From Security Weekly WikiJump to navigationJump to search
, 21:27, 12 November 2020
#[https://www.securityweek.com/term-threat-intelligence-poisoned-it-does-not-mean-what-you-think-it-means The Term "Threat Intelligence" is Poisoned. It Does Not Mean What You Think it Means.] - You only really have to read this part: ''So, let’s start with Gartner’s definition of threat intelligence and go from there: “Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and action-oriented advice about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.” However, many equate this definition to external sources of threat data only. The assumption and filter is that threat intelligence equals external threat data. But what about internal data – the telemetry, content and data created by each layer in our security architecture which, by the way, is free? Re-read the Gartner definition. It does not talk about external or internal data in the definition, instead focusing on knowledge and context.''
#[https://threatpost.com/bugs-critical-infrastructure-gear-attacks/161164/ Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks]
#[https://akijosberryblog.wordpress.com/2020/11/08/yantra-manav-a-wormable-ssh-bot/ Yantra Manav A wormable SSH bot]
#[http://exploit.kitploit.com/2020/11/saltstack-salt-rest-api-arbitrary.html SaltStack Salt REST API Arbitrary Command Execution]