Project

Profile

Help

Actions
Send by e-mail Copy link

Task #155297

open

Sources & Methods Newsletter #21 - January 2025

Added by Sources & Methods (noreply@sourcesmethods.com) from Sources & Methods 2 days ago.

Status:
Open
Priority:
Normal
Assignee:
-
Category:
-
Start date:
01/28/2025
Due date:
% Done:

0%

Estimated time:
Company:
Sources & Methods
Contact person:
Hello
Additional contact persons:
-

Description

Β 

https://sourcesmethods.com/r/35cca11d?m=c7f68642-a713-421f-bbd9-e8c847b480a8

Sources & Methods [https://sourcesmethods.com/r/f90ae625?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

Sources & Methods Newsletter #21 - January 2025 [https://sourcesmethods.com/r/d37e7161?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

By Matthew Conway β€’ 28 Jan 2025

View in browser [https://sourcesmethods.com/r/0c9ec1ee?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

View in browser [https://sourcesmethods.com/r/9ab763ea?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

πŸ“ Sources

JA4+ Database [https://sourcesmethods.com/r/5f202320?m=c7f68642-a713-421f-bbd9-e8c847b480a8] - Online and downloadable database of JA4+ TLS fingerprints

πŸ“° Information

Vertex Project - More Than Malware Families: Retooling Our Approach to Tracking Software [https://sourcesmethods.com/r/ff50333c?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #tracking #methodology

@BushidoToken - Tips for Investigating Cybercrime Infrastructure [https://sourcesmethods.com/r/631b8d98?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #infrastructure #pivoting

Orange - The hidden network: How China unites state, corporate, and academic assets for cyber offensive campaigns [https://sourcesmethods.com/r/01311dc5?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #strategic #PRC

Anastasia Sentsova - Women In Russian-Speaking Cybercrime: Mythical Creatures or Significant Members of Underground? [https://sourcesmethods.com/r/2a3a11dd?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #threatactors #criminology

VirusTotal - VirusTotal moves to YARA-X [https://sourcesmethods.com/r/78ad3b93?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #tooling #YARA

Team Cymru - An Introduction to Operational Relay Box (ORB) Networks - Unpatched, Forgotten, and Obscured [https://sourcesmethods.com/r/1e730fe2?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #infrastructure #ORB

David R. Mandel, Daniel Irwin - Beyond Bias Minimization: Improving Intelligence with Optimization and Human Augmentation [https://sourcesmethods.com/r/44798c58?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #analysts #bias

Jamf - APT Actors Embed Malware within macOS Flutter Applications [https://sourcesmethods.com/r/71966fc8?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #macOS #malware #operational

@cyint_dude - Pen-To-Paper and The Finished Report: The Key To Generating Threat Intelligence - CTI SUMMIT 2017 [https://sourcesmethods.com/r/97d16742?m=c7f68642-a713-421f-bbd9-e8c847b480a8] #reporting

Β 

[https://sourcesmethods.com/r/03eaa0d3?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

πŸ›  Tools

Obsidian Interpreter

help.obsidian.md [https://sourcesmethods.com/r/fcc4cc4b?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

Interpreter is a web clipper for the Obsidian Markdown editor that allows you to extract and process text from web pages to create notes using templates and an LLM (local supported). With it, you can extract, summarize, translate, and convert formats. It's a powerful tool for OSINT, threat research, and study.

urlfinder

github.com/projectdiscovery/urlfinder [https://sourcesmethods.com/r/f04eb556?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

New CLI tool from Project Discovery for passive URL discovery using AlienVault, Common Crawl, urlscan.io, Wayback Machine, and VirusTotal.

people-researcher

github.com/langchain-ai/people-researcher [https://sourcesmethods.com/r/ff6e3baa?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

Given a person of interest, this AI agent will search the web about them using the Tavily API, returning results as structured JSON.

DC3-MWCP

github.com/dod-cyber-crime-center/DC3-MWC [https://sourcesmethods.com/r/da0dbc96?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

This Python-based package, CLI, and HTTP API parses malware configuration from sample files. It comes with built-in parsers, but you can write your own rules for it, as well. It extracts C2 connection details, passwords, filenames, and mutex names, among other things. If you want a STIX 2.1 bundle, it can generate those, too!

