MISP Project @MISPProject@mastodon.opencloud.lu

With the new misp-opendata software, MISP datasets can be automatically extracted and published on @EU_opendata @OpenDataLU portals automatically. #threatintel #opendata
https://github.com/MISP/misp-opendata … This work is part of the @VARIoT_project and co-funded by @inea_eu #CEFtelecom #PODpic.twitter.com/qF3gcwupOO

One of our HEFESTIS Ltd members ended up with a list of 50 domains to research to see if any were malicious. I used the #MISP platform to get an answer for all 50 in a minute.

@MISPProject

https://www.youtube.com/watch?v=QmJuh5k4DTk&list=PLqEq1PI7wfwxdi2E9lmtx3Cl7GT-UUf9D …

Yes - love the feature so much made the CMCF based on some advice from @Iglocska. MISP = Super helpful group of folks.

Would be great if other industry players make their IOCs as easily accessible as @ESETresearch #misp and #yara at
https://github.com/eset/malware-ioc/tree/master/turla …

A new version of the #MISP core format is out. It's used to exchange cybersecurity threat information (#CTI) as JSON objects between Open Source Threat Intelligence Sharing Platform instances (aka Malware Information Sharing Platform) and complements other CTI formats like #STIX.
https://twitter.com/MISPProject/status/1265624489360003072 …

We published an updated version of the MISP core format
https://www.misp-standard.org/ 
https://www.misp-standard.org/rfc/misp-standard-core.html … and SightingDB query format by @tricaud from @devo_Inc #threatintel #Interoperability #openstandardpic.twitter.com/9daMliEiLD

Any #DFIR friends intergrated @sleuthkit central repository and @MISPProject before? I could really do with your knowledge if you have!

Virtual coffee's provided!

The nifty feature of @MISPProject to extend event has now its own taxonomy to support the reason behind the extended events.
https://www.misp-project.org/taxonomies.html#_extended_event … Let us know what you think about it and don't hesitate to contribute. #threatintel

Thanks to @Ko97551819 for the contribution.pic.twitter.com/HSUco4l1g0

IOC available in the PDF (p23
https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf …)
Or directly on Github
https://github.com/eset/malware-ioc/tree/master/turla#turla-comrat-v4-indicators-of-compromise …
Bonus from @eset : @MISPProject event available as well <3
https://twitter.com/campuscodi/status/1265213838309416965 …pic.twitter.com/VDNaz6gqU6

The detailed white paper is available here:
https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf …
As usual, the Indicators of Compromise and a @MISPProject event are available on our GitHub repository:
https://github.com/eset/malware-ioc/tree/master/turla#turla-comrat-v4-indicators-of-compromise … #ESETresearch 4/4

#Cybersecurity remains a key driver in keeping our societies and economies secure, even in the face of a pandemic.

Here's a peek at our #cybersec research in 2019, including work on #bitcoin security, #whitebox encryption, & #UX with @MISPProject

http://ow.ly/aVQE50zEYUl pic.twitter.com/mUdxF1VRnl

So what did I learn about #ThreatIntel? Quite a bit!
1. First, props to the @MISPProject team for what they've created, and I look forward to using the platform enough to begin contributing
1/6

Following in @TheHive_Project and @MISPProject's, I've created a support community for Shuffle:
https://gitter.im/Shuffle-SOAR/community …

Added most of the @Secureworks threat actor names as synonyms to the @MISPProject galaxy today.
https://twitter.com/Secureworks/status/1263580691398197249 …

Thanks to Nils @0x3c7 and @Secureworks for the contribution. MISP threat-actor galaxy is updated, published on the website, available in core MISP and all tools using the MISP project galaxies.

https://twitter.com/0x3c7/status/1263889007374729221 …pic.twitter.com/zfP3DV6Pi0

How #MISP Enables the #Cybersecurity Community to Collaborate During the Pandemic

Now, with the addition of COVID-19 threat intelligence from Microsoft, @devo_Inc customers also have access to the latest hashes and signals about these threats.
https://www.devo.com/blog/how-misp-enables-the-cybersecurity-community-to-collaborate-during-the-pandemic/ …

Updated for Zeek (been on to-do list ). Export indicators from @MISPProject and use them for @Zeekurity Intel Framework and @snort/@Suricata_IDS rules in @securityonion:
https://securityonion.readthedocs.io/en/latest/misp.html …

Presentations of the EU ATT&CK Workshop are now online
https://attack-community.org/event/ . 1800 participants from 75 countries listening to inspiring, practical and useful content delivered by more than 35 speakers. #EUATTACKworkshop @MITREattack @MITREengenuity @circl_lu @CERTEU

Screenshots show integration with @MISPProject

@MISPProject is the top open-source threat-intelligence platform. Now @Microsoft has made a major contribution to fighting cyberthreats during the pandemic by sharing its COVID-19-related threat data. Everyone benefits when we all work together.
https://hubs.ly/H0qJXDw0