Sign in Subscribe
1 min read Newsletter

Sources & Methods Newsletter #4 - December 2022

With the timing of this issue, I decided to include more articles and tools than usual as a way to say thank you for being a subscriber of this humble newsletter. I hope your holidays are restful and fun. See you in 2023!

📁 Sources

Public IPFS Gateway list - Web gateways you may observe being used to access content via IPFS, like malware or phishing landing pages.

📰 Articles

Intelligence Failures of Lincoln’s Top Spies: What CTI Analysts Can Learn From the Civil War #intelligence #history

Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns #infrastructure #trends

The Move To Mastodon: Tips and Tricks #osint #socmint

4 hiring tips for building a cyber threat intelligence team #team #hiring

Vertex Synapse: Rapid Power-Up Development #tools #development

Using OpenAI Chat to Generate Phishing Campaigns #trends #phishing

Old Services, New Tricks: Cloud Metadata Abuse by UNC2903 #analysis #cloud

OpenCTI Ecosystem Snapshot #tools #enrichment

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself #ecosystems #ransomware

🛠 Tools

PhoneInfoga

github.com/sundowndev/phoneinfoga

PhoneInfoga is an information gathering framework for phone numbers.

cti-stix-visualization

github.com/oasis-open/cti-stix-visualization

cti-stix-visualization is a JavaScript library for turning STIX 2.0+ object and relationship data into nice visualizations.

manuka

github.com/spaceraccoon/manuka

Manuka is an honeypot focused on the tricky task of detecting reconnaissance by adversaries by seeding OSINT data for them to find.

webpage2attack

github.com/tropChaud/webpage2attack

Here's a simple Python script that extracts MITRE ATT&CK Technique IDs from web-based reports and generates JSON you can load into the ATT&CK Navigator.

pygreynoise

github.com/GreyNoise-Intelligence/pygreynoise

pygreynoise is both a command line tool and Python library you can use to integrate with GreyNoise.

obsidian-jupyter

github.com/tillahoffmann/obsidian-jupyter

Yet another handy plugin for Obsidian—now you can embed runnable Python code in your notes like a Jupyter notebook.

💡 Tip

ENISA have shared their Threat Landscape Methodology for everyone to read and incorporate in their own threat landscape analysis.

Published by:

Matthew Conway

You might also like...

Mar
10

Sources & Methods Newsletter #17 - March 2024

📁 Sources Cloud Threat Landscape - Cloud-focused compilation of incidents, targeted tech, threat groups, tools, and techniques. Maintained by Wiz, who
2 min read
Jan
29

Sources & Methods Newsletter #16 - January 2024

Happy New Year! I hope your holidays were restful and you're ready to get back to it. At
2 min read
Dec
22

Sources & Methods Newsletter #15 - December 2023

I hope everyone had a great year—it was for Sources & Methods: * Moved the newsletter to Ghost.io to
3 min read
Nov
22

Sources & Methods Newsletter #14 - November 2023

Have questions or suggestions? Send them my way at sources.methods@protonmail.com. Thanks for reading, Matthew Conway (@mattreduce) 📁 Sources
2 min read
Oct
17

Sources & Methods Newsletter #13 - October 2023

📁 Sources Living off the Foreign Land Cmdlets and Binaries - In the style of LOLBins, a collection of trusted Microsoft
2 min read

Member discussion