I liked that article.
It was interesting to see the paths he chose and the progress
and partial results.
I also learned about new ways to use certain tools.
It all reminds a lot of Dan Kaminskys classic presentations
at DefCon where he found new and interesting places where
that could fit and what you could do with it.
When I clicked on Graynoise corporate website to read their
posts on it and it sounds pretty close to armageddon.
"
Something is happening, we think you need to be really scared.
The only thing that will help is to buy the services our startup
provides you"
>These events have stumped cybersecurity experts and now pose new, complex risks, demanding attention from security professionals worldwide. These persistent mysteries add new layers of complexity to the cybersecurity landscape, prompting security leaders to reevaluate their defenses and ensure they are equipped with the right tools for an ironclad security posture.
> China China
>Prioritize What Matters: With an overwhelming number of alerts, it’s critical to employ tools that cut through irrelevant noise and prioritize actionable threats.
Optimize Resource Efficiency: With security teams under immense pressure, solutions that reduce false positives can help optimize time and resources.
Be Proactive: Reactivity is no longer sufficient. Noise Storms demonstrate that security is about anticipating and mitigating risks before they cause disruption.
Use Actionable Intelligence: Sophisticated threats require real-time, actionable intelligence capable of detecting traffic anomalies like Noise Storms — and any black swan that may follow.
Really interesting puzzle. The author also has an update on the other packet types: https://darthnull.org/noise-storm-update/
I liked that article. It was interesting to see the paths he chose and the progress and partial results. I also learned about new ways to use certain tools.
It all reminds a lot of Dan Kaminskys classic presentations at DefCon where he found new and interesting places where that could fit and what you could do with it.
When I clicked on Graynoise corporate website to read their posts on it and it sounds pretty close to armageddon.
" Something is happening, we think you need to be really scared. The only thing that will help is to buy the services our startup provides you"
>These events have stumped cybersecurity experts and now pose new, complex risks, demanding attention from security professionals worldwide. These persistent mysteries add new layers of complexity to the cybersecurity landscape, prompting security leaders to reevaluate their defenses and ensure they are equipped with the right tools for an ironclad security posture.
> China China
>Prioritize What Matters: With an overwhelming number of alerts, it’s critical to employ tools that cut through irrelevant noise and prioritize actionable threats. Optimize Resource Efficiency: With security teams under immense pressure, solutions that reduce false positives can help optimize time and resources. Be Proactive: Reactivity is no longer sufficient. Noise Storms demonstrate that security is about anticipating and mitigating risks before they cause disruption. Use Actionable Intelligence: Sophisticated threats require real-time, actionable intelligence capable of detecting traffic anomalies like Noise Storms — and any black swan that may follow.
Using noise scanners explicitly as a data exfiltration mechanism is actually a genius idea!
Smells like the kind of location triangulation that IPinfo.io has talked about engaging in.