Okla.Social

DiscernibleYou wake up to your phone buzzing. It's not supposed to do that at this hour. Not unless something is very, very wrong.What will you do in the critical first hour?Join our next immersive blockchain security communications simulation where split-second decisions collide with core DeFi principles.Multiple stakeholders. Millions at stake. Only a few minutes to act.Can you balance technical truth with human realities when the clock is ticking?Register today to join our weekly drills and participate in next week's Web3 simulation.<a href="https://infosec.exchange/tags/Web3Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Web3Security</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityCommunications</a> <a href="https://infosec.exchange/tags/ProfessionalDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ProfessionalDevelopment</a>

DiscernibleWeekly security communication practice with your peers!Join industry colleagues in 60-min weekly Slack simulations where you can:✅ Test communication approaches you can't try at work ✅ Learn from diverse perspectives across organizations ✅ Build "muscle memory" for high pressure communication ✅ Network with professionals facing similar challengesUnlike traditional tabletops, these bite-sized drills fit your schedule and focus on practical communication skills across 12 security incident categories.Available now starting at $50/month.Learn more: <a href="https://discernibleinc.com/drills" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://discernibleinc.com/drills</a><a href="https://infosec.exchange/tags/SecurityCommunication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityCommunication</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/ProfessionalDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ProfessionalDevelopment</a>

LMG SecurityHackers are combining email bombing attacks with help-desk impersonation to trick employees into giving remote access—and it’s working.In this new video, we share a real-world attack scenario and show you how to spot and stop these advanced social engineering techniques.Watch now: <a href="https://youtu.be/RhKFx_ZRz4A" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/RhKFx_ZRz4A</a><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/EmailBombing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EmailBombing</a> <a href="https://infosec.exchange/tags/MicrosoftTeams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MicrosoftTeams</a> <a href="https://infosec.exchange/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialEngineering</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a>

LMG SecurityDid you know a ransomware tabletop exercise can uncover gaps and failure points in your incident response plan? A recent study found it can also reduce your data breach costs by an average of $248K! If you have not planned a ransomware tabletop exercise already, it's time to put this on your schedule!In our new blog, we share common failure points, <a href="https://infosec.exchange/@MDurrin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@MDurrin</a>'s favorite ransomware tabletop exercise scenarios, and tips to help you get the most out of your next exercise.Read the blog: <a href="https://www.lmgsecurity.com/how-a-ransomware-tabletop-exercise-can-dramatically-reduce-your-losses-if-youre-attacked/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.lmgsecurity.com/how-a-ransomware-tabletop-exercise-can-dramatically-reduce-your-losses-if-youre-attacked/</a><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/TabletopExercise" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TabletopExercise</a> <a href="https://infosec.exchange/tags/CyberResilience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberResilience</a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SMB</a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISO</a> <a href="https://infosec.exchange/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITsecurity</a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DFIR</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a>

FIRST.orgIs there someone that has inspired you in incident response? Consider nominating them! 🏆The FIRST Incident Response Hall of Fame recognizes ✨excellence✨. Criteria includes impact, influence, innovation & more. Submit your nomination by March 14th: <a href="https://go.first.org/HJNg7" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://go.first.org/HJNg7</a> <a href="https://infosec.exchange/tags/IRHoF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IRHoF</a> <a href="https://infosec.exchange/tags/FIRST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIRST</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a>

WalkerSome peoples thought process is fascinating. For example, when faced with connection issues between a cloud service and an S3 bucket or MongoDB instance with default creds, the decision made is not to troubleshoot the blockage. But instead to remove all firewalls and ACLs between the services. Sure it will get connectivity working for your project, but will also provide connectivity for the entire Internet to the internal resources.Then everyone gets a Surprised Pikachu face when the data gets stolen and a ransomware note is left in its place. Its the same result... EVERY TIME.<a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/s3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#s3</a> <a href="https://infosec.exchange/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firewall</a> <a href="https://infosec.exchange/tags/waf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#waf</a>

