It wasn't a binary, it was an exe. Silly billy

exe? Now I am all calm and comfortable.

@@vladimirpain3942 And to make it even better I'll put it in a little winrar archive. Everybody has a least one memory of opening that little atack of books to decompress the roms and play the games they had as a kid - it's so nostalgic, isn't it. CLICK ME, COME ON - YOU KNOW YOU WANT TO.

@@LennyMiller739 exe is a binary file, silly willy

But it very well could be, who knows what they collect and store. Trust no one.

exactly what i thought.

​@@TheStevenWhitingthat's exactly what I also want

​@@TheStevenWhitingCybersecurity used to be a place for computer nerds, now it's filled with Machiavellian sell outs trying to make a quick buck. But if you really care about a project like this being open source, then you should start the project yourself. If it gets enough momentum, I'd probably do bug bounties for it as volunteer work.

@@TheStevenWhitingWazuh… or Security Onion.

What if there is a psycho there with an axe??

​@@Hid4riYou GAZA the Psycho

@@Hid4ri lol physiclly "hacked"

​@@franklinndubuisi7479who's that?

​@@franklinndubuisi7479don't get it sorry dude, I was only making a joke because in the woods you may come across a crazy person who is looking to "hack" with his axe. I'm sorry 😢

Probably holding that CTRL key too long when hyperactive scrolling through windows. :D

You can prolly make a rule to detect the rules manipulations I guess

Focus on your company that already have, or in budget.

Choosing the right security tool can indeed be overwhelming, especially with such a diverse landscape! Understanding the differences between EDR, SIEM, SOAR, and specific tools like the ones you mentioned is crucial for making an informed decision. Let's break it down: Types of Tools: EDR (Endpoint Detection and Response): These tools focus on protecting endpoints (laptops, servers) from malware, exploits, and intrusions. They monitor endpoint activity, detect anomalies, and enable incident response. Examples: Crowdstrike Falcon Insight, McAfee Endpoint Security, SentinelOne. SIEM (Security Information and Event Management): SIEM tools aggregate security data from various sources (firewalls, logs, servers) to provide a unified view of security events. They help with log analysis, threat detection, and compliance. Examples: Splunk, ArcSight, LogRhythm. SOAR (Security Orchestration, Automation and Response): SOAR tools automate repetitive security tasks like incident ticketing, remediation workflows, and playbook execution. They integrate with other security tools to streamline incident response. Examples: Demisto, Palo Alto Cortex XSOAR, Rapid7 Nexpose. Understanding the Differences: EDR is focused on endpoints, while SIEM has a broader scope, covering all security data. SIEM provides visibility, while EDR offers deeper analysis and response capabilities for endpoints. SOAR automates tasks based on SIEM and EDR data, streamlining incident response. Choosing the Right Tool: Consider your needs: What are your main security concerns? Do you need endpoint protection, centralized event management, or automated response? Evaluate your budget: Tools vary in pricing and complexity. Choose one that fits your budget and skillset. Start small: Don't try to implement everything at once. Begin with a core tool (e.g., EDR for endpoint protection) and expand later. Research and compare: Look for independent reviews, test demos, and compare features before making a decision. Specific Tools: Splunk: SIEM platform with advanced analytics and reporting capabilities. Aurora: Open-source SIEM platform known for its flexibility and customization. Corelight: Open-source network traffic analysis tool for intrusion detection. Zeek: Another open-source network traffic analysis tool with strong threat detection capabilities. MS Sentinel: Cloud-based SIEM and SOAR solution from Microsoft. Snort: Open-source network intrusion detection and prevention system. Wireshark: Network traffic analyzer for troubleshooting and security investigations. Datadog: Cloud-based monitoring platform with security features. Graylog: Open-source SIEM platform with a user-friendly interface. Security Onion: Open-source security suite with various security tools. ELK Stack: Open-source stack combining Elasticsearch, Logstash, and Kibana for log analysis and visualization. LogRhythm: SIEM platform with built-in SOAR capabilities. Google Chronicle: Cloud-based SIEM and SOAR solution from Google. For beginners: Start with a free or open-source tool: Many excellent options are available like Corelight, Zeek, Security Onion, ELK Stack. Focus on learning the fundamentals: Understand the concepts of EDR, SIEM, and SOAR before diving into specific tools. Seek help from the community: Join online forums and communities to learn from other security professionals. Remember, the best tool is the one that fits your specific needs and budget. Take your time, research, and don't hesitate to ask for help.

Both question and answer was brought to you by ChatGPT 😅

@@CYBERSECURITY.101 okay, AI

how about asking yourself if you need any of them? they are for sysadmin or for a corporate segment. In that case it might be wise to use what is already purchased, installed and working. Otherwise, and especially for a private/small home network it's recommended to use standard security package included in your windows defender, like HIPS and similar utilities. If you feel it's not enough, consider enhanced protection from Eset, or Kaspersky, or Comodo, or Zonealarm, or similar

There are two psychology thought experiments to try on prospective employees, one is the Gift Scenario, and the other is the Meadow Scenario. But the bottom line is, threats not perceived or expected result in different behaviour than otherwise. Good perception, leads to mitigating behaviour, before threat vectors resolve. All intelligence assets undergo such training, perhaps IT security personnel should also be taught to think in similar ways. Expect threats, when there are none. Just because none is detected, does not mean it is not there. This also applies to industrial maintenance, inspection, police work, intelligence, public works, and actuarial work.

@@KieSeyHow Idk why you got your information for this comment, but... From day one, I've been taught to be proactive, and look for threats before they occur, which is exactly how to do what you described. Guess, I'm just having trouble, understanding the purpose, of your comment.

IMO I think as John's audience grows, more and more people are joining (watching) for reasons other than the "core" of his channel's message/content. From day one, his content has been on focusing on Red/Blue Team day-to-day with some videos being very technically detailed while others (his most popular, ironically) are John installing TOR and trolling the *Dark Web.* If you look at John's video catalog you can see the spectrum from Skiddie to Malware Analyst/Engineer and everything in between. Rather than people criticizing John's content for it not being "double-clicking on the .exe file and selecting Accept, Next, Next, Finish" they should challenge themselves, step up their game and possibly learn something, gain a little insight and experience.

Funnily enough that's roughly how I found John's channel 2 years ago! Now working in IT and doing a degree in Cyber Security, so it worked out ok for me.

Notifications don't mean a damn thing when you're subscribed to dozens of channels.

@@lumikarhu Not true actually, Aurora has response actions, although limited in the Lite version.

in order to be able to make a meaningful response action, the utility should be host-based

This video isnt for the general public lol

I think John said something about "Blue Team Professionals" or aspiring Blue Team Pros? This must be your first John Hammond video...? Oh, and the CLI isn't scary once you've worked with it for a while, give it a shot.

Funny how i lived in the command line for 35 years, and people today are just discovering it. Thank God for gui's, eh? 😂

@@OGMann wow you are so cool. You want a medal?

@@wooshbait36 we'd be just fine without one if you'd kindly step off the lawn.

I got 3 trojans

With Windows 10 and above you'd have to start with zero trust, blocking both out and in, so each connection can be verified and researched. My local systems (both Linux and Windows) have run like that for more than 10 years.

indeed the most of the job is done by properly configured firewall. the rest of the job is done by properly configured HIPS utility and you might want to get an antivirus just for your convenience , to help you make a right decision secure DNS with or witthout filters to avoid phishing, other stuff like ublock origin are for a better protection and mostly for convenience

yes. my windows defender said it was a virus

Same brother

Have you found any solution?

I got the verification but never the links....

Maybe IT isn't for you then? Tech is always advancing so it's always changing, ya gotta keep up or else YOU become irrelevant.. feel me?

ufffffff i got that same situation.

@@bartomiejb6730 Could you make sure that you're using an up-to-date browser? Which version of Firefox do you use?

Same - but its working now.

@@kimpedersen Thank for sharing an update. Will retry this evening 👍

Yes Yes Yes !! Thanks for the idea, If I can manage to it (I’m ChemE not software lol) I’ll even give you cut 😂

Specially when its this guy saying that stuff

@@Sloptit Yeah. It's a product push. TRUST ME I AM- . No one's taking that away from him but come on this is an advertisement video. No you can't have my data.

Pretty much the same vibes here, especially when delivered by some guy who feels like he is on uppers or speed. I learned in my work to never fully trust people with that kind of energy.

@@KieSeyHow Yeah

its literally John Hammond. Dudes a legend. You must not be in the CyberSecurity field lol. @@KieSeyHow

No matter how thoroughly you "clean" it you won't ever be 110% sure,. So it's ALWAYS best to wipe it and clean install an OS on it. PEACE

:(

why