Another week, another APT analysis!

Have you heard about the _secpro? 🤔 [View this email in your browser]( SecPro #88: Another week, another APT! Hello again! Deadlines, money, and time – three roadblocks for any security professional. Battling the adversary is hard when you have all the information, but who has the time? Conti, LAPSUS$, and the other hacker groups aren’t giving you time to read 50 books! It would be easier if everything was just in one place, right? _secpro is a newsletter that combines original ideas and curated content for you. Deep dives, industry developments, interesting tools, and tools, all in one place. Whether you’re a senior pentester or just starting in a SOC, you will find content that helps you do your job. And our 100,000-strong community is here to support you every step of the way. Joke of the Week How do you kick off speeding dating for IT professionals? "Singles, sign on!" Now, with that terrible joke out of the way, it's time to reflect on what the team has been doing this week. After an enlightening chat with [Bill Oettinger]( earlier this week, we decided to do a little investigating into cyber forensics. And that has led to a multipart guide on how to run digital forensics on both Linux and Windows by [Sai]( And as usual, don't forget to check out the new infographic and try out the tools we've laid out at the bottom - this week, we've been researching and playing with cryptography tools! This week's highlights: - [Windows Forensic Analysis - Part 1]( - [Exploring APTs - #2]( - [Cybersecurity Threats, Malware Trends, and Strategies]( - [The Gartner Survey]( And with that - on with the show! Food For Thought This week, we've been discussing Gartner's [Emerging Technologies and Trends Impact Radar]( and it got us thinking - what exactly can we expect over the next year? What's going to change and how are we going to react? We'd love to hear your thoughts! Fill in the survey below and we'll publish our ideas next week! [WHAT CAN WE EXPECT THIS YEAR?]( This Week's Editorial Articles [Exporing APTs - #2]( APT35 is a cyber-espionage group also known as Charming Kitten. It is believed to be a state-sponsored hacking group based in Iran and is known for targeting many in the Middle East and around the world. [Want to read more?]( [Windows Forensic Analysis - Part 1]( [Sai]( back with a breakdown on how to approach forensic analysis and which tools we should be using! Cybersecurity Fundamentals [Cybersecurity Threats, Malware Threats, and Strategies]( "Woah, woah, woah - where's the machine learning tutorial?", you ask. We're taking a short break from the tutorials to cover something new on the horizon - [Tim Rains]( [Cybersecurity Threats, Malware Trends, and Strategies, Second Edition]( This time, we thought we'd give you some controversial food for thought - something to liven you up before the weekend! [LIKE WHAT YOU SEE? CLICK HERE]( Tim Rains on Threats If we have to live in a world where security vulnerabilities in hardware and software are just a fact of life, wouldn’t it be useful to know which vendors were actually improving their products over time? After all, once vendors release their products, the risks and the costs of remediating security vulnerabilities is now shared with all of their customers. Subsequently, vendors should be making an effort to measurably reduce the risks and costs of using their products for their customers. One way to measure their progress is to track the following three measures: 1. Is the total number of vulnerabilities trending up or down? 2. Is the severity of those vulnerabilities trending up or down? 3. Is the access complexity of those vulnerabilities trending up or down? While not perfect, the combination of these measures can give us some idea which vendors are actively managing vulnerabilities in the right direction. In my new book, Cybersecurity Threats, Malware Trends, and Strategies (2nd Edition), I share a 5-year analysis of vulnerability trends for several major vendors who historically have had the highest CVE counts including Apple, Debian, Google, Microsoft, and Oracle. I also share vulnerability trends and analysis for popular mobile, client, and server operating systems, as well as web browsers. This data reveals how some of the world’s most popular vendors have been managing vulnerabilities in their products over time and which operating systems and browsers have the least risk and costs associated with them. Is your favorite browser really the most secure browser? Which combination of operating system and browser has potentially the lowest cost to maintain? You might be surprised. All the views and opinions expressed in this post and in the book are my own, not those of any of my past or current employers. Don't miss out on [Tim Rains]( [Cybersecurity Threats, Malware Trends, and Strategies, Second Edition]( - available at Packt and other leading distributors today! Have You Tried...? Here are some great tools for understanding APTs. - [CyberMonitor/APT_CyberCriminal_Campagin_Collections]( - APT & CyberCriminal Campaign Collection; everything you need in one place. - [sous-chefs/apt]( - Development repository for the APT cookbook. - [kbandla/APTnotes]( - Various public documents, whitepapers, and articles about APT campaigns. - [NextronSystems/APTSimulator]( - A toolset to make a system look as if it was the victim of an APT attack. - [blackorbird/APT_REPORT]( - Interesting APT report collection with a sample, malware, and intelligence. How did find this week's issue? [👎]( [😐]( [👌]( [👍]( [FORWARDED THIS EMAIL? SIGN UP HERE]( [NOT FOR YOU? UNSUBSCRIBE HERE]( Copyright © 2023 Packt Publishing, All rights reserved. As a GDPR-compliant company, we want you to know why you’re getting this email. The _secpro team, as a part of Packt Publishing, believes that you have a legitimate interest in our newsletter and the products associated with it. Our research shows that you opted-in for communication with Packt Publishing in the past and we think that your previous interest warrants our appropriate communication. If you do not feel that you should have received this or are no longer interested in _secpro, you can opt out of our emails using the unsubscribe link below. Our mailing address is: Packt Publishing Livery Place, 35 Livery StreetBirmingham, West Midlands, B3 2PB United Kingdom [Add us to your address book]( Want to change how you receive these emails? You can [update your preferences]( or [unsubscribe from this list](.