FIRST.orgYou've read your daily news, but have you looked at the agenda for the Amsterdam 2025 FIRST TC yet? 👀🔗<a href="https://go.first.org/KFYHZ" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://go.first.org/KFYHZ</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/technical" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technical</a> <a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilities</a> <a href="https://infosec.exchange/tags/securityteams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityteams</a>

DiscernibleWe're growing our weekly Discernible Drills and want YOUR input!Help us select the best times to add by taking our quick scheduling survey. It takes less than 2 minutes to complete — and your feedback will ensure we can accommodate as many participants as possible in our expansion. 📋 Survey link: <a href="https://forms.gle/W8KjwQqEYGHr2Rxy8" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forms.gle/W8KjwQqEYGHr2Rxy8</a><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityCommunications</a>

The DFIR Report🙏 Huge THANK YOU to everyone who joined the DFIR Labs CTF this weekend!Over 200 people from around the world jumped in to tackle challenges based on a real case—and we hope you all had fun, learned something new, and sharpened your DFIR skills 🔎💻Keep an eye on our socials for the next DFIR Labs CTF announcement!💡 Interested in running a CTF at your organization? Please fill out this form and we’ll get in touch: <a href="https://form.jotform.com/243245571640252" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://form.jotform.com/243245571640252</a>The case featured in this CTF is now available: <a href="https://store.thedfirreport.com/products/mud-in-the-water-private-case-29823" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://store.thedfirreport.com/products/mud-in-the-water-private-case-29823</a><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DFIR</a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTF</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BlueTeam</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a>

Dissent Doe :cupofcoffee:Scenario: Someone is notifying you of a data breach that occurred almost a year ago. They refer it to as a "recent incident."Their notification does not tell you WHEN the incident occurred, WHEN they first discovered it, or the fact that the data were leaked more than 6 months ago. They just talk about a "recent incident." I wish they weren't allowed to get away with such deceptive notices. <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transparency</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a>

Chum1ng0 - Security Research :verified:🇰🇷 Kakao Enterprise sufrió un incidente de seguridad🔗 <a href="https://blog.security-chu.com/2025/03/kakao-enterprise-sufrio-un-incidente-de.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.security-chu.com/2025/03/kakao-enterprise-sufrio-un-incidente-de.html</a> <a href="https://infosec.exchange/tags/Kakao" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kakao</a> <a href="https://infosec.exchange/tags/ciberseguridad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ciberseguridad</a> <a href="https://infosec.exchange/tags/LATAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LATAM</a> <a href="https://infosec.exchange/tags/noticias" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#noticias</a> <a href="https://infosec.exchange/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a>

Discernible<a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityCommunications</a>

FIRST.orgGet it while it's hot! The agenda for the Amsterdam 2025 FIRST TC is out now. 📰🔗<a href="https://go.first.org/KFYHZ" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://go.first.org/KFYHZ</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/technical" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technical</a> <a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilities</a> <a href="https://infosec.exchange/tags/securityteams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityteams</a>

DiscernibleWe're expanding our weekly IR communication drills! Help us pick the best times by ranking your preferences in our quick survey. Your input matters and will help us accommodate more participants.Survey link: <a href="https://docs.google.com/forms/d/e/1FAIpQLSeKtQNLlU4ZiFPBvG_p4RL9FhW5fF6fjVcvdJjO61Q4PNgpog/viewform" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://docs.google.com/forms/d/e/1FAIpQLSeKtQNLlU4ZiFPBvG_p4RL9FhW5fF6fjVcvdJjO61Q4PNgpog/viewform</a><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityCommunications</a>

