Security Infographics Copy [Thomas Roccia]

Just copy of https://blog.securitybreak.io/security-infographics-9c4d3bd891ef#18dd

Summary

• 3CX Attack
• Attribution Model for Influence Operations
• Hermetic Wiper Malware
• Anatomy of a SIGMA Rule
• Practical Threat Intelligence
• Windows Privileges
• Log Parsing Cheat Sheet
• Supply Chain Attack
• Anatomy of a YARA rule
• Linux Security Best Practices
• Diamond Model
• Mitre ATT&CK Matrix
• Tactics, Techniques and Procedures
• RDP Best Practices
• Sandbox Best Practices

Attribution Model for Influence Operations

• DTAC-Attribution-Framework.pdf (microsoft.com)
• Advanced Persistent Manipulators, Part One: The Threat to the Social Media Industry — Alliance For Securing Democracy (gmfus.org)

Hermetic Wiper Malware

• Better quality: Hermetic Wiper Infographic — Speaker Deck

Anatomy of a Sigma Rule

• https://github.com/SigmaHQ/sigma

Practical Threat Intelligence

Windows Privileges

Source:

• Windows Internal
• High quality: https://speakerdeck.com/fr0gger/windows-privileges

Log Parsing Cheat Sheet

Supply Chain Attack

Source:

• https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
• https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
• https://labs.sentinelone.com/solarwinds-sunburst-backdoor-inside-the-stealthy-apt-campaign/
• https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/
• https://securelist.com/sunburst-connecting-the-dots-in-the-dns-requests/99862/

Anatomy of a YARA rule

Sources:

• https://virustotal.github.io/yara/
• https://manpages.ubuntu.com/manpages/xenial/man1/yarac.1.html

Linux Kernel Security Best Practices

Sources:

• https://www.mcafee.com/blogs/other-blogs/mcafee-labs/on-drovorub-linux-kernel-security-best-practices/
• https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF

Diamond Model

Source : https://apps.dtic.mil/dtic/tr/fulltext/u2/a586960.pdf

Mitre ATT&CK Matrix

Source : https://attack.mitre.org

Tactics, Techniques and Procedures

RDP Security Best Practices

Sandbox Best Practices

If you like this content you can follow me.