I just viewed the course "CVSS v4.0". I recommend you give it a try as well #firstdotorg learn.first.org/catalog/info…

@FIRSTdotOrg sorry, typing is hard

Pakistan's #NationalCERT (PKCERT) is now a Full Member of @FIRSTdotOrg (Forum of Incident Response and Security Teams), joining its growing global CSIRT network. It has strengthened Pakistan’s regional and international cyber incident response collaboration.

See you at #FIRSTCON26 in Denver. We're looking forward to connecting with incident response professionals from around the world and exchanging perspectives on threat intelligence, DNS abuse mitigation, and Internet security. Request a meeting: join.whoisxmlapi.com/upcomin… @FIRSTdotOrg #FIRSTConference #ThreatIntelligence #DNS #InternetSecurity

🎤 Step onto the stage at #FIRSTMX26 🔗go.first.org/jv1Xh We’re looking for speakers to share practical insights, lessons learned, and emerging challenges in cybersecurity. Be part of a truly global program.

Heading to Denver for #FIRSTCON26 next week? Stop by the @Volexity booth to see a demo of Volcano! We’ll show you how memory analysis with Volcano uncovers advanced threat actors and helps rapidly resolve your investigations. Come find us at Booth 7 to talk threat hunting and triage workflows with our team, including @stevenadair & @attrc! @FIRSTdotOrg #DFIR #FIRSTCON

🚨 Responsible Disclosure Notice — AI-Assisted Cloud Notebook & Infrastructure Security Observations During controlled digital forensic analysis involving AI-assisted notebook environments, cloud orchestration layers, and model-integrated workflows, multiple security observations were identified relating to context isolation, credential exposure risks, unsafe execution pathways, and sensitive operational data handling. The assessment documented recurring patterns associated with: • Weak separation between user-controlled and privileged execution contexts • Cross-context data leakage risks • Access token and API credential exposure surfaces • Unsafe orchestration chaining and notebook execution behavior • Insufficient deterministic isolation in AI-connected workflows The review included notebook-style AI tooling, Jupyter-derived systems, cloud-shell infrastructure, LLM-assisted orchestration layers, and integrated development workflows. Key concerns include: Prompt-context contamination Privilege ambiguity Dynamic execution memory risks Session-linked operational exposure External API orchestration vulnerabilities These observations may have implications under: • Saudi PDPL • Privacy-by-Design principles • Zero Trust Architecture • AI governance & cloud security frameworks Recommended mitigation areas include: ✔ Deterministic privilege isolation ✔ Hardened IAM boundaries ✔ Cryptographic provenance tracking ✔ Auditable model-action logging ✔ Improved instruction/context segregation ✔ Secure-by-Design AI infrastructure controls Relevant forensic artifacts were preserved using: SHA-256 integrity validation Timestamped archival procedures Chain-of-custody documentation Controlled evidence storage practices This disclosure is submitted in good faith for coordinated remediation, defensive security improvement, and infrastructure hardening purposes. As AI systems become increasingly integrated into critical infrastructure and national operational environments, security assurances must evolve toward verifiable isolation, deterministic governance, and auditable trust boundaries. @Google @GoogleCloud @GoogleDeepMind @GeminiApp @NotebookLM @GoogleDevelopers @Android @GooglePlay @GoogleAI @GoogleWorkspace @GoogleSecurity @OpenAI @OWASPFoundation @CISAgov @FIRSTdotOrg #CyberSecurity #AISecurity #ResponsibleDisclosure #DigitalForensics #NotebookLM #Jupyter #CloudSecurity #PDPL #ZeroTrust #AIInfrastructure #BugBounty #PrivacyByDesign

