Daniel Schell

@danonit

CoFounder at . Practical Application Whitelisting.

Adelaide, Australia
airlockdigital.com
Vrijeme pridruživanja: lipanj 2009.
74 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @danonit

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @danonit

  1. proslijedio/la je Tweet
    17. sij

    A good tip do to every now and then, is this script: Or use free tool Application Whitelist Auditor: Or go with AaronLocker:

    17 proslijeđenih tweetova 58 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  2. 16. sij

    VT a little baffled, unless failed certificate chain verification == Not Signed.

    1 reply 3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. 16. sij

    Props to McAfee:

    1 reply 5 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 16. sij

    Yep, managed to combine a few CVE-2020-0601 POC guides to sign a binary which unpatched Windows will determine to be valid. The CA does not need to be the MS ECC Authority. It's CRITICAL to patch this for Windows 10/2016/2019 OS relying on publisher trust for App Whitelisting.

    45 proslijeđenih tweetova 103 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    4. sij

    I admit my feelings about application whitelisting/control have evolved a good bit over the past couple of years. Back then I saw it as quite valuable but also kinda flavor-of-the-moment-ish, too resource intensive, and too easy to circumvent. But reading a lot of work by… (1/2)

    2 proslijeđena tweeta 7 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  6. 29. pro 2019.

    Is this trying to imply that AV generally doesn't detect a loaded DLL if the parent process is trusted? Is this the case?

    1 proslijeđeni tweet 4 korisnika označavaju da im se sviđa
    Poništi
  7. 24. pro 2019.

    is always missing from peoples christmas wish list. Maybe next year when the breaches outside are still frightenting... 🎄

    Most of the detractors are complaining about offensive open source tools that are used POST exploitation - meaning the “Tools” shouldn’t be there in the first place. Rather, let’s talk about making phishing harder, patching easier, and conducting proper inventory management.
    Prikaži ovu nit
    1 proslijeđeni tweet 9 korisnika označava da im se sviđa
    Poništi
  8. 16. pro 2019.

    All that work to drop a PE binary...

    sample targets Vietnam. Hash: 5781a2b62de1f3301e38394607b03d79 1. LNK embedded with HTA 2. VBScript drops and executes 3.ps1 3. Opens the decoy PDF 4. Drops the payload cyBwc.exe 5. C2 at 103.68.251[.]31
    1 reply 3 korisnika označavaju da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    29. lis 2019.

    Large org security is like running a professional sports franchise: If you make bad enough choices you can spend all the money in the world and still get lousy results.

    UniCredit Suffers Third Breach Despite Investing Billions in Cybersecurity
    3 proslijeđena tweeta 10 korisnika označava da im se sviđa
    Poništi
  10. 12. pro 2019.

    Oof - "Areas of particular concern include application whitelisting and user application hardening, with 90 percent and 94 percent of assessments in these respective areas falling into the maturity level zero or one category."

    1 proslijeđeni tweet 4 korisnika označavaju da im se sviđa
    Poništi
  11. 6. pro 2019.

    Really satisfying to see what that we’ve been building actually causing problems for red teamers, enabling customers passing their Essential 8 audits on whitelisting as well as preventing actual real world attack. And they all said was too hard.

    3 proslijeđena tweeta 9 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. 6. pro 2019.

    Great couple of days in Canberra this week. Today started with a customer bragging their Airlock deployment defeated a paid pentest engagement using Cobalt Strike and had also prevented two real ransomware attacks that made it through their mail security gateways

    7 proslijeđenih tweetova 27 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. 3. pro 2019.

    2 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. 3. pro 2019.

    Astute analysis by on . "In these cases, the orgs would be better off focusing on security measures such as removing administrative rights and application whitelisting, and others that work effectively in near-complete absence of threat intelligence."

    3 proslijeđena tweeta 14 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. 1. pro 2019.

    Been listening to Sandworm, a fantastic book on the history of the industry. Highly recommended.

    3 korisnika označavaju da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    26. stu 2019.

    The new Kali Undercover: for when you don't want tech-savvy people who may pass by to think you're running Kali, but some kind of Chinese pirated knockoff version of Windows instead.

    Kali 2019.4 now includes a Windows skin for the interface, so blue team can’t spot you hacking
    2 proslijeđena tweeta 6 korisnika označava da im se sviđa
    Poništi
  17. 1. stu 2019.

    New execution REST API endpoints will allow customers to query endpoint exceptions for automation and orchestration. Our custom test tool shown below performing a query.

    3 proslijeđena tweeta 9 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    1. stu 2019.

    U2F support in OpenSSH

    11 replies 327 proslijeđenih tweetova 581 korisnik označava da mu se sviđa
    Poništi
  19. proslijedio/la je Tweet
    29. lis 2019.

    is excited to announce our attendance at next week. Be sure to drop past booth 19 and chat to the team about

    3 proslijeđena tweeta 7 korisnika označava da im se sviđa
    Poništi
  20. 25. lis 2019.

    Interesting legit, but unsigned, Microsoft binary of the day in Exchange. "Microsoft Exchange - For Testing Purposes Only (Built by ashk on ASHUTOSH-WIN8)."

    1 reply 1 korisnik označava da mu se sviđa
    Poništi

@danonit još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·