AIL Framework v6.0

ail-project/ail-framework#v6.0 [https://sourcesmethods.com/r/a6dddc39?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

This new version of AIL Framework (Analysis Information Leak Framework) brings an updated dashboard, support for detecting barcodes, and a new daily analysis view.

blueskynet

github.com/jakecreps/blueskynet [https://sourcesmethods.com/r/3005cac3?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

Here's a new web app from Jake Creps that enables OSINT researchers to scour Bluesky users and posts with powerful filtering and CSV export capabilities. Bluesky is a newer social media platform akin to X/Twitter that has significantly increased in popularity.

πŸ’‘ Tip

Check out Vertex Project's free Synapse Bootcamp training [https://sourcesmethods.com/r/15bc1ff4?m=c7f68642-a713-421f-bbd9-e8c847b480a8] whether you haven't learned Synapse yet or could use some help getting to the next level with it. There are slides, practical exercises with an answer key to check your work, and additional resources to help you use Synapse.

πŸ“† Events

SANS CTI Summit

πŸ“ Alexandria, VA, US and online
πŸ“† January 27-28th, 2025
πŸ”— https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2025/ [https://sourcesmethods.com/r/1cdb2da1?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

RISE USA

πŸ“ San Francisco, CA, US
πŸ“† April 8-9th, 2025
πŸ”— https://www.team-cymru.com/rise-usa [https://sourcesmethods.com/r/6da47edb?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

PIVOTcon

Invite-only up to 155 attendees, ticket price includes accommodations. CFP closes February 7th, 2025 23:59:59 CET.

πŸ“ Malaga, ES
πŸ“† May 7-9th, 2025
🏒 Higueron Hotel MÑlaga
πŸ”— Info https://pivotcon.org [https://sourcesmethods.com/r/6a370c6f?m=c7f68642-a713-421f-bbd9-e8c847b480a8]
πŸ”— CFP https://pretalx.com/pivotcon25/cfp [https://sourcesmethods.com/r/ebe56efd?m=c7f68642-a713-421f-bbd9-e8c847b480a8]
πŸ”— Request invite https://docs.google.com/forms/d/1zik9D1BIK9e8bF8nMtdGm22O4C94z-bXJ6Vrx4cWCBY/viewform?edit_requested=true [https://sourcesmethods.com/r/d4607ff6?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

Underground Economy

πŸ“ Strasbourg, FR
πŸ“† September, 2025
πŸ”— https://www.team-cymru.com/events [https://sourcesmethods.com/r/e44fe3f4?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

RISE Malaysia

πŸ“ Putrajaya, MY
πŸ“† December 9-10th, 2025
πŸ”— https://www.team-cymru.com/events [https://sourcesmethods.com/r/18fac551?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

More like this

[https://sourcesmethods.com/sources-methods-newsletter-21/#/feedback/675f490c09185900013b5e81/1/?uuid=c7f68642-a713-421f-bbd9-e8c847b480a8&key=04c229fd3920ee36d8d615ef445ae7ae3fe13e7e3f6710b1f7ce245d85272d12]

Less like this

[https://sourcesmethods.com/sources-methods-newsletter-21/#/feedback/675f490c09185900013b5e81/0/?uuid=c7f68642-a713-421f-bbd9-e8c847b480a8&key=04c229fd3920ee36d8d615ef445ae7ae3fe13e7e3f6710b1f7ce245d85272d12]

Comment

[https://sourcesmethods.com/r/91dc3616?m=c7f68642-a713-421f-bbd9-e8c847b480a8]

Sources & Methods Β© 2025 – Unsubscribe [https://sourcesmethods.com/unsubscribe/?uuid=c7f68642-a713-421f-bbd9-e8c847b480a8&key=04c229fd3920ee36d8d615ef445ae7ae3fe13e7e3f6710b1f7ce245d85272d12&newsletter=3196e139-93e0-4f47-b725-6008c3b9101a]

Β 

No data to display

Actions
Send by e-mail Copy link

Also available in: Atom PDF Tracking page