Daniel Schell

@danonit

CoFounder at . Practical Application Whitelisting.

Adelaide, Australia
Vrijeme pridruživanja: lipanj 2009.

Tweetovi

Blokirali ste korisnika/cu @danonit

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @danonit

  1. proslijedio/la je Tweet
    17. sij
    Prikaži ovu nit
    Poništi
  2. 16. sij

    VT a little baffled, unless failed certificate chain verification == Not Signed.

    Prikaži ovu nit
    Poništi
  3. 16. sij
    Prikaži ovu nit
    Poništi
  4. 16. sij

    Yep, managed to combine a few CVE-2020-0601 POC guides to sign a binary which unpatched Windows will determine to be valid. The CA does not need to be the MS ECC Authority. It's CRITICAL to patch this for Windows 10/2016/2019 OS relying on publisher trust for App Whitelisting.

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    4. sij

    I admit my feelings about application whitelisting/control have evolved a good bit over the past couple of years. Back then I saw it as quite valuable but also kinda flavor-of-the-moment-ish, too resource intensive, and too easy to circumvent. But reading a lot of work by… (1/2)

    Prikaži ovu nit
    Poništi
  6. 29. pro 2019.

    Is this trying to imply that AV generally doesn't detect a loaded DLL if the parent process is trusted? Is this the case?

    Poništi
  7. 24. pro 2019.

    is always missing from peoples christmas wish list. Maybe next year when the breaches outside are still frightenting... 🎄

    Poništi
  8. 16. pro 2019.
    Poništi
  9. proslijedio/la je Tweet
    29. lis 2019.

    Large org security is like running a professional sports franchise: If you make bad enough choices you can spend all the money in the world and still get lousy results.

    Poništi
  10. 12. pro 2019.

    Oof - "Areas of particular concern include application whitelisting and user application hardening, with 90 percent and 94 percent of assessments in these respective areas falling into the maturity level zero or one category."

    Poništi
  11. 6. pro 2019.

    Really satisfying to see what that we’ve been building actually causing problems for red teamers, enabling customers passing their Essential 8 audits on whitelisting as well as preventing actual real world attack. And they all said was too hard.

    Prikaži ovu nit
    Poništi
  12. 6. pro 2019.

    Great couple of days in Canberra this week. Today started with a customer bragging their Airlock deployment defeated a paid pentest engagement using Cobalt Strike and had also prevented two real ransomware attacks that made it through their mail security gateways

    Prikaži ovu nit
    Poništi
  13. 3. pro 2019.
    Prikaži ovu nit
    Poništi
  14. 3. pro 2019.

    Astute analysis by on . "In these cases, the orgs would be better off focusing on security measures such as removing administrative rights and application whitelisting, and others that work effectively in near-complete absence of threat intelligence."

    Prikaži ovu nit
    Poništi
  15. 1. pro 2019.

    Been listening to Sandworm, a fantastic book on the history of the industry. Highly recommended.

    Poništi
  16. proslijedio/la je Tweet
    26. stu 2019.

    The new Kali Undercover: for when you don't want tech-savvy people who may pass by to think you're running Kali, but some kind of Chinese pirated knockoff version of Windows instead.

    Poništi
  17. 1. stu 2019.

    New execution REST API endpoints will allow customers to query endpoint exceptions for automation and orchestration. Our custom test tool shown below performing a query.

    Poništi
  18. proslijedio/la je Tweet
    1. stu 2019.
    Poništi
  19. proslijedio/la je Tweet
    29. lis 2019.

    is excited to announce our attendance at next week. Be sure to drop past booth 19 and chat to the team about

    Poništi
  20. 25. lis 2019.

    Interesting legit, but unsigned, Microsoft binary of the day in Exchange. "Microsoft Exchange - For Testing Purposes Only (Built by ashk on ASHUTOSH-WIN8)."

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·