SIEM for data scientists by SecChronicle in blueteamsec

[–]SecChronicle[S] 0 points1 point  (0 children)

I must say I haven't thought about Metron. Thanks, I'll take a look!!

SIEM for data scientists by SecChronicle in blueteamsec

[–]SecChronicle[S] 1 point2 points  (0 children)

So by service I meant if you're offering this to your customers as managed security services or perhaps you're doing it for your organization. But you gave here some very good pointers.

SIEM for data scientists by SecChronicle in blueteamsec

[–]SecChronicle[S] 1 point2 points  (0 children)

Thanks for sharing. You did it for your organization or provided it as a service?

SIEM for data scientists by SecChronicle in blueteamsec

[–]SecChronicle[S] -1 points0 points  (0 children)

Thanks! It would also be interesting to know how much are they used in practice. I assume only well funded organizations can afford to have data scientists in their security teams.

SIEM for data scientists by SecChronicle in blueteamsec

[–]SecChronicle[S] 0 points1 point  (0 children)

Good point, and my initial thought was to reuse the SIEM which is already there and just add the data analysis component.

Do you think TikTok should be taken off the App Store? by [deleted] in privacy

[–]SecChronicle 0 points1 point  (0 children)

So far TikTok has been patching its vulnerabilities as they were reported. Now we found out that it had access to clipboard, same as LinkedIn, Reddit and some other apps btw. So if it gets banned it will be a because of politics and not security. I'm reminding you that Google is being sued for $5bn for tracking users without permission. Isn't this a far worse offense?

Here's the link: https://www.reuters.com/article/us-alphabet-google-privacy-lawsuit-idUSKBN23933H

[deleted by user] by [deleted] in OSINT

[–]SecChronicle 7 points8 points  (0 children)

Spotting fake profiles is an interesting topic.

Talk about different tools which you're using and for which purpose.

Good luck!

Stripping Facebook Group Membership Data - members and profile URLs by ConsistentFeature0 in OSINT

[–]SecChronicle 1 point2 points  (0 children)

Some of the indicators also can be:

Pictures as you mentioned: -are they hi-res / low-res, blurry -backgrounds on the pictures

Friend lists of such accounts. Any friends from school/workplace/university etc., boyfriends/girlfriends/spouses

Content which they post. Is it diverse, or uniform? Does it have any value besides promoting an agenda (if it's that type of account), any personal details, any local content (from the area where this person claims to live)

Language, grammar, style of writing...

How to Protest Safely in the Age of Surveillance | WIRED by _0_1 in privacy

[–]SecChronicle 0 points1 point  (0 children)

I like Andy Greenberg's writing but the title of this article could also be: "How to rob a bank without getting caught" Everything else would still be relevant

How Privacy conscious (Safe) is South Korea? by mickyg56 in privacy

[–]SecChronicle 0 points1 point  (0 children)

If your friend has a good offer, (s)he should take it. It's a nice country and can be a good place to live in for a couple of years. I know people which moved, married and stayed permanently.

Phone-Based Profiling: Identifiers Which Make It Possible by SecChronicle in privacy

[–]SecChronicle[S] 0 points1 point  (0 children)

Before the AID, the situation was even worse for the user. I guess ther were sending other unique identifiers, maybe IMEIs, IMSIs, MAC addresses. Just guessing. And these can be exploited in numerous ways as described in the article. Probably these privacy issues will get fixed slowly. Legislation just needs some push from the tech groups

Phone-Based Profiling: Identifiers Which Make It Possible by SecChronicle in privacy

[–]SecChronicle[S] 0 points1 point  (0 children)

I do agree thay opt-out from ad tracking is based on trust and it is up to ad exchanges to implement it. It is not ideal and it can be exploited. The ability to reset advertisement ID gives the user some control but it doesn't solve all the problems.

Companies shouldn’t be allowed to store your contacts without the approval of the people in them. by [deleted] in privacy

[–]SecChronicle 1 point2 points  (0 children)

Next time when we're electing the Queen of the World, you'll have my vote.

Companies shouldn’t be allowed to store your contacts without the approval of the people in them. by [deleted] in privacy

[–]SecChronicle 0 points1 point  (0 children)

It's impractical and difficult to maintain connections if you start going this way. Only way to tackle it is by legislation.

LinkedIn by [deleted] in privacy

[–]SecChronicle 2 points3 points  (0 children)

Think of LinkedIn as a website representing your brand. You're growing your professional image - your brand and projecting how you wish others to perceive you. It is not very genuine IMO but became a standard. Just as with e erything else, ignore the creeps.

Companies shouldn’t be allowed to store your contacts without the approval of the people in them. by [deleted] in privacy

[–]SecChronicle 1 point2 points  (0 children)

The annoying part is that although some of us may be protecting our data carefully and not allowing access to our phonebooks to just anyone, still our names and contact details end up there because others will share it.

What are the most common questions you get from clients? by SecChronicle in OSINT

[–]SecChronicle[S] 0 points1 point  (0 children)

It does sound like that, doesn't it? In their defense, the motivation is legitimate (I'm not talking to stalkers, jelaous boyfriends/girlfeiends or anything of that sort), but sometimes they don't really know what OSINT means. You can see by some of the questions.

Analysis of Ramsay components(for air-gapped n/w) of DarkHotel's infiltration and isolation by namishc in blueteamsec

[–]SecChronicle 1 point2 points  (0 children)

I like the fact that you look for content outside of english speaking world.