Bytes Europe<p>Are SOC Teams Ready For Geopolitical Cyber Threats? <a href="https://www.byteseu.com/1224220/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">byteseu.com/1224220/</span><span class="invisible"></span></a> <a href="https://pubeurope.com/tags/CyberIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberIntelligence</span></a> <a href="https://pubeurope.com/tags/Cyberwarfare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberwarfare</span></a> <a href="https://pubeurope.com/tags/GeopoliticalCyberThreats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GeopoliticalCyberThreats</span></a> <a href="https://pubeurope.com/tags/Geopolitics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Geopolitics</span></a> <a href="https://pubeurope.com/tags/RobinDimyanoglu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RobinDimyanoglu</span></a> <a href="https://pubeurope.com/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.
Administered by:
Server stats:
214active users
toad.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#soc
1 post · 1 participant · 0 posts today
Tim (Wadhwa-)Brown :donor:<p>If you suffer a breach, I am absolutely saying you should review and secure your netinf, not just stick a ZT shaped plaster on top of it.</p><p>Especially if you have default creds, ejected MSSP and unauth'd routing protocols in the mix.</p><p><a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a>, <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dfir</span></a>, <a href="https://infosec.exchange/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a>, <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a></p>
Alexandre Dulaunoy<p>Curious about all the open source and projects developed by <span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>circl</span></a></span> ? </p><p>CIRCL Open Source tools powering SOC & CSIRT teams.</p><p><a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a> <a href="https://infosec.exchange/tags/csirt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>csirt</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintelligence</span></a> </p><p>🔗 <a href="https://hdoc.cnw.circl.lu/JJKFoeHrS9Wf28L4tAyCNg?view#" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hdoc.cnw.circl.lu/JJKFoeHrS9Wf</span><span class="invisible">28L4tAyCNg?view#</span></a></p>
securityaffairs<p>5 Features Every AI-Powered <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> Platform Needs in 2025<br><a href="https://securityaffairs.com/180070/security/5-features-every-ai-powered-soc-platform-needs-in-2025.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/180070/sec</span><span class="invisible">urity/5-features-every-ai-powered-soc-platform-needs-in-2025.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.treehouse.systems/@krutonium" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>krutonium</span></a></span> yeah but <a href="https://infosec.space/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> (aka. <a href="https://infosec.space/tags/toybox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>toybox</span></a> / <a href="https://infosec.space/tags/bionic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bionic</span></a> + <a href="https://infosec.space/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> ) usually has tighter integration with the targeted <a href="https://infosec.space/tags/SoC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoC</span></a> in question.</p>
Kunai Project<p>📢 Exciting Announcement! 📢</p><p>Join us tomorrow at 14:00 CET for the Kunai Workshop Virtual Summer School (VSS) organized by CIRCL! 🌟</p><p>🔍 What You'll Learn:<br>- The basics of Kunai<br>- Using Kunai tools (<a href="https://github.com/kunai-project/pykunai#" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/kunai-project/pykun</span><span class="invisible">ai#</span></a>)<br>- Configuring Kunai with MISP IoCs<br>- Building advanced log filtering and detection rules<br>- How to use Kunai and Yara</p><p>📝 Program and Prerequisites:<br>Make sure to check out the program and complete the prerequisites before joining: <a href="https://github.com/kunai-project/workshops/tree/main/circl-vss-2025#readme" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/kunai-project/works</span><span class="invisible">hops/tree/main/circl-vss-2025#readme</span></a></p><p>🌐 How to Join VSS: <a href="https://www.circl.lu/pub/vss-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">circl.lu/pub/vss-2025/</span><span class="invisible"></span></a></p><p>🎓 Don't miss this opportunity to enhance your skills with Kunai! See you there! 🚀</p><p><a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatHunting</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a></p>
Pyrzout :vm:<p>How exposure-enriched SOC data can cut cyberattacks in half by 2028 <a href="https://www.helpnetsecurity.com/2025/06/30/plextrac-data-exposure-management/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/06/30</span><span class="invisible">/plextrac-data-exposure-management/</span></a> <a href="https://social.skynetcloud.site/tags/Expertanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Expertanalysis</span></a> <a href="https://social.skynetcloud.site/tags/Expertcorner" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Expertcorner</span></a> <a href="https://social.skynetcloud.site/tags/cyberattacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattacks</span></a> <a href="https://social.skynetcloud.site/tags/Don" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Don</span></a>'tmiss <a href="https://social.skynetcloud.site/tags/Hotstuff" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hotstuff</span></a> <a href="https://social.skynetcloud.site/tags/PlexTrac" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PlexTrac</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a> <a href="https://social.skynetcloud.site/tags/risk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>risk</span></a> <a href="https://social.skynetcloud.site/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>Someone should make a circuit board that fits in an original <a href="https://mastodon.social/tags/tamagotchi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tamagotchi</span></a> shell and upgrades the screen and CPU so that it can do a lot of extra stuff; <a href="https://mastodon.social/tags/gps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gps</span></a> location tracking, <a href="https://mastodon.social/tags/meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meshtastic</span></a> node, <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> and <a href="https://mastodon.social/tags/radio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>radio</span></a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> like a <a href="https://mastodon.social/tags/flipperZero" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>flipperZero</span></a>, etc. Maybe some <a href="https://mastodon.social/tags/arm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>arm</span></a> <a href="https://mastodon.social/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a> like a <a href="https://mastodon.social/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi</span></a>, or <a href="https://mastodon.social/tags/Rockchip" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rockchip</span></a>, or maybe just a little <a href="https://mastodon.social/tags/ESP32" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESP32</span></a>. Maybe just cram a <a href="https://mastodon.social/tags/Pebble" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pebble</span></a> watch in there or something.</p><p><a href="https://mastodon.social/tags/hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardware</span></a> <a href="https://mastodon.social/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a> <a href="https://mastodon.social/tags/virtualPet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>virtualPet</span></a></p>
Pyrzout :vm:<p>Why the SOC needs its “Moneyball” moment <a href="https://www.helpnetsecurity.com/2025/06/25/soc-ai-powered-graphs/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/06/25</span><span class="invisible">/soc-ai-powered-graphs/</span></a> <a href="https://social.skynetcloud.site/tags/Artificialintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Artificialintelligence</span></a> <a href="https://social.skynetcloud.site/tags/Expertanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Expertanalysis</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Expertcorner" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Expertcorner</span></a> <a href="https://social.skynetcloud.site/tags/Don" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Don</span></a>'tmiss <a href="https://social.skynetcloud.site/tags/Hotstuff" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hotstuff</span></a> <a href="https://social.skynetcloud.site/tags/Illumio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Illumio</span></a> <a href="https://social.skynetcloud.site/tags/opinion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opinion</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a> <a href="https://social.skynetcloud.site/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@cleverboi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cleverboi</span></a></span> <span class="h-card" translate="no"><a href="https://social.linux.pizza/@FandaSin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>FandaSin</span></a></span> <span class="h-card" translate="no"><a href="https://mstdn.social/@BrodieOnLinux" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>BrodieOnLinux</span></a></span> <span class="h-card" translate="no"><a href="https://social.gompa.me/@neal" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>neal</span></a></span> as for <a href="https://infosec.space/tags/i386" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>i386</span></a> I understood <em>why</em> cuz it was more and more painful m, but the problem with <a href="https://infosec.space/tags/i486" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>i486</span></a> is that in several <a href="https://infosec.space/tags/embedded" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>embedded</span></a> and <a href="https://infosec.space/tags/industrial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>industrial</span></a> setups there are still newly deloyed systems based off it.</p><p>I.e. <a href="https://infosec.space/tags/Vortex86" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vortex86</span></a> <a href="https://infosec.space/tags/SoC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoC</span></a>'s cuz <a href="https://infosec.space/tags/MSDOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSDOS</span></a> and shit still gets used in <a href="https://infosec.space/tags/industrial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>industrial</span></a> equipment.</p><ul><li>And <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> is kinda necessary to keep that rollin'...</li></ul><p>Linux <a href="https://github.com/OS-1337/OS1337/blob/main/docu/linux.kernel.versions.tsv" rel="nofollow noopener" target="_blank">stopped supporting i386</a> with versions <code>3.4.99 (longterm)</code> & <code>3.6.9</code> respectably.</p><ul><li>And unlike with <code>i386</code> where none of the toolchain (<a href="https://infosec.space/tags/musl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>musl</span></a>) and utilities (<a href="https://infosec.space/tags/toybox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>toybox</span></a>) supoort it, <code>i486</code> is still supported there.</li></ul><p>And I really want to continue developing a minimalist <em>"rescue"</em> distro that can handle such legacy hardware because it may be the only option to <code>ddrescue</code> stuff from certain systems or to properly & reproduceably backup & restore them!</p>
k3ym𖺀<p>Dear Cybersecurity Vendors, OEMs, and VARs,</p><p>If you're not pronouncing SOCaaS "suckass," you're doing it wrong.</p><p><a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/SOCaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOCaaS</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a></p>
Stats on Stats Podcast<p>🚨 Top Cyber Threats You Shouldn't Miss (June 18)</p><p>📲 SuperCard Malware hijacks Androids to relay payment card data.<br>🧑🎮 Stargazers Malware targets Minecraft mod users with info-stealers.<br>📉 Fake Bank Ads on Instagram scam users with deepfake tactics.</p><p><a href="https://mastodon.social/tags/CyberThreats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberThreats</span></a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mastodon.social/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mastodon.social/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://mastodon.social/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://mastodon.social/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlueTeam</span></a> <a href="https://mastodon.social/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://mastodon.social/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mastodon.social/tags/Phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phishing</span></a> <a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
