Errata Security

@Errata

Errata Security is a consulting company comprised of cutting edge computer security researchers and developers.

Atlanta, GA
blog.erratasec.com
Joined June 2008
2 Photos and videos Photos and videos

Tweets

You blocked @Errata

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @Errata

  1. Retweeted
    Aug 2

    Congrats to and and the rest!

    A more powerful and secure networking experience, today Cisco announced the intent to acquire Duo Security.
    3 retweets 2 likes
    Undo
  2. Retweeted
    Jun 26

    On the anniversary of nPetya, I masscanned the Internet for listening SMB services. I found ~1.5 million devices, split evenly between Unix/Samba and Windows. The breakdown of Windows versions was;

    22 replies 130 retweets 227 likes
    Show this thread
    Show this thread
    Undo
  3. Retweeted
    Jun 19

    Excited & honored to be one of the keynote speakers for 2018 ~ drop by & check it out if in Vegas for BH, or

    Going to Vegas for BH, BSides, or DEFCON? You can use early bird registration to get a FREE badge to , a conference celebrating InfoSec diversity. Some of the best and brightest women in InfoSec will be participating. Register now:
    7 replies 23 retweets 72 likes
    Undo
  4. Retweeted
    Jun 18

    So I just refactored the 'masscan' built-in TCP/IP stack, preparing to add Lua scripting to it. Download the latest code and play with it: git clone cd masscan; make; make test bin/masscan -p80 --banners 10.0.0.0/8 --rate 10000 or some other range

    8 replies 95 retweets 240 likes
    Show this thread
    Show this thread
    Undo
  5. Retweeted
    Jun 11

    Anyway, this is what the output looks like at this point. One thing I've learned is that Samba machines often configure the 16-byte server GUID (which should be randomly generated and unique) as the ASCII name of the of machine, so I'm going to have to change the parser for that

    1 reply 1 retweet 8 likes
    Show this thread
    Show this thread
    Undo
  6. Retweeted
    Jun 11

    Apparently one of the consequences of exposing port 445 to the Internet is that you get so thoroughly hacked that your machine will run out of memory and not be able to respond to future hacks.

    3 replies 14 retweets 36 likes
    Show this thread
    Show this thread
    Undo
  7. Retweeted
    Jun 11

    So I've added banner checking for NetBIOS/SMB (tcp 139/445) in masscan, to grab OS version information. I'm trying to debug it on Internet facing hosts, but it's a mess out there, such as this error message from one of the machines.

    4 replies 23 retweets 61 likes
    Show this thread
    Show this thread
    Undo
  8. Retweeted
    Apr 5

    Don’t let this get lost in the noise. If you pay attention to one warning about things to mitigate this year... pay attention to this one.

    Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client
    1 reply 7 retweets 13 likes
    Undo
  9. Retweeted
    Mar 14

    It’s like they read the COINHOARDER paper.

    Bitcoin Sinks As Google Moves To Ban All Crypto, ICO Ads In June
    3 retweets 1 like
    Undo
  10. Retweeted
    Mar 12
    Replying to

    OpSec. OpSec. OpSec.

    3 retweets 6 likes
    Undo
  11. Retweeted
    Feb 28

    I debunk a Tor-hating journalist's "proof" that Tor privately tips off vuln information to the government:

    3 replies 18 retweets 36 likes
    Show this thread
    Show this thread
    Undo
  12. Retweeted
    Feb 20

    One of things most proud about in case I worked on with && is that our research is helping to shape laws around crypto security and prosecution in the Ukraine 💪

    Кіберполіція підтримує ідею щодо необхідності визначення статусу криптовалюти в Україні.
    Show this thread
    1 reply 5 retweets 10 likes
    Undo
  13. Retweeted
    Jan 14

    This week’s rifle match: realizing how much I hate obstacles (but loving my new pants).

    2 replies 2 retweets 29 likes
    Undo
  14. Retweeted
    10 Oct 2017

    I dub CVE-2017-11779 MiniDIsc. A MiniDisk is more advanced than a record for no good reason and has lots of problems.

    1 retweet 7 likes
    Undo
  15. Retweeted
    21 Jul 2017

    Ladies and gentlemen please consider following Mr. Adam Flatley he is newest scret weapon in hunting.

    6 retweets 8 likes
    Undo
  16. Retweeted
    5 Jul 2017

    Stop reading internet armchair commandos thoughts on what happened in Ukraine and check this out:

    3 replies 36 retweets 54 likes
    Undo
  17. Retweeted
    26 Jun 2017

    Its good to see another two projects I've worked on at Cisco make the CEO keynote today.

    3 retweets 16 likes
    Undo
  18. Retweeted
    12 May 2017

    Player 3 Has Entered the Game: Say Hello to 'WannaCry'

    5 replies 197 retweets 132 likes
    Undo
  19. Retweeted
    11 May 2017

    So I finally got around to writing up comments on Trump's cybersecurity executive order.

    7 replies 65 retweets 92 likes
    Undo
  20. Retweeted
    25 Apr 2017

    Jeff Goldblum will be back in the next Jurassic sequel

    5 replies 1 retweet 3 likes
    Undo

@Errata hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·