@CyberAlliance's latest joint analytic report is out and unveils the complex cyber threat landscape faced by NGOs. Learn about the primary threats and practical strategies to safeguard your operations. https://www.cyberthreatalliance.org/resources/assets/cyber-threats-to-ngos/
threatintelligence
Ever seen a single QR code that can lead you to two different URLs? 🤯
Christian Walther just demoed that. He merged two QR codes in such a way that each “pixel” can be interpreted as black or white, depending on angle, focus settings, or even plain luck. Same device, same scanner - yet sometimes you get https://mstdn.social/@isziaui, other times it’s https://github.com/cwalther.
While this is currently just a wicked proof-of-concept, it’s a red flag for possible future scams
Check full thread: https://mstdn.social/@isziaui/113874436953157913
#socialengineering #threatintel #threatintelligence #programming
Edited 180d ago
I just published the source code for my very naive #Python implementation for generating a node network based on MITRE Intrusion Sets and Techniques. It will output linked #Markdown files linking intrusion sets to their used techniques.
Perhaps someone finds it useful or interesting to experiment with.
Source code: https://github.com/cstromblad/markdown_node
I hinted at this in a thread started by @Viss where he asked for input on a few very likely malicious domains. Me @Viss @cR0w @neurovagrant and others did some OSINT fun work with a couple of the original domains.
It was this thread: https://mastodon.social/@Viss/114145122623079635
Now I posted a picture of a node network rendered in Obsidian and I hinted that perhaps Obsidian could be used as a poor mans version of performing threat intelligence work.
