APT Wiki from ThreatRadar by Hadess, v1.1, 2025

An awesome 233-page resource cataloging a wide range of Advanced Persistent Threat (APT) groups, covering:

🌍 Geographic origin
🎯 Motivations
🧰 Toolkits
🏭 Targeted industries
📝 Group overviews

Think of it as a supplement to MITRE, but packaged for quick reference. It's about a year old but still really useful!

#pentest

Certified Kubernetes Security Specialist (CKS) Study Guide by Benjamin Muschko, 2025

If you're preparing for the CKS exam📘 or looking to deepen your understanding of Kubernetes security, this book is a must-read. It provides:

In-depth coverage of the CKS curriculum:
📌 Real-world scenarios and use cases to understand attack vectors and mitigation
📌 Hands-on examples for tools like kube-bench, Trivy, Falco, and AppArmor
📌 Guidance on securing the supply chain, hardening the system, and monitoring runtime security

#book #SecDevOps #exam

The Cybersecurity Workforce of Tomorrow, Michael Nizich, 2023

The field of cybersecurity - the protection of electronic data - offers one of the fastest growing job markets today. As the sector grows in importance there will be a rapidly growing demand for qualified analysts, cryptographers, engineers, architects, managers, and executive leaders.

The Cybersecurity Workforce of Tomorrow discusses the current requirements of the cybersecurity worker and analyses the ways in which these roles may change in the future as attacks from hackers, criminals and enemy states become increasingly sophisticated. The author's predictions are based on the inevitable changes that will come for the cybersecurity industry.

Experienced practitioner and academic Michael Nizich examines the current and future human resources requirements of the cybersecurity market. His focus on workforce preparation, education and emerging technologies is essential reading for executives and cybersecurity professionals alike.

#book #analytics

Authentic Hacker Culture: Didier Stevens

Didier Stevens is a famous Belgian software developer and a respected cybersecurity word wide expert . He is best known for his tools for cracking Windows passwords, analyzing PDF documents and injection malicious code into PDF file, and as the author of the open-source Didier Stevens Suite utilities: 140 programs for system operations with files, processes, the registry and other things.

As his LinkedIn profile says, Didier Stevens "started programming over 40 years ago and has no plans to stop." Since the 80s, he has been into hacker stuff, namely reverse engineering malware. In fact, he still does it to this day. If you have an interesting sample, you can send it to him by email. Didier's official career began in 1991 with the Belgian provider Belgacom, then there were Euroclear and IP Globalnet, from 2000 to 2016 he worked as a security consultant at Microsoft, first as a freelancer, and then as a Microsoft MVP for user security.

In 2012, he founded Didier Stevens Labs, which is still active. He probably provides consulting services from this legal entity at a price several times higher than what he would pay an individual contractor. As they say, every good programmer should have his own company for such cases. In recent years, he has been running a private business, while holding the positions of senior handler at the Internet Storm Center (ISC) of the SANS Institute of Technology and senior analyst at NVISO, a company that deals with information security and protection against cyberattacks.

Information security specialists may have come across the mention of the open source Didier Stevens Suite utilities, which contains 140 small programs. Here are some:
📌 Ariad: a tool (driver) to block code execution after inserting a USB flash drive into a port,
base64dump: extract base64 strings from a file,
📌 BinaryTools: simple tools for binary operations: reverse (inverts a file) and middle (extracts a sequence),
📌 bpmtk: a set of tools for manipulating basic processes,
📌 BruteForceEnigma: a program for brute-forcing Enigma ciphers,
📌 cipher-tool: encoding and decoding texts with simple ciphers,
📌 cmd-dll: converting cmd.exe (ReactOS) to dll,
📌 CounterHeapSpray: a tool for ensuring process security: monitors the memory usage of an application to protect against heap spraying,

The case of the Didier Stevens shows that the career of a cool professional can start with innocent hacker joke. As your skills and serious attitude to the matter grow, you become a "leading information security specialist" who is hired as a consultant by leading corporations and invited to speak at conferences.

See also:
👀 NVISO Lab
👀 X(Twitter)
👀 Black Hat 2014

#celebrety