okanogen VerminEnemyFromWithin<p><a href="https://mastodon.social/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> audits are why doves cry.<br><a href="https://mastodon.social/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a></p>
Pyrzout :vm:<p>Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques <a href="https://www.helpnetsecurity.com/2025/06/09/siem-detection-coverage/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/06/09</span><span class="invisible">/siem-detection-coverage/</span></a> <a href="https://social.skynetcloud.site/tags/threatdetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatdetection</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CardinalOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CardinalOps</span></a> <a href="https://social.skynetcloud.site/tags/MITREATT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MITREATT</span></a>&CK <a href="https://social.skynetcloud.site/tags/framework" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>framework</span></a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>report</span></a> <a href="https://social.skynetcloud.site/tags/survey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>survey</span></a> <a href="https://social.skynetcloud.site/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MITRE</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/SIEM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIEM</span></a> <a href="https://social.skynetcloud.site/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
Kunai Project<p>🚀 Kunai Sandbox is now live! 🚀</p><p>Curious about Kunai? Want to analyze Linux malware logs? Or share malware analysis to build detection rules? Kunai Sandbox has you covered! 🛡️</p><p>🔍 Check out what Kunai can do:<br>✅ Explore Kunai's log structure without running it locally<br>✅ Analyze logs generated by Linux malware<br>✅ Share malware analysis with others to build detection rules</p><p>🔗 See an example analysis of the perfctl <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a>: <a href="https://sandbox.kunai.rocks/analysis/59edbf8c-41b7-4144-97e0-9b0571446c02" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">sandbox.kunai.rocks/analysis/5</span><span class="invisible">9edbf8c-41b7-4144-97e0-9b0571446c02</span></a></p><p><a href="https://infosec.exchange/tags/detectionengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>detectionengineering</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dfir</span></a> <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a></p>
Chris Sanders 🔎 🧠<p>The path to a meaningful future for your SOC won't be led by people who don't understand how investigations work building products that are based around poorly prompting AI to tell you how to perform them. <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
Pyrzout :vm:<p>The cloud security crisis no one’s talking about <a href="https://www.helpnetsecurity.com/2025/06/05/cloud-threats-detection/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/06/05</span><span class="invisible">/cloud-threats-detection/</span></a> <a href="https://social.skynetcloud.site/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>report</span></a> <a href="https://social.skynetcloud.site/tags/survey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>survey</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/ARMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ARMO</span></a> <a href="https://social.skynetcloud.site/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
Chris Sanders 🔎 🧠<p>Investigation Scenario 🔎</p><p>While reviewing company code in Github, you discover odd javascript that downloads+executes a file from an unknown domain that is currently inaccessible.</p><p>What do you look for to investigate whether an incident occurred?</p><p><a href="https://infosec.exchange/tags/InvestigationPath" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InvestigationPath</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a></p>
Kunai Project<p>🚀 New Blog Post: Kunai vs io_uring (<a href="https://why.kunai.rocks/blog/kunai-vs-io_uring" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">why.kunai.rocks/blog/kunai-vs-</span><span class="invisible">io_uring</span></a>) 🚀</p><p>💡 Ever wondered how io_uring revolutionizes I/O operations in the Linux kernel? Inspired by Armo's blog post (<a href="https://www.armosec.io/blog/io_uring-rootkit-bypasses-linux-security/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">armosec.io/blog/io_uring-rootk</span><span class="invisible">it-bypasses-linux-security/</span></a>) about a PoC rootkit using io_uring, we explored this feature's security implications and how tools like Kunai can monitor these operations.</p><p>🔍 Key Takeaways:<br>🔹 io_uring boosts I/O performance by reducing system call overhead and enabling asynchronous operations<br>🔹 Security tools struggle to monitor io_uring due to its unique handling of operations<br>🔹 Kunai now provides visibility into io_uring operations, though blocking malicious activities remains challenging<br>🔹 Recent kernel versions have introduced auditing and security controls for io_uring, but these are still limited</p><p>📖 Read more: <a href="https://why.kunai.rocks/blog/kunai-vs-io_uring" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">why.kunai.rocks/blog/kunai-vs-</span><span class="invisible">io_uring</span></a></p><p><a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://infosec.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatDetection</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@joel" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>joel</span></a></span> <span class="h-card" translate="no"><a href="https://polymaths.social/@rl_dane" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rl_dane</span></a></span> <span class="h-card" translate="no"><a href="https://polymaths.social/@tripplehelix" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tripplehelix</span></a></span> yeah, basically a <em>"better SP" than Nintendo will ever sell you!</em></p><p>Just a nice, consistent <a href="https://infosec.space/tags/SoC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoC</span></a> with case, display, battery & BMS to <em>make it go brrr....</em></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload