Hello and welcome to the Monday, February 16th,

2006 edition of the Sands and then at Storm Saunders Stormcast.

My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

And this episode is brought you by the sands.edu credit certificate program in cyber defense operations.

In diaries, we had one by Russ McRey from Friday about craft generators and APTs

and how to automate creating these crafts with AI.

There's a relatively new tool by Robert McDermott

that Russ used for this diary, and it also solves a couple different problems. First of all,

often when you're looking at sort of threat intelligence, it comes in unstructured forms. Yes,

there are probably more standards we need,

but quite often you have articles and such that do describe particular threat. They may mention

in the case of compromise and such, they may mention IP addresses, host names, and then also,

like, what these systems are, who they belong to.

And where this gets then really powerful is where this tool not only extracts these

indicators, but it also then creates crafts displaying the relationship between them.

I can see this in particular useful for the larger sort of aggregations of reports to sort of find common sources of attacks, but also attack attribution. This may be helpful if you're into this kind of things. So certainly an interesting tool and works here, as Russ describes, on commodity hardware.

You don't need anything sort of special AI, but relatively modest, my opinion, laptop does work to create these crafts rather quickly.

And Microsoft's threat intelligence team published a Quicks of social media post about a new

variety of the famous ClickFix attack that they're seeing. So ClickFix, the victim is being

tricked into copy-pasting a string from what looks like Captcha into a command prompt, then executing

them. Now, a lot of defensive techniques

then focus on sort of these living of the land binaries that are being executed here. What's sort of

...