📢 𝐈𝐧𝐭𝐫𝐨𝐝𝐮𝐜𝐢𝐧𝐠 𝐭𝐡𝐞 𝐓𝐈𝐅𝐂𝐄 𝐖𝐨𝐫𝐤𝐛𝐨𝐨𝐤 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥! Everyone who knows me knows how passionate I am about the 𝐂𝐲𝐛𝐞𝐫 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 (𝐂𝐓𝐈) discipline. Back in early 2020, just before the pandemic outbreak, I had the opportunity to travel to Luxembourg for hands-on training on the @MISPProject and later on, attend two @FIRSTdotOrg CTI events in Berlin. Since then, I’ve been fortunate to work on many CTI initiatives, especially during my tenure at Alpha Bank, where my team pioneered in this area within the FSI sector. Over the years, the CTI discipline has significantly matured. With that evolution came frameworks, operational requirements, and the growing challenge of managing multiple intelligence feeds - many of which may not be relevant, actionable, or current enough to effectively protect an organization. Inspired by the TIFCE framework introduced by Sergio Albea, I built the 𝐓𝐈𝐅𝐂𝐄 𝐖𝐨𝐫𝐤𝐛𝐨𝐨𝐤 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥. 🔗 github.com/cyb3rmik3/KQL-thr… The workbook evaluates the four key pillars of the TIFCE framework: ✅ Which feeds provide unique intelligence? ✅ Which feeds are truly relevant to your environment? ✅ Which feeds correlate with confirmed malicious activity? ✅ Which feeds are fresh and actively maintained? If you are using 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 and the 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 stack together with multiple 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 feeds (MDTI, MISP etc), I encourage you to test the workbook and review the findings. Feedback and contributions are always welcome - feel free to open an Issue or submit a PR with enhancements and ideas. I know already that more visuals and some tabs with more info are needed. A huge thank you to my comrade Marios for his contributions, and to MVP brothers Sergio Albea, @BertJanCyber, and Uros Babic for their valuable preview feedback. #MicrosoftSecurity #MicrosoftSentinel #UnifiedSecOps #ThreatIntelligence #CyberThreatIntelligence #KQL #KustoQueryLanguage

L’ANC a organisé du 18 au 20 mai une "Formation avancée en Investigation Numérique et Analyse Forensique Windows & Linux" en collaboration avec le @FIRSTdotOrg et le @MENIDjib.
 #Cybersécurité #Djibouti #DJCERT #FIRST #MDENI #ANC

New on the FIRST blog: “Peak Incident Response” Read the recap from the 2026 FIRST TC hosted by CH-CERTs during #GenevaCyberWeek at:first.org/blog/20260518-Peak… #FIRSTdotOrg #IncidentResponse #CyberSecurity

Speaking to Infosecurity after VulnCon26, the CEO of @FIRSTdotOrg, discussed how AI changes how security flaws are discovered & weaponized, organizations are dealing with an unprecedented surge in vulnerabilities: infosecurity-magazine.com/in…

Pleased to meet Chris Gibson, Director of @FIRSTdotOrg, an @ITU-D Sector Member, and thank him for delivering the Cyber OSPA award recognising the @ITU–@GIZ_gmbh #HerCyberTracks Initiative to @ITU HQ. I am proud to receive this recognition on behalf of @ITU and our partners, mentors, and participants as we continue to advance women’s participation in cybersecurity and ensure trust and confidence in the use of Information Communication Technologies (ICTs).

TeamT5 is heading to #FIRSTCON26! Born in Asia , we specialize in APT & ransomware threats across APAC, delivering local and actionable threat intelligence through ThreatVision. Let’s connect and talk about intelligence-driven cyber defense. 🚀 @FIRSTdotOrg #ThreatIntelligence #CyberSecurity #APAC #TeamT5

New on the @FIRSTdotOrg blog: Jonathan Andersen, CEO and Co-Founder of @webscout_io and #FIRSTCTI26 speaker, on residential proxy networks, the threat enabler hiding in critical infrastructure. A timely read alongside FIRST's NETSEC SIG. go.first.org/mfx3c #infosec

New on the @FIRSTdotOrg blog: Jenn Gile, Co-Founder of OpenSourceMalware and #VulnCon26 speaker, on why malicious open source packages don't fit the traditional vulnerability intelligence model. 📖 go.first.org/BwFfv #cybersecurity #infosec #VulnerabilityManagement

I will be at @FIRSTdotOrg CTI event with my colleague Janosch to give a workshop around DFIR in cloud, using cloud and more cloud (no open seats :-/). We will cover a bunch of our OpenSource tools, including @TimesketchProj and OpenRelik. Reach out if you want to have a chat.

That's a wrap on CVE/@FIRSTdotOrg #VulnCon26 & Annual CNA Summit! 500 attendees, sessions from @CISAgov, @enisa_eu, @NIST, and more, key CVE program updates new product launches. Thank you to everyone who made it possible! Read: go.first.org/WabqC #cybersecurity