CISOwithHoodie

@SecGuru_OTX

I'm not interested in competing with anyone, I hope we all make it.

The Netherlands
Vrijeme pridruživanja: rujan 2016.

Tweetovi

Blokirali ste korisnika/cu @SecGuru_OTX

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @SecGuru_OTX

  1. Prikvačeni tweet
    26. ruj 2018.

    Top 20 Security Tips for CISO's (to never forget).

    Poništi
  2. 28. sij

    Een mooi onderwerp om vandaag te behandelen tijdens . "Als een KPN-monteur zijn laptop vergeet, ligt de vertrouwelijke informatie voor het oprapen" Zelfs toegang tot (zakelijke) klantinformatie, zonder authenticatie!. ?

    Poništi
  3. proslijedio/la je Tweet
    25. sij

    Twee Red Bulls over de Molenweg in Maasland

    Poništi
  4. 25. sij

    Turning on Single Sign On based on AD/AAD for your AntiVirus Admin portal, is about the same as being able to use your front door key to turn off the alarm. Very bad idea,don't do that. Always assume that your Active Directory has been compromised (it's too simple).

    Poništi
  5. 24. sij

    This seems very logical, but in the real world, backup servers are unfortunately still often linked to Active Directory "because it is so easy for the administrators".

    Prikaži ovu nit
    Poništi
  6. 24. sij

    I am writing an article on how to create a backup and restore environment to avoid paying ransom after a ransomware attack. Rule number one: your backup servers should never depend on Active Directory! With a backup server as an AD Member server, you are doomed!

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    24. sij

    NEW: Hackers target unpatched Citrix servers to deploy ransomware * REvil gang attacks confirmed * Maze also suspected * Other groups are selling access to hacked Citrix systems on hacking forums

    Poništi
  8. 24. sij

    Citrix has released updates(38 days after publication of the vulnerabilities ) for Netscaler ADC 12.1 and 13.0 that will fix CVE-2019-19781.

    Poništi
  9. 23. sij

    Amazing that governments are in panic about and while they still using Windows XP/7 and don’t update their Citrix and PulsenSecure devices....

    Poništi
  10. 23. sij

    “Active Directory is not a security system, it is an authentication system that needs to be secured.”

    Poništi
  11. 22. sij

    Microsoft really needs to communicate this much better (and bigger), this is going to have a huge impact. Be prepared, services using LDAP will fail.

    Poništi
  12. proslijedio/la je Tweet
    19. sij

    I created a simple flow-chart to assist in Citrix CVE-2019-19781 mitigation decision making. This is based on the latest information from and .

    Poništi
  13. proslijedio/la je Tweet
    19. sij

    Further updates on Citrix Vulnerability , with first permanent fixes available for certain versions and an accelerated timeline for permanent fix for remaining versions.

    Poništi
  14. 19. sij

    Cc:

    Prikaži ovu nit
    Poništi
  15. 19. sij

    Citrix has just released new firmware for Netscaler 11.1 and 12.0. The new builds (11.1-63.15 and 12.0-63.13) should fix CVE-2019-19781. Cc:

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    17. sij

    Zojuist een korte Nederlandse blogspost geschreven met een aantal controles die gedaan kunnen worden om te checken of je bent aangevallen gebruik makend van Citrix NetScaler CVE-2019-19781.

    Poništi
  17. proslijedio/la je Tweet
    13. sij

    Update CVE-2019-19781 You can exploit the vulnerability without the file and only use the file ! You can inject your payload inside the name of the XML file and fire the command execution ! 🔥💪

    Prikaži ovu nit
    Poništi
  18. 18. sij

    I hope MS provide an update soon. The mitigating measures must also be reversed before the new update, something that is very intensive for (large) organisations (including testing). Although I hope that organizations do not give Admin rights to their end users;-)

    Poništi
  19. 18. sij

    Critical Internet Explorer Zeroday (CVE-2020-0674 - jscript.dll) If you are using Adminstrator rights on Windows and you can use the Internet (something you should never do), then you should definitely implement these mitigating measures.

    Poništi
  20. proslijedio/la je Tweet
    17. sij

    BREAKING: Microsoft warns about Internet Explorer zero-day * No patch out yet * No CVE, for now * This is the IE zero-day that Qihoo 360 mentioned last week in a now-deleted tweet * Connected to last week's Firefox zero-day

    Poništi
  21. 17. sij
    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·