Jobber du med infrastruktur (både fysisk og digital), beredskap, energiforsyning så lytt på #podcast fra #NSM https://nsm.no/hold-deg-oppdatert/podcaster/

Key Network Questions -  I wrote this on 7 December 2018 but never published it until today. The following... https://taosecurity.blogspot.com/2023/06/key-network-questions.html #nsm

The U.S. State Department has made a determination approving a possible Foreign Military Sale to the Government of Latvia of Naval Strike Missile Coastal Defense System

https://mil.in.ua/en/news/foreign-military-sale-to-the-government-of-latvia-of-naval-strike-missile-coastal-defense-system-agreed/

#Latvia #USA #NSM #AShM

RT from Navy Recognition (@NavyRecognition)

#US approves sale to #Latvia of #NavalStrikeMissile #NSM #CoastalDefense System

https://www.navyrecognition.com/index.php/naval-news/naval-news-archive/2023/may1/13118-us-approves-sale-to-latvia-of-naval-strike-missile-coastal-defense-system.html

Original tweet : https://twitter.com/NavyRecognition/status/1653761122200059904

Australia plans to launch its own production of guided missiles within the next two years, two years sooner than expected

https://mil.in.ua/en/news/australia-plans-to-launch-the-production-of-guided-missiles-by-2025/

#Australia #PacificOcean #China #NSM #IndoPacific

@dufthummel das sieht nach #NSM aus. Oder ist das #fdp

If you're keen to learn more about #NetworkForensics or #NSM's, blogs like this which walk you through using #SecurityOnion, with a malicious sample from the wild, are great to practice your skills.

#DFIR

https://blog.securityonion.net/2023/02/quick-malware-analysis-fakebat-redline.html

The first Royal Navy warship to receive Norwegian NSM anti-ship missiles became the HMS Somerset (F 82) Type 23 frigate https://mil.in.ua/en/news/first-british-frigate-armed-with-nsm-missiles-instead-of-harpoon/ #UK #NAVY #Type23 #Frigate #NSM #Harpoon

https://twitter.com/militarnyi_en/status/1620044065948717059

Reposted from Twitter by @nafobot

#ukraine

🇬🇧Першим кораблем Королівського флоту Великої Британії, який отримав норвезькі протикорабельні ракети #NSM, став фрегат HMS Somerset

Нові ракети приходять на зміну американським Harpoon

https://mil.in.ua/uk/news/na-pershyj-brytanskyj-fregat-vstanovyly-nsm-zamist-harpoon/

#Флот #ВеликаБританія #Світ

@zeek matters because it is literally the codification of the security principle "prevention eventually fails."

Defenders often do not know how adversary activity will specifically manifest on the network.

By summarizing traffic, extracting key data, and deriving insights, Zeek provides the network evidence defenders need to interdict intruders before they accomplish their mission.

Note: Zeek offers 2 of 4 elements of #NetworkSecurityMonitoring data (transaction logs and extracted files). #NSM also requires alerts and pcap. Furthermore, NSM data works with third party sources, infrastructure/application logs, and endpoint data.

What do y'all think about a #C2 detection series including #SecurityOnion and #Velociraptor, illustrating the compliments and differences of host and network-based detection and response?

#BruteRatel
#CobaltStrike
#DFIR
#ESM
#Havoc
#Infosec
#NSM
#Sliver
#Sysmon

In 2023, the Ministry of Defense of Latvia plans to sign a contract for the purchase of Naval Strike Missile (NSM) coastal defense systems https://mil.in.ua/en/news/latvia-plans-to-purchase-nsm-coastal-defense-systems/ #Latvia #NATO #NSM #Missile

https://twitter.com/militarnyi_en/status/1607390544824614912

Reposted from Twitter by @nafobot

#ukraine

Interestingly enough, the second bot, GoTrim uses a very unique user-agent for doing external IP address checks against a number of "what's my IP address" services, with a very unique user-agent: go-external-ip

We already have a rule for that -- 2030468 go-external-ip library User-Agent

#Malware #Ransomware #ThreatIntel #iocs #iocexchange #Snort #Suricata #NSM #ThreatHunting #GoTrim #CIARansomware

Where'd them packets go?
#happyholidays #netsec #blueteam #nsm

Where'd them packets go?
#happyholidays #netsec #blueteam #nsm

The Norwegian company Kongsberg Defense & Aerospace AS has been awarded a 1 350 million NOK ($138,650,000) contract by Raytheon Missiles & Defense for delivery of the Naval Strike Missile Coastal Defence System to Romania https://mil.in.ua/en/news/romania-ordered-nsm-coastal-defense-systems-from-kongsberg-and-raytheon/ #Romania #NSM #Kongsberg

https://twitter.com/militarnyi_en/status/1603116515947151368

Reposted from Twitter by @nafobot

#ukraine

In honor of some unique activity I've seen recently, I put together some rules today that will be in the ET HUNTING category. These are rules that will capture output from Windows terminal banners (cmd.exe and powershell), as well as output from the powershell command Get-ComputerInfo encoded in decimal notation.

So decimal notation is nothing new -- most of you have probably observed powershell, js, cscript, vbscripts, etc. attempting to load an array of decimal encoded hex values and transform it into raw hex so that it becomes an executable payload, as a part of a multi-stage attack, or to evade network/host-based defenses.

Recently, I was shown that there are tools that can use decimal encoding for command outputs. Its easy enough to decimal encode input, made even easier for lazy asses like me with cyberchef, so I made some rules for some relatively common bad output you probably don't want to see going outbound, and just decimal encoded it.

Also, I hope you enjoy dynamic DNS hunting, as our ruleset for dynamic DNS providers has grown explosively thanks to efforts from the rest of our team.

#NSM #Snort #Suricata #Malware #ThreatIntel #Obfuscation

📰 Hot off the press 📰
---------------------------------------
I wrote this article for PowerGrid International magazine and it is to help folks with tuning their ICS /OT / SCADA network security monitoring alerts. 🛠️📉 You don't have to reinvent the wheel!

***If ICS NSM is in your responsibility, please read this article (link below) I would love to get your feedback.***

Documentation about tuning ICS NSM systems are rare. ICS NSM solution documentation tends to focus on how to turn on and off the baseline feature, and not go into specifics about how to fine tune the system.

If you buy an ICS NSM solution and forget it, it will be useless. If a vendor says their sensor/IDS requires no tuning, they are lying to you. An unmanaged and untuned ICS NSM or IDS will create floods of alerts, nuisance alerts, and contributes to alert fatigue for your engineers and SOC analysts.

Thank you!

📰: When fine-tuning your cybersecurity alerts, it’s best to focus on the basics
https://www.power-grid.com/td/when-fine-tuning-your-cybersecurity-alerts-its-best-to-focus-on-the-basics/

#ICS #OT #SCADA #icssecurity #otsecurity #networksecuritymonitoring #NSM #IDS #SOC #SOCAnalysts #BlueTeam #tuning

FFAA #España actualiza su arsenal con la compra de misiles #NSM para las fragatas #F100 & #F110 y #Brimstone para la flota de #Eurofighter. #toottest

HIRING: Senior Reverse Engineer / Remote - USA https://infosec-jobs.com/J19476/ #InfoSec #InfoSecJobs #Cybersecurity #jobsearch #hiringnow #CyberCareer #RemoteJob #Analytics #Encryption #Ghidra #ICS #Industrial #Lua #Metasploit #NSM #Python #Redteam #Reverseengineering #Ruby