyzers: https://github.com/TheHive-Project/Cortex-Analyzers - Collection of open-source threat intelligence analyzers for TheHive Project, enriching and analyzing threat data from various sources to enhance operational efficiency.
   9. Python Security Project: https://pypi.org/security/ - Extensive collection of open-source Python libraries for security researchers and developers, offering versatile tools for building custom security solutions and tools.