TriOp update - version 1.5
· β˜• 1 min read
I’ve published version 1.5 of TriOp today. Besides the addition of several CVEs into the internal list of vulnerabilities, a new feature was also introduced, which enables automatic generation of Shodan queries for the current list of vulnerabilities from the CISA Known Exploited Vulnerabilities (KEV) Catalog...

Presentations from 67th TF-CSIRT meeting - Threat modeling with ATT&CK and How quickly do we patch?
· β˜• 1 min read
67th meeting of the TF-CSIRT community took place this week and I've had a chance to contribute to it with two presentations - one discussing the speed with which we apply patches (from a global standpoint), and another one, in which we looked at a basic approach to threat modeling using MITRE ATT&CK. If you would like to take a look at the slides, they are now available for download...

SANS ISC Diary - Traffic Light Protocol (TLP) 2.0 is here
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a new version of the Traffic Light Protocol standard, which was published by FIRST earlier this week…

SANS ISC Diary - EternalBlue 5 years after WannaCry and NotPetya
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the number of internet-exposed systems that are still vulnerable to the EternalBlue exploit…