Photo by Dmitry Ratushny on Unsplash I spotted an article on the SANS InfoSec Handlers Diary Blog where the author described a tool for Security Operations Engineers named Sooty: TheresAFewConors/Sooty It’s a command line tool predominantly seeking to put the day to day tasks of analysing attacks and enterprise defence at the fingertips of the analyst. As a tool it is very task oriented, when you run it you are presented with a list of options:...
Photo by Sergiu Nista on Unsplash National Security vs. Privacy: Round 3 (Monday) T he battle between national security and privacy continues as the “Five Eyes”, plus India and Japan, reach out to technology firms pleading for ways to protect public safety. In the face of end-to-end encryption and other technologies nation states increasingly hitting brick walls when criminals use these services putting public safety at risk. This is an ongoing debate, and personally I tend to sit on the side of privacy and the personal protections it affords; however I think everyone recognises the need for public safety to some degree — I doubt this will get resolved any time soon....
Blue Screen of Death from Wikipedia Many IT administrators, DevOps, TechOps and SecOps in the UK woke up this morning, to a particularly nasty looking Patch Tuesday. Top of the chat is CVE-2020–16898 which has been dubbed Bad Neighbour by McAfee and Ping of Death by Sophos. Reality Check It’s worth realising that this particular CVE has no known exploits, however best case scenario a threat actor could craft a ICMPv6 packet to exploit the RDNSS component of the IPv6 stack built in tcp....