Discover and read the best of Twitter Threads about #Attribution

Most recents (10)

1/7
Let's talk #attribution in cybersecurity.

I downloaded an initial letter from the other driver's insurance that *denied* my claim by asserting I failed to reduce speed to avoid an accident.

In other words: they attributed a car crash to me.

Later, for unknown reasons...
2/7
...someone other than the person who signed that letter dropped me a voicemail saying someone in their dept. requested a "re-review" of my dashcam footage.

They withdrew #attribution pending further consideration.

The next day, a third adjuster left a voicemail saying...
3/7
Okay, so I needed to call in again. A fourth adjuster told me they formally held me 0% liable. Dashcam FTW!

They placed #attribution for the car crash entirely on their client, not me.

So! What does this anecdote have to do with #cybersecurity? Well, I'll tell you...
Read 8 tweets
Daily Bookmarks to GAVNet 03/09/2021 greeneracresvaluenetwork.wordpress.com/2021/03/09/dai…
Scientists find evidence of mathematical structures in classic books | James Joyce | The Guardian

theguardian.com/books/2016/jan…

#fractal #joyce #evidence #books #structures
Read 10 tweets
Facebook’s @ngleicher was right about linking #APT32 to CyberOne and here is why:
As per Group-IB #ThreatIntelligence & #Attribution the domain cbo[.]group had an IP 45[.]61[.]136[.]214 in the A-record. On this IP address, we detected a unique SSH 4b390f0b7125c0d01fe938eb57d24051 Image
According to Group-IB Graph Network Analysis, this fingerprint was also seen on 30 other hosts including on 45[.]61[.]136[.]166 and 45[.]61[.]136[.]65. Both were used to deploy a uniquely configured #CobaltStrike framework, used exclusively by #APT32 aka #OceanLotus Image
All the listed IPs belong to the autonomous network - AS53667 within the range of 45.61[.]128[.]0 to 45[.]61[.]191[.]255. We've also seen #APT32 hosting #CobaltStrike on the 45[.]61[.]139[.]211, which was indicated in the A-record of feeder[.]blogdns[.]com
Read 3 tweets
Daily Bookmarks to GAVNet 11/23/2020 greeneracresvaluenetwork.wordpress.com/2020/11/23/dai…
Balancing Epistemic Humility and Prior Knowledge - Insight

zeynep.substack.com/p/balancing-ep…

#humility #balancing #knowledge #coronavirus #prior
Maybe There is No Technological Slowdown - New Things Under the Sun

mattsclancy.substack.com/p/maybe-there-…

#growth #technology #decline
Read 8 tweets
La procédure dite «d'urgence absolue» prévue par la loi de 2015, i.e. autorisation du Premier ministre sans avis préalable de la CNCTR, n'a été utilisée qu'une fois, en décembre de la même année. Image
Quelques éléments sur les contrôles «sur pièces et sur place» effectués par la CNCTR : DGSI et DGSE ont droit à deux visites par mois. Image
Le président de la CNCTR a fait état dans son audition de trois «irrégularités sérieuses» depuis 2015. Une en 2018 : surveillance d'une personne «non visée dans l'autorisation initiale» + 2 en 2019 sur lesquelles la DPR n'avait pas d'éléments au moment de boucler son rapport. Image
Read 53 tweets
My paper on “Public Attribution of Cyber Intrusions” was published in the Journal of Cybersecurity (@OUPAcademic). It's open access so everyone can have a read. I summarize the main insights in the thread below:
academic.oup.com/cybersecurity/…
Drawing on the intelligence studies literature, I argue that public attribution is employed to shape the “rules of the game” and thereby shape the normative and operational environment for cyber operations.
I split attribution into sense-making and meaning-making processes: sense-making process refers to the knowledge-generation process that establishes what happened, the meaning-making process to deliberate actions that influence how others interpret a particular cyber intrusion
Read 13 tweets
#Crypto exchanges need to develop a tracking code / pixel / link that helps marketers prove whether their landing page / marketing initiative converted a buy order on the exchange (existing exchange customers already or not). A referral for signup isn't enough.
2) How is a marketer expected to prove that marketing is helping drive awareness + buyers for a #crypto project? The most he can do is increase project follow counts, develop unique tools and use Google Analytics tools to prove potential exchange conversions i.e. clicks on links.
3) We all have big plans for driving fresh eyes to #crypto and helping the ecosystem grow, but we need tools designed to help professionals prove the effectiveness of their work:

Read 16 tweets
🔥👿🔥 New working paper alert! 🔥👿🔥
"Inferno: A guide to field experiments in online display advertising"
ssrn.com/abstract=35813…

THREAD: This guide reviews challenges & solutions from a decade of research.
#marketingacad #econtwitter #fieldexperiments Image
“Abandon all hope, ye who enter here” - Dante’s Inferno👿
Online display ad experiments are hell. They are also a proving ground for field experimenters, & have much to teach us. The guide is organized into the nine 9 circles of 🔥hell🔥 as applied to #displayad #fieldexperiments Image
🔥Circle 1🔥 Display ad effects are so small🤏 that observational methods fail🤦‍♀️. Ad effects explain so little variation in ad outcomes, that they get swamped🌊 by unobserved confounds. Like Dante entering the inferno👿, we resign ourselves to the necessity of experiments.😭😭 Image
Read 11 tweets
@MaxMustermann_1 @HonkHase Wir befinden uns immer noch in einer Situation, wo sich die einzelnen Institutionen im Wesentlichen durch #Koexistenz statt #Kooperation auszeichnen. 1/6
@MaxMustermann_1 @HonkHase Software, Hardware und Know-How wird individuell beschafft und sorgt für eine suboptimale Nutzung - leider auch nicht zum Schutz unserer Kritischen Infrastrukturen. 2/6
@MaxMustermann_1 @HonkHase Das #NCAZ, das im #Krisenfall die Reaktion der #Behörden koordinieren soll, hat unklare geregelte Zuständigkeiten, da die Entscheidung, wer zuständig ist, von korrekter #Attribution ausgeht. 3/6
Read 6 tweets
I imagine the #sonytruthers playing armchair #DFIR investigators will emerge from wherever they’ve been hiding in order to dispute the #DPRK #indictment. My advice: you were wrong in 2014-2015, and you’d still be wrong today. HT ⁦@JohnHultquistint.nyt.com/data/documenth…
Because #attribution is inherently political per @RidT and @BuchananBen, you need more than “hacking” knowledge to assess national policy. Experience w/ #cybersecurity clearly helps, but gov internals, intel agency processes, bureaucracy, trade, diplomacy, LE, are all important.
I think it’s slowly changing, but a failure of #cybersecurity has been to think “soft” areas are much easier than coding, so any leet hacker is inherently qualified to address political science, history, economics, and related topics by virtue of their ability to code in ASM.
Read 4 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!