On its 1st anniversary, excited to announce the re-launch of MetaOSINT, the #OSINT tool & resource aggregator! v2 contains 900 new resources (5,700+ total) wrapped in an improved UI. The best news? A method for ongoing updates, so stay tuned for more ~weekly additions!

I’ve tracked thousands of #OSINT resources over a half-decade via the MetaOSINT project. Here are my thoughts on how the dataset’s evolution might reflect broader trends & changes in the underlying info landscape during a time of major global disruption: https://t.co/ZP5yRcYuFj

MetaOSINT v3.0 is live! The first major update in over a year brings 8,000 new resources to the tool, more than doubling the previous tally. But structured categories & citation counts still make it easy to surface popular, relevant #OSINT resources: https://t.co/He1iwDQZfA

Long-overdue update (largest yet) to my #OSINT-focused project MetaOSINT coming soon! Adding a ton of new, timely resources to the database while maintaining its hallmark ease of use. Brush back up before the update lands in the coming days: https://t.co/srbAh35Rls

Taking a data-driven approach, @GlobalCyberAlln and @TidalCyber 's recent report validates the significant impact basic #cyberhygiene measures have in defense against the most relevant #ransomware methods of attack against #SMBs. Learn more at https://t.co/EZXphxsN1p

The rich detail in recent threat reporting is an extremely welcome trend. But the reality is that longer/denser reports can place more burden on teams, if they’re attempting to (or leadership expects them to) thoroughly process each one

If you've felt like it's taking longer to get through a typical CTI report lately, you're not wrong

Meet us in Iowa at the 2023 @QCCornCON on 10/5-7. @advemuian will be presenting "Using ATT&CK for Threat Profiling, Defensive Stacks, and Coverage Maps" and "Mind the Gap: From CTI to Defensive Improvements." Use code "TID25" for 25% off! https://t.co/fODEi2HJ8a #mitreattack

Wholeheartedly believe that most in the #threatintel, #detectionengineering, and #adversaryemulation spaces can benefit by bookmarking this free-to-use tool as we push regular updates into the platform

https://t.co/3aF9HsmdW5

NEW Community Edition content derives from @CISAgov's detailed new advisory. Start w/ the new Campaign object, pivot to dozens of new & updated Tools, Malware, & @MITREattack Technique relationships just added: https://t.co/N72X9jEWn9

The value here is organizing the exercise around a recent, prominent threat - recently enhanced Search in @TidalCyber Community Edition helps quickly surface relevant content, & pivoting on mapped @MITREattack techniques expands focus to include variations on observed procedures

A set of mini purple team exercises involved a typical cast of characters including @redcanary #AtomicRedTeam tests + @sigma_hq rules run via Chainsaw on logs configured via @olafhartong's Sysmon-Modular config Ultimately we contributed a new test aligned with an existing rule

New blog is out, walking through practical workflows for detecting & testing persistence behaviors used by #FlaxTyphoon #APT, entirely via free/community resources

Definitely feels like there’s ample space for more practical guidance around baselining, an essential part of the hunting discipline. Looking forward to the next piece!

New adversary intel, defensive resources, & collections of threats added to the free version of the Tidal platform this week. The redesigned homepage makes it easy to keep track of the top highlights

#ATTACK + the latest, breaking OSINT + FREE = Tidal Community Edition!

Today we released another round of Tidal-authored threat objects in our freely available Community Edition! The latest updates feature 6 new & 4 updated objects, and dozens of associated #TTPs. Access links to all the new content here: https://t.co/oXBIVB0C8m #threatintel

We added an original #mitreattack-style object for #BianLian to @TidalCyber's Community Edition, which links to 16 more new & updated objects representing key malware & tools used by BianLian operators:

#BianLian is a trending extortion threat, a leading example of a wider landscape trend that sees many #ransomware actors emphasizing data exfil over traditional encryption attacks BianLian actors have claimed hundreds of victims around the world during just a year of operations

One of the Tidal-authored threat objects recently added to our Community Edition covers #BianLian, a #ransomware-turned-data theft operation: https://t.co/wZVwfBhH0r Explore all the #mitreattack knowledge base extensions added to our free platform: https://t.co/nrXu5t83MZ