2026
Presentation from the 2026 EU MITRE ATT&CK Community Workshop
Presentation from the 2026 EU MITRE ATT&CK Community Workshop
· โ˜• 1 min read
The 2026 EU MITRE ATT&CKยฎ Community Workshop took place last week and I've had a chance to contribute to it with a presentations introducing a project run by the Ministry of Industry and Trade of the Czech Republic, under which free ATT&CK-based threat models are provided to Czech organizations. If you would like to take a look at the slides from the workshop, they are now available for download...
ICS Arabia Podcast - SOC-CMM
ICS Arabia Podcast - SOC-CMM
· โ˜• 1 min read
Few weeks ago, I was invited to the ICS Arabia Podcast, along with my colleagues with whom I worked on the SOC-CMM Whitepaper - Assessing and Maturing OT SOCs. During the recording, we discussed how organizations may approach Security Operations in industrial and OT contexts. If this topic interests you, you may find the resulting ICS Arabia Podcast episode, which was published yesterday, on YouTube...
Ten tips for aspiring cybersecurity professionals
Ten tips for aspiring cybersecurity professionals
· โ˜• 7 min read
From time to time, a junior security specialist, or someone looking to break into cybersecurity, asks me for a few professional tips. Since I tend to repeat some of these recommendations quite often, and I believe they could be useful to almost any junior security professional, I decided to put together a list of ten tips that I consider the most important for a meaningful, effective, and satisfying career in cybersecurity...
SANS ISC Diary - Another day, another malicious JPEG
SANS ISC Diary - Another day, another malicious JPEG
· โ˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a recent malspam campagin delivering a multi-stage infection chain involving a JScript downloader, WMI-spawned PowerShell, and an in-memory .NET assembly extracted from a JPEG file…