FIRST.orgThe FIRST Board of Directors has unveiled a comprehensive Strategy Framework to enhance our ability to fulfill our mission as a global leader in cybersecurity and incident response.This framework introduces a structured three-year Strategic Plan focused on five key objectives:🌎 Global Recognition and Trust ⭐ Member Value Creation 📚 Development and Education 🤝 Trusted Venue for Standards ⚖️ Effective Governance and Financial ResilienceLearn more here: <a href="https://www.first.org/blog/20250303-Strategy-Framework" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.first.org/blog/20250303-Strategy-Framework</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Josh Lemon<a href="https://infosec.exchange/tags/BYOVD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BYOVD</a> attacks are slowly becoming more common for threat actors to escalate privilege and kill security tools. Make sure you're <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatHunting</a> for new Vulnerable Drivers! Win 11 now has a Vulnerable Driver Blocklist feature, however, it's only updated in major updates so you still need to monitor for recently discovered Vulnerable Drivers.Recent Vuln Driver: <a href="https://www.bleepingcomputer.com/news/security/ransomware-gangs-exploit-paragon-partition-manager-bug-in-byovd-attacks/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/ransomware-gangs-exploit-paragon-partition-manager-bug-in-byovd-attacks/</a>Known Vuln Drivers: <a href="https://www.loldrivers.io/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.loldrivers.io/</a>Vuln Driver Blocklist: <a href="https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules</a><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatDetection</a>

WalkerMore machines added to the list, the haystack just got bigger, that needle is more elusive than ever.Problem is, no one is sure the needle exists. In all seriousness, when does one know to stop looking for the needle? How exhaustive does an investigation need to be before all threads are chased. More of a rhetorical question. Big on metaphors today. <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#forensics</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a>

FIRST.orgFIRST was in Malawi this week delivering training and seminars with the mwCERT team (a FIRST member and FIRST Fellow) and their affiliated sector CSIRTs.Over three days, Lawrence Muchilwa — as part of the African Regional Liaison Initiative — and Hadyn Green — from the Actioning Alerts and Advisories (A4) Initiative — ran training sessions covering incident response, technical actions and communications. These initiatives are graciously funded by the UK Government.Following the training, a two-day Finance and Telecommunications cybersecurity conference was held in Mangochi under the theme "Navigating Cybersecurity in Finance and Telecommunications." MACRA Board Director Reverend Father Damaseke officially opened the event, describing it as "pivotal in the digital agenda drive" toward creating "a more secure and resilient cyberspace for all."Christopher Banda, Head of Malawi CERT (a unit within MACRA), emphasized that as cyber threats evolve at an alarming pace, such gatherings are "not just beneficial, but essential" for protecting Malawi's financial and telecommunications sectors, which form the backbone of the economy.This collaborative effort highlights FIRST's ongoing commitment to building cybersecurity capacity and establishing international trust networks in developing regions.Thanks to LondonCyber for the support that enables this work!Read more here: <a href="https://go.first.org/RQnWE" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://go.first.org/RQnWE</a>Photos credit: @MACRAMALAWI <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>

WalkerRegarding the recent Cyberhaven related Chrome plugin compromises, was a threat actor ever identified?I have searched and have not found any attribution.<a href="https://infosec.exchange/tags/cyberhaven" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberhaven</a> <a href="https://infosec.exchange/tags/iran" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iran</a> <a href="https://infosec.exchange/tags/foxkitten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#foxkitten</a> <a href="https://infosec.exchange/tags/chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#chrome</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/threatactor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatactor</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a>

Discernible🔥 Launching today: Discernible Drills - our new weekly security/privacy communication training delivered via Slack!Based on 20 years of experience in, this new service helps security and privacy professionals practice communication skills through weekly 60-minute drills.- Covers 12 different incident types - Text-based with multimedia elements for auditory learners - No PO required - individual subscriptions - Currently runs Wednesdays 12-1pm ET with more times coming soon - Two tiers: $50/mo or $100/moSecurity incidents are more than breaches, and communication is more than media statements. Practice makes perfect.Learn more at <a href="https://discernibleinc.com/blog/introducing-discernible-drills" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://discernibleinc.com/blog/introducing-discernible-drills</a><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityCommunications</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/PrivacyCommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PrivacyCommunications</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a>

Recent searches

Search options

Administered by:

Server stats:

#incidentresponse