Don't forget to patch for ShellShock. There's no shortage of information on the bug, so I'll not try and cover it here. But if you need a good overview, try this.
This week we tried something new. We created what I'm calling "kneeboards". A kneeboard is an easy to read intelligence and information pack that Navy Intel officers used to make for pilots.. they strap it to their knee during flight --fast and easy reference, written in non-intelligence speak.
So we published four kneeboards this week - two page profiles of one APT group each. The feedback has been amazing. I passed one out at the ISC2 NH meeting that I spoke at on Tuesday night, coupled with a 30 minute threat brief talking about three incidents where the group had been involved. The feedback was amazing. Two pages, simple story, adding in a presentation and a place to get more information (indicators for the kneeboarded group can be found at Threat Recon).
We're updating Threat Recon daily with new indicators.
We've published credential (user name and password) dumps to members in Red Sky Alliance. If you're a member, check the list.
And we offered early warning to members who appeared in a target list obtained late last week.
We'll keep publishing them.
I'm going to keep this week's blog short. It's probably the last 80 degree day we're going to have this year in New Hampshire, so I'm heading for Maine. Gonna spend the day at the beach.
Have a great weekend!