Bojan Zdrnja

@bojanz

IT Security guy, penetration testing is my thing. One of the SANS Internet Storm Center handlers at . SANS SEC542 instructor.

Croatia
Vrijeme pridruživanja: veljača 2009.

Tweetovi

Blokirali ste korisnika/cu @bojanz

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bojanz

  1. 22. sij

    And massive thanks to everyone that supported me, especially , and . Can't even say how honored I am.

    Poništi
  2. 16. sij

    I wrote a diary containing research I've done regarding -2020-0601 vulnerability. also put up a test web page at And we managed to circumvent Chrome too (Google fixed that today, patch!). Read at

    Poništi
  3. 16. sij

    And for the final thing - browsers will silently accept such certificates however IE will complain that the certificate could not be verified up to a trusted CA, but only when you view details!

    Poništi
  4. 16. sij

    Ok, detection seems to be working nicely on a patched system. Be aware that the binary will still run with no visible warnings, only an event log will be created:

    Poništi
  5. 15. sij

    Nice idea by If you want to do the same thing in PowerShell, here's a short script that will generate the event in Windows Event Log, Application - great for blue teams to test detection:

    Poništi
  6. 15. sij

    Need a quick PPT about the latest CryptoAPI flaw? from Internet Storm Center created a great summary. And while we're on this - do not forget about the CVE-2020-0609/-0610 vulnerability which is an unauthenticated RCE for Remote Desktop Gateway/Services!

    Poništi
  7. proslijedio/la je Tweet
    11. sij

    ADC Exploits are Public / Heavily Used (some attempt to install ).

    Poništi
  8. proslijedio/la je Tweet

    Register now for the 1pm ET Critical SANS Webcast on the vulnerability. Learn how attackers find vulnerable devices & discuss if any exploits have already been detected. Read more https:/www.sans.org/u/YEk Register for webcast at

    Poništi
  9. 23. pro 2019.
    Poništi
  10. proslijedio/la je Tweet

    Hear from Course Instructor as he explains what makes SEC542 such a great course 📹. You can study this course in Brussels, February 2020 with Bojan - for more information:

    Poništi
  11. proslijedio/la je Tweet

    Hear from SANS Instructor and Internet Storm Centre Handler, as he explains why it is so important to continually train throughout your career.

    Poništi
  12. 7. pro 2019.

    Congratulations to the fastest winners of the CTF ever! Amazing team work there. And this was my last teach for 2019, 2020 looks busy already!

    Poništi
  13. 3. pro 2019.
    Poništi
  14. 23. stu 2019.

    Leaving beautiful Singapore after a great week. Which means that there is one week left until my last course for the year in equally beautiful . There is still time to sign up at

    Poništi
  15. 22. stu 2019.

    Woah! Congratulations to team any_name for solving the CTF in less than 2 hours at . Amazing work!

    Poništi
  16. 7. stu 2019.

    How to pick your security assessments? I wrote a diary that hopefully should clear differences between a vulnerability scan, penetration test and red team assessment. Grab a cup of coffee and read at

    Poništi
  17. 5. stu 2019.

    ... with a bit less gunpowder, but more malware plot :)

    Poništi
  18. 31. lis 2019.

    I will be presenting at the QuBit conference in Sofia about some stealthy, scary and sophisticated data exfiltration attacks seen by Let me know if you will be around.

    Poništi
  19. 25. lis 2019.

    Congratulations! Well deserved .. I did mine a month or so ago, must admit the exam was difficult :-) time to celebrate now!

    Tweet je nedostupan.
    Poništi
  20. 24. lis 2019.

    I love it when scammers forget to update their templates. Or it took DHL 8+ months to deliver this?

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·