Yes, here it is; that “end of year, look back at what happened, and what’s coming next” type post.

I am not one for reminiscing, but there have been a few big stories during the past year.

Some might still be raw and top-of-mind (…Log4J), pushing the other big cyber security events last year to the back our minds.

Here is a month-by-month breakdown of posts I’ve bookmarked in Obstracts;

January 2021

CrowdStrike Services Cyber Front Lines Report by Crowdstrike

Subscribe to the Crowdstrike feed on Obstracts

February 2021

Sandworm intrusion set campaign targeting Centreon systems by Agence Nationale de la Securite des Systemes d’Information

Subscribe to the ANSSI feed on Obstracts

March 2021

Intelligence Community Assessment: Foreign Threats to the 2020 US Federal Elections (Declassified) by the National Intelligence Council

Subscribe to the DNI feed on Obstracts

April 2021

Welcome to the 2021 Threat Detection Report by Red Canary

Subscribe to the Red Canary feed on Obstracts

May 2021

2021 Data Breach Investigations Report by the Verizon DBIR team

Subscribe to the Verizon Security feed on Obstracts

June 2021

Red Canary’s Diary of a Detection Engineer 1/3 by Red Canary

Subscribe to the Red Canary feed on Obstracts

July 2021

Chinese State-Sponsored Cyber Operations: Observed TTPs by the NSA

Subscribe to the NSA feed on Obstracts

August 2021

How ransomware happens and how to stop it by the NZ Cert.

Subscribe to the NZ Cert feed on Obstracts

September 2021

Group-IB founder arrested in Moscow on state treason charges by The Record (by Recorded Future)

Subscribe to The Record (by Recorded Future) feed on Obstracts

October 2021

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor by the Microsoft Threat Intelligence Center

Subscribe to the Microsoft Threat Intelligence Center feed on Obstracts

November 2021

Evolving trends in Iranian threat actor activity by the Microsoft Threat Intelligence Center

Subscribe to the Microsoft Threat Intelligence Center feed on Obstracts

December 2021

A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution by Google Project Zero.

Subscribe to the Google Project Zero feed on Obstracts

I deliberately chose a non Log4J subject for December. Here’s a good roundup of blog posts on the topic.

See you in a years time for another one of these!




Join the Signals Corps on Discord

Join our public community of intelligence analysts and researchers sharing new content hourly.


Obstracts

Obstracts

Turn any blog into structured threat intelligence.

Stixify

Stixify. Extract machine readable intelligence from unstructured data.

Extract machine readable intelligence from unstructured data.


Vulmatch

Vulmatch

Know when software you use is vulnerable, how it is being exploited, and how to detect an attack.

SIEM Rules

SIEM Rules. Your detection engineering database.

View, modify, and deploy SIEM rules for threat hunting.