![]() ![]() Remember the different companies see different parts of the ransomware ecosystem, so it can be helpful to track many perspectives. Again, there are far too many sources for us to list here, so this is just a sample of what's out there. Many of these blogs are maintained by vendors, who regularly share information about incidents they observe. You may also want to follow these companies on Twitter. There are many RSS feed options, including a free version of Feedly. We recommend setting up an RSS feed with the blog posts from various organizations in the community. ![]() There are so many good accounts that we can't possibly list all of them here, but if you start with this list, Twitter will recommend other similar accounts to you. Like all of these sources, you will need to curate the accounts you follow and determine which ones work for your needs. TweetDeck ( ) can help organize various accounts and hashtags of interest, and Twitter lists can also help with this. ![]() Twitter is an excellent source of information about ransomware itself as well as the many ransomware precursor malware families. If you are interested in setting up your own TOR browser to access these sites themselves, here is a video that shows you how to do this in a more secure way:įor more information on the TorBrowser project, please see:Īnd finally, learn about Tails, the operating system designed for anonymity and built with Tor enabled at all times: Here's an example of how this could be integrated into Slack: OTX provides open access for all, allowing you to collaborate with a worldwide community of threat researchers and security professionals. Before accessing these sites, and particularly before downloading any stolen data directly from them, talk to your lawyers! Open Threat Exchange ( OTX) is a threat data platform that allows security researchers and threat data producers to share research and investigate new threats. It's useful for researchers to be aware if their organization is listed on one of these sites. Several sources scrape dark web sites where ransomware operators post names of victims as well as exfiltrated data. (just research, don't upload sensitive samples!).Florian Roth’s spreadsheet for historical data (not currently updated).(make a risk assessment before uploading any data!).Of course, make sure to vet all sources yourself - especially before uploading any data! Compatibility with FortiSOAR Versions: 4.10. Here are some of the key resources we covered. Add the AlienVault-OTX connector as a step in FortiSOAR playbooks and perform automated operations, such as retrieving details for an indicator, creating and retrieving details for a pulse, and running queries on the AlienVault-OTX server. There are a lot of great free resources out there to help cybersecurity professionals prevent and detect ransomware - but you have to know where to look! In our recent SANS Threat Analysis Rundown (STAR) livestream, we talked about many sources we use to track the ransomware ecosystem. Recommended Sources for Ransomware Information Immediately apply the skills and techniques learned in SANS courses, ranges, and summits ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |