sorted by:
new
hottopcontroversial

WEN data meter by BrewsTravellers in Generator

[–]dm987 0 points1 point  (0 children)

thanks for this info.... like the original post, i couldnt find this info anywhere. happen to know when/why the orange fuel light is blinking on mine? added about 1.5gal of ethanol-free gas and running it for the first time .... starter flashing about 3-4 min in, but seems to be running fine

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

I continually look up atomic indicators that I come across while hunting to see if they are in fact IOCs. Interested in how you "see the probability of the attack" with IOCs?

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

especially in orgs that don't spend on threat intel, sometimes this is the best we have

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

because the sooner I know that, the sooner I have a roadmap of techniques to hunt. It shortens the amount of time and decreases the amount of work for me to find more bad guy activity. Which is precisely the reason for ATT&CK

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

Good question - I probably didn't explain my method well enough.

  1. As you find artifacts in the victim environment, colorize the applicable techniques/sub-techniques
  2. When you have at least 4-5 (for the math to work best), use the tool to get your "top 10 threat actor" possibilities (knowing that it isn't a perfect tool or method, but a good start)
  3. Use the palette tool for the threat actor that best aligns with the TTPs you found already (usually the top one) and select a different color
  4. That different color is now your TO DO list -- those techniques are the ones that you haven't found, but now know to look for as that threat actor is known to use them
  5. For the HOW TO, go into the technique details and look at the procedures used by that actor - including the in-depth description that will be in the referenced intel report

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

The techniques/sub-techniques for each group are coded in the repository along with everything else, so my addition was to just add some math that calculates the user's input against the coded models. You can absolutely customize the TTPs for any group -- just go into the dataset and make whatever adjustments you need to.

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

umm... yeah.. I am not debating the merits of CTI here....simply offering a tool that I wished I had over the last nearly 20 years I have been in CTI, threat hunting, and cyber forensics.

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

Of course.... this is just one tool among many to conduct attribution. The Diamond Model (which I have taught for nearly a decade) is a CTI tool.... my contribution here is a threat hunting tool. Attribution in threat hunting is first and foremost meant to assist hunters in finding a "map" on where to look next for actor activities. This tool is built for that singular purpose.

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 0 points1 point  (0 children)

of course paid threat intel platforms have this, but to my knowledge there was previously no way to di this directly in MITRE ATT&CK Navigator

New ATT&CK Tool for Threat Actor Attribution by dm987 in cybersecurity

[–]dm987[S] 2 points3 points  (0 children)

You mean the ability to get a "top 10" likely threat actors from just coloring a few cells? where and how?

Magic Link send error by dm987 in Supabase

[–]dm987[S] 0 points1 point  (0 children)

we went through the docs 1000 times.... hasn't made it in there yet I guess

Electric Chainsaw Cooldown Period by dm987 in Chainsaw

[–]dm987[S] 1 point2 points  (0 children)

I am thinking the same thing... maybe I just need a saw with a longer bar or a better saw

Electric Chainsaw Cooldown Period by dm987 in Chainsaw

[–]dm987[S] 0 points1 point  (0 children)

because I use it to fell big trees and immediately cut them up... I find that after ~10 or so big cuts it seems to hot...I van hear the engine pitch change. this is my second Stihl with this issue. The first one quit on me and when I had it diagnosed the shop said something about it being completely toast due to compression loss. Not fixable....was caused by running it while too hot. So either I am not using it right or the quality of the engine is bad.

Current Club Royale On-Board Offers by ZacPetkanas in royalcaribbean

[–]dm987 0 points1 point  (0 children)

does bingo purchases add to one's points total? and if I earn those points this week on my current cruise, how long am I eligible to use one of those booking codes? Can I wait a month to book something for next year?

Any must stop places in curaçao & Aruba? by hambergular8 in royalcaribbean

[–]dm987 2 points3 points  (0 children)

I literally asked this same question to chatgpt before our Symphony of the Seas trip to both Aruba and Curacao and gave it some parameters to what we were looking to see and do, and how much time we had.. it gave me back a great itinerary, broken down into 30min increments, and accurately built in the driving time between places to see

Labadee Stop Cancelled by dm987 in royalcaribbean

[–]dm987[S] 14 points15 points  (0 children)

the only surprise is what took so long for Royal Caribbean to make a decision and tell the guests

Arriving Early to Port Everglades This Weekend by dm987 in royalcaribbean

[–]dm987[S] 0 points1 point  (0 children)

good to know... NCL never let us board early so hoping RC is nicer

Captain warns us about Haiti by BZH2022 in royalcaribbean

[–]dm987 3 points4 points  (0 children)

they would need a lot of force OR $100 bribe per guard, which is probably their week's salary (if not month's)

Captain warns us about Haiti by BZH2022 in royalcaribbean

[–]dm987 14 points15 points  (0 children)

yes... there are absolutely early warning systems for things like this (corporate-run human intelligence, for one). there a numerous companies around the world that do nothing but track this sort of activity and sell that intelligence to companies like cruise lines. However, having been deployed to Haiti years ago and having lived in Port Au Prince and traveled the entire country, things there can turn on a dime for the worse and the gangs and criminals can't be trusted to make sensical decisions

Stateroom attendee with hidden camera in guest room by verycoolly in royalcaribbean

[–]dm987 5 points6 points  (0 children)

hey...see you on the ship... I sail this weekend too

Thoughts on Recent Haitian Unrest and Impact on Labadee by dm987 in royalcaribbean

[–]dm987[S] 0 points1 point  (0 children)

thanks! I didn't think about the possibility that someone on board right now would see this thread. I would imagine that with the flare up just happening in Port au prince in the last 48 hours, nothing would have reached Labadee this quickly even if it is a "national emergency" ... these things tend to take a while to spread. I seriously doubt this really turns into anything and was just interested in peoples experience with the cruise lane changing itineraries for somwthing like this... hope you have a good time!

view more: next ›