Brandon Khuu

@KhuuSec

InfoSec Analyst | Swing Dancer | Mixed Martial Artist | Entrepreneur

Vrijeme pridruživanja: studeni 2019.
0 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @KhuuSec

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @KhuuSec

  1. 3. sij

    The drone assassination of Iranian general Qasem Soleimani is leading many to believe Iran is going to strike back with a significant cyber attack. Make sure your devices are fully patched with the latest security updates. It only takes a minute

    Poništi
  2. proslijedio/la je Tweet
    18. pro 2019.

    New breach: Zynga (creator of the Words with Friends game) suffered a data breach in September. Data included 173M unique email address, usernames and passwords stored as salted SHA-1 hashes. 69% were already in . Read more:

    27 replies 334 proslijeđena tweeta 313 korisnika označava da im se sviđa
    Poništi
  3. 16. pro 2019.

    all locks, then defenders should know about the key so they can protect themselves from it. A problem with this approach is that not everyone takes advantage of the opportunity. This leaves ppl open to attack by unskilled criminals and results in real costs to tax payers

    1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 16. pro 2019.

    Solid points. OST = tools used by both legit security folks and the bad guys CNO = legit IT security doing their jobs Security tools (for offense and defense) are often developed and released to the public. The thought behind the status quo is if attackers have a key to (1/2)

    I was wrong about one thing I've said about OST proliferation. I said it doesn't affect me. That's not true. I'm a tax payer, and governments are getting wrecked by operators using OSTs. That's tax dollars out of all of our wallets just to give adversaries free CNO tools. Trash.
    Prikaži ovu nit
    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. 8. pro 2019.

    Department of Defense is going to start requiring ALL companies working on contracts to meet a certain level of cybersecurity maturity. They'll be releasing more info about this program over the next three months

    1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    5. pro 2019.
    Odgovor korisniku/ci

    Absolutely. Got my first InfoSec job only bc I was in the right place at the right time. First security FTE at this company. I didn't even know what FTP was at that point. Network+ -> Vender Certs -> Security+ -> GCIH brought my skills up and now getting promoted to team lead

    1 reply 1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    4. pro 2019.

    The security industry needs more people with breadth of knowledge. – mjesto: ExCeL London

    7 proslijeđenih tweetova 22 korisnika označavaju da im se sviđa
    Poništi
  8. 4. pro 2019.

    Got new internet today from Comcast. Funny how the temp PSK I set on the modem allowed their TV box to locate and authenticate to my network as soon as the tech plugged it in... PW changes, devices resets and bridging the modem to my Netgear router worked.

    Poništi
  9. proslijedio/la je Tweet
    29. stu 2019.

    Offensive Security Tools are the aggregation of vulnerability agnostic disparate functionality that may independently exist for legitimate purposes but when selectively combined and streamlined to facilitate authorized intrusions results in an OST.

    8 replies 28 proslijeđenih tweetova 89 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    30. stu 2019.
    Odgovor korisnicima

    If you don't give your employees a secure way to do their job they will find an insecure way to do their job

    11 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Poništi
  11. 30. stu 2019.

    Before criminals learned to use computers, a news article about thugs holding a hospital hostage and forcing them to pay tens of thousands of dollars would have made the front page. Our society has become numb to modern crime

    Poništi
  12. 28. stu 2019.

    "Cybersecurity breaches caused by employee error are very common, to the point that employee mistakes are an even larger threat to data security than hackers" Truth. And threats to data security often result in financial losses, decreased productivity, and hurt your reputation.

    It's a good time to remind employees about the risks of online shopping and proper .
    Poništi
  13. 27. stu 2019.

    Part seven: If you're responsible for securing your organization, Stage one accounts may have been infected with FAREIT malware, emails coming from those accounts have links to spoofed pages which are used to capture creds, and the stage two accounts are used for the BEC attack.

    1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. 27. stu 2019.

    Part six: Having one or more foothold in your organization can allow the attacker to make requests and then confirm the legitimacy with another account. Attacks like this can be difficult to identify. Especially if you personally know the person who owns the account.

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. 27. stu 2019.

    Part five: Be aware that these compromised accounts are being used to send additional phishing emails or to make requests such as wire transfers from internal employees

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. 27. stu 2019.

    Part four: If you see a rule that you didn't setup then check to see what it's doing. Attackers are setting them up to hide emails related to their activity on YOUR account

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. 27. stu 2019.

    Part three: If you start receiving phone calls or emails from friends and colleagues about an email that they think you sent and you didn't send it, change your password immediately. One way you can confirm that your account has been owned is by checking your inbox rules

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. 27. stu 2019.

    Part two: A few of the phishing emails identified so far in the attack have had the following subject lines - "Proposal from [company name]" - "Proposal from [contractor name]" - "Review"

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. 27. stu 2019.

    Thanksgiving advisory part one: Be careful of phishing emails from clients, suppliers, and other business partners as we go into this Thanksgiving weekend. There's a fairly widespread phishing campaign that's ongoing and targeting businesses of various sizes.

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@KhuuSec još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·