5+All Security Resource Digest for 2023–12–11

In today’s 5+All digest for Monday, Dec 11, 2023, find:

1. ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related
2. How Insiders Use Vulnerabilities Against Organizations | CrowdStrike
3. AI regulation will begin in the EU
4. OSINT for Incident Response (Part 1)
5. Verizon Gave Phone Data to Armed Stalker Who Posed as Cop Over Email

Browse these and all resources added in the last day in my personal security resource database, the SSD, for free at Go.StrykerNoStriking.com/Complete-DB.

#1: ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related

Dark Reading | Link to Resource

• Law enforcement takes down Dark Web leak site operated by ransomware group ALPHV/BlackCat, listing over 650 companies, but criticism arises for lack of action against BlackCat/ALPHV affiliates, including Scattered Spider; FBI and CISA release advisory about Scattered Spider’s use of BlackCat/ALPHV ransomware.

#2: How Insiders Use Vulnerabilities Against Organizations | CrowdStrike

CrowdStrike | Link to Resource

• CrowdStrike report shows internal users exploiting vulnerabilities and using offensive security tools in enterprise environment; recommends restricting access to exploits and implementing multiple layers of defense to mitigate insider threats.

#3: AI regulation will begin in the EU

Ars Technica | Link to Resource

• European Union passes landmark legislation to regulate artificial intelligence, becoming the first continent to set clear rules for its use, aiming to balance AI development with concerns for humanity.

#4: OSINT for Incident Response (Part 1)

Black Hills Information Security | Link to Resource

• Open-source intelligence (OSINT) is crucial for digital forensics and incident response consultants, helping identify compromises, impacted accounts and systems, accessed data, and reduce discovery time.

#5: Verizon Gave Phone Data to Armed Stalker Who Posed as Cop Over Email

404 Media | Link to Resource

• Fraudulent police impersonator obtained victim’s phone data from Verizon, leading to threats, harassment, and subsequent arrest.

Access all SSD records at go.StrykerNoStriking.com/Complete-DB

To search and use any resource record from today’s 5+All Daily Digest — or any resource ever uploaded to the SSD, including any downloadable PDFs, files, or additional links to related sources! — click this link.

Airtable requires that I request an email address for access controls before I can grant full read-only access to the SSD. Once I approve your requst, you can browse any of the available pre-sorted dashboards for your own projects, including:

• Every resource record ever added to the SSD in a single, searchable (but very long!) list;
• All 5+All Daily Digest records added in the last day; and
• All records sorted into their format type, such as “Research & Stats,” “News Articles & Blogs,” “Documentation & References,” “Online Conversations,” etc.

Please share this digest and database with anyone you think would find these resources helpful. And, let me know what you think?

Final Notes:

• I am actively seeking a new position in cyber intelligence and / or cyber risk analysis! Please feel free to review my resume and my complete project portfolio — including research reports, guides, webinars, podcasts, and personal certifications — for an idea of what I could do for your cybersecurity program.
• This database project — including all its supporting automations and content subscriptions — is entirely self-funded. It’ll remain free to anyone who would like to use it! However, you can help support the project on Ko-Fi or simply by sharing it with others. :)

Thank you to all contributors to the SSD, including:

• Daruma
• Fireflash38
• James Saturnio
• Jordan Nigg
• Robert Waters

Originally published on Medium.