I've been slowly learning to code in Python; mostly I've been using Learn Python the Hard Way. So, it was great to see Mike's post on Writeblocked.org with great useful Python links. Unfortunately, I missed that episode of the DFIR Online Meetup, but I'm thankful that he posted up all of his links.
Mike's links:
Link to Python resources.
edit 11/5/2013 to add:
A large list from GitHub
Google Developers
Think Python
Classes:
KhanAcadamy
CodeAcademy
MechanicalMooc
Udacity
edit 3/24/2014, to add from Harlan's blog:
World's Best Learning Center
80+ Best Free Python Tutorials/books
List of Free Python Books
Thursday, April 25, 2013
Tuesday, April 23, 2013
Verizon Data Breach Investigations Report and Insider Threats
The 2013 Verizon Data Breach Investigations Report (DBIR) is out and there is lots of excellent information. I have only had a chance to scan some of the information and read some of the analysis and posts. One post I took note of came from DarkReading and discussed the Insider Threat numbers.
You can read the post here.
The full 2013 DBIR can be found here.
You can read the post here.
The full 2013 DBIR can be found here.
Monday, April 22, 2013
Hostgator post on an insider attack
Another day, another insider attack. This one was detailed by Hostgator. The link is to the post from NakedSecurity and their writeup of the breach - and how the insider got caught.
Here's the story.
Here's the story.
Sunday, April 21, 2013
TechNiki describes an insider attack
The more companies share about the attacks and breaches, the more the community learns. This is good for the community for two reasons. One, we can all learn from actual incidents and two, the bad guys share intelligence - we should too. So, it was great to read TechNiki's account of an insider attack. Not good because it happened; but because we learned some of the insider controls that were breached.
This is a great write up, hopefully we can all learn something.
TechNiki's write up.
This is a great write up, hopefully we can all learn something.
TechNiki's write up.
Saturday, April 20, 2013
Breaking radio silence....new job!
I know it has been a while since I have posted here; but lots has changed. I have left the DoD contracting realm and moved on to a (very) large company where I work on their national incident response team. The team is big, and my specific group gathers intelligence on the current persistent threats and implements controls to thwart those threats. Of course, we're all incident handlers at heart, so when the alerts go off, we get dirty in the incident response process.
I absolutely love it. Along with my other duties, I'll be delving into intrusion detection; something I do not have much experience doing. Because of who my employer is, I am not at liberty to discuss the specifics of what we do, the incidents we face, and any of the specific threats we are combating. A), I have a non-disclosure agreement. B) Obviously, I can't give away secrets that would aid the adversaries.
However, I plan to keep the blog alive, talk incident response, intrusion detection, the state of those niches in incident response, and other current security issues that fit that mold. Within incident response, I'm passionate about incidents dealing with the trusted insider - so there may be some posts in that vein.
Stay safe.
I absolutely love it. Along with my other duties, I'll be delving into intrusion detection; something I do not have much experience doing. Because of who my employer is, I am not at liberty to discuss the specifics of what we do, the incidents we face, and any of the specific threats we are combating. A), I have a non-disclosure agreement. B) Obviously, I can't give away secrets that would aid the adversaries.
However, I plan to keep the blog alive, talk incident response, intrusion detection, the state of those niches in incident response, and other current security issues that fit that mold. Within incident response, I'm passionate about incidents dealing with the trusted insider - so there may be some posts in that vein.
Stay safe.
Subscribe to:
Posts (Atom)
