Let's up the stakes

So, since the tshirt/donation is going slow, let's make it more interesting. I'm adding my RESCO Patriot Gen 1 Sterile to the game.

Those that donate get a chance to win this watch. One dollar equals one ticket. The winner will be announced after Xmas.

So, what are you waiting for? The donations link can be found at the bottom of the page. And yes, I ship internationally, contact me if you want to know if the watch can be shipped to your country.

Thanks for the support!


The original 12 revisited and something else

Given the increased traffic to the blog and the number of readers, the cost of keeping the blog free and, more importantly, ads free is becoming higher.
We don't want to charge and we don't want to place any ads. The blog is for all of you, as well as for us.
So, we thought what to do and well, you can help us keep it free for the next few years by getting a tshirt.

Geting a tshirt will help, but you can also make donation (at the bottom of the page). The tshirt is a made in the USA American Apparel with the original 12 in the back.

So, everyone gets a tshirt and those that donate also will have the chance to win a Red Teams draft book (the book will be up for sale in a few days). We have only 2 of these draft books and they are loaded with extra stuff, notes that the team took, corrections and other things. Oh and the 1st place will get a Red Teams patch with the book.

The bar is set low, 100 tshirts. What do you say? This will go until Dec 24th.


When You Know Your Enemy | Strategic Cyber

This is another great post by Raphael, the author of Cobalt Strike (on of my favorite red teaming tools).

One theory for Threat Intelligence is to provide a feed with IP addresses, domain names, and file hashes for known bad activity. Customers subscribe to this feed, their network defense tools ingest it, and now their network is automatically safe from any actor that the Threat Intelligence provider reports on. Many technical experts scoff at this, and not without reason. This is not far off from the anti-virus model.

The above theory is NOT why I care about Threat Intelligence. My interest is driven by my admittedly skewed offensive experiences. Let me put you into my shoes for a moment…


Preemptive Red Teaming

Many things keep me awake at night. Lately, the one thing that has been on my mind again and again is the foreign terrorists that are currently fighting alongside ISIS.

The reason this is on my mind is simple: what would happen with them when ISIS is no longer something they want to be part of? Maybe ISIS will get defeated. Maybe it would be dismantled by an even more extreme and radical terrorist group. Whatever the reason, these foreign terrorists might chose to return home. What is home? Well, if you read a little bit, these places include many countries in Europe, Asia Africa and, yes, North America.

Now, these are radical individuals, terrorirists, to begin with. And now, after many months, years of fighting they return home, more radical than before and, worse, with field experience: operational experience. Yes, training.
Think about this...

You have have trained terrorists returning to western countries, infidel countries... And they have training?

It scares the shit out of me. It should scare you too.

Right now is the right time to start preemtively Red Teaming this. Try to come up with many ways to stop them, ways to prevent them from continuing with their terrorist activities, only now on our soil.

The truth is, we should have done this a long time ago.

Think about this.

Red Teams Book - A Preview

Here's a small preview (PDF) of the Red Teams book, a brain dump that became something more. The book will be ready in the next few days as a softcover or eBook.

I'll send you all the links when it's ready.


Operation Cleaver (PDF)

Iranian hackers are seeking to establish a beachhead for cyber sabotage, according to US firm Cylance. The so-called Operation Cleaver crew has already gained a high level of access to airports across the world, and researchers at Cylance believe they've only seen 10 per cent of what the hackers have done.