The SOC-Class is a niche course on cybersecurity operations, training CISOs, SOC Managers, and technical leads to build and excel in Cybersecurity Operations Centers SOCs/CSOCs. This use case development methodology is one of the approaches discussed in the course and is intended to provide a framework for mature and repeatable construction of engineered detections.
A common tactic seen used in Phishing campaigns today is to embed the phish within Google's Firebase Cloud Storage platform called Firebase. Follow along with this workflow to analyze some phishing lures.
Since YARA rule creation is a highly valuable skill set we approach the lessons slowly, think of "baby steps" from the movie "What About Bob?" as the approach. In keeping the spirit of the process, we feel that the next natural step to take is to learn about the different components that make up the rules and focus on how they are constructed.
This is the first post in an ongoing series about YARA and its exceptional ability to carve inside of binaries, documents, photos, and other types of files to uncover and match patterns. The additional posts in the series will give anyone who is thinking about gaining YARA skills the ability to start from scratch and get comfortable with the tool's functionality. Each post will advance in skill level and include some of the personal and professional standards we follow to instill good habits early on in the learning process.
ThreatIngestor helps you collect threat intelligence from public feeds, and gives you context on that intelligence so you can research it further, and put it to use protecting yourself or your organization. In this post, we will go through the process of making a twitter bot.