Special Interest Group Updates

This updated framework provides a guide for anyone wanting to delve into the world of malware analysis. Thank you to everyone that helped with feedback and updates. If you would like to learn more about ma-sig please feel free to reach out or go to https://www.first.org/global/sigs/malware/ You don't need to be a member or liaison of FIRST to join a SIG.

The Multistakeholder Ransomeware SIG has published their first training

The FIRST Multistakeholder-Ransomware Special Interest Group (MSR-SIG) has published the first version of their training. All infos about it can be found in this full blog post.

NETSEC SIG celebrates two years anniversary

The NETSEC SIG continues to foster inter-network security best practices, coordinated mitigation, and information sharing. It is now two years old and has attracted over 120 participants from within and outside of FIRST membership. It has spun off an invite-only child SIG to coordinate activity related to NoName DDoS threat activity, which recently produced a briefing and advisory document. The bi-weekly round table meetings have become very popular and are well attended. Some of the recent discussions have centered around the use of AS0 in the RPKI, the security impacts of subsea cable outages, and DNS tampering to name a few. In the coming months they look to grow the participant numbers, conduct more training workshops, and deliver additional briefings on important to the security of the Internet infrastructure.

Metrics SIG CSIRT Services Framework Update

The Metrics SIG is busy with several working sub-groups and holds regularly scheduled SIG meetings.

The CSIRT Framework Metrics working group continues defining suggested metrics for each functional area within the CSIRT Service Framework. They have released a draft of Section 5, and parts of Section 6. The drafts are available for review and comment on Google docs at this link. Any feedback is appreciated on how the document can be strengthened.

Additionally, they have scheduled meetings every other month to share updates on sub-group progress and invite guest speakers to cover topics in security metrics.

DNS Abuse SIG restructuring their website and publishing Stakeholder Advice

The DNS Abuse SIG has just restructured their website into their main landing page as well as a new sub page with Stakeholder Advice. They will publish more information in this segment on an ongoing basis. This is a companion to the already published version of the DNS Abuse Techniques Matrix, which recently has received its dedicated HTML Version available here.

New SIGs are looking for members

The following SIGs were newly created in the past months and are still looking for interested members to join:

• The Transportation and Mobility SIG is up and rolling and is seeking members who are involved in transit or transportation. They are open to any person or company involved in an industry that involves moving goods or humans around the world. More information can be found here.

• The Policy SIG formulates and promotes FIRST’ position on policy and governance. All interested members can join them here.

Published on FIRST POST: Oct-Dec 2024