Cyberthreat intelligence (CTI) is a very complex topic within the realm of cybersecurity. CTI is not as simple as just downloading some indicators of compromise (IOCs) from the Internet anymore. CTI has many facets now to include jobs, policies, procedures, varying types, tools, and organizations.
Purple Teaming is a concept where both red and blue teams within an organization work closely together for better security. The improvement to an organization’s security through purple teaming comes from continuous collaboration, knowledge sharing, and feedback with one another. Purple teaming can seen as one-time events or a continuous effort within an organization.
Cyber threat intelligence (CTI) sharing is the process of sharing CTI like threat actor profiles and indicators of compromise between organizations, especially those within the same industry. CTI sharing promotes the exchange of this information between like-minded organizations to make an entire sector more secure as a whole.
MITRE ATT&CK has become a major centerpiece of the cyber security industry over recent years. In addition to MITRE ATT&CK, there are other similar matrix frameworks made by MITRE that can be used in addition to ATT&CK to improve cybersecurity operations.
Cyberthreat intelligence (CTI) is a very important component of any organization’s security operations center (SOC). A SOC usually handles many facets of security detection, analysis, and response, so CTI helps inform these processes to make them more effective.
Cyberthreat intelligence (CTI) can be defined as “an analysis of an adversary’s intent, opportunity, and capability to do harm”. CTI might encompass knowledge of a specific cyber incident, trends for different threat actors, or even just new security vulnerabilities that are opportunities for adversaries.
This is my write-up for the Paper machine on HackTheBox that just retired! Here I detail the penetration testing steps taken to scan, exploit, and privilege escalate on this target machine. This box is special because it makes use of an exploit I’ve developed in my UNICORD project. This machine is categorized as easy difficulty and was retired on June 18th, 2022.
This is my write-up for the Timing machine on HackTheBox that just retired! Here I detail the penetration testing steps taken to scan, exploit, and privilege escalate on this target machine. This machine is categorized as easy difficulty and was retired on June 4th, 2022.
This is my write-up for the Pandora machine on HackTheBox that just retired! Here I detail the penetration testing steps taken to scan, exploit, and privilege escalate on this target machine. This machine is categorized as easy difficulty and was retired on May 21, 2022.
Let’s cover a basic coding data structure: stacks. Stacks are a basic data structure that are like lists and arrays, but have a last in, first out (LIFO) property when adding and removing elements. Elements in a stack can either be “pushed” onto the stack to be added, or “popped” from the stack to be removed. A classic example is a heavy stack of dishes where plates can only be added and removed from the top.