Micha

@goenie

warranty-voiding DIYer

Vrijeme pridruživanja: studeni 2008.

Tweetovi

Blokirali ste korisnika/cu @goenie

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @goenie

  1. proslijedio/la je Tweet
    30. sij

    If a file format provides metadata fields to store “data”, they will also used for bad purposes...

    Poništi
  2. proslijedio/la je Tweet
    30. sij

    Really excited to share this with everyone. Read about how I got access to a huge botnet and what happened after!

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    30. sij

    My write-up on how I tracked down an alleged member of REvil group utilizing methods. If you enjoyed reading this please share it and I will work hard to create more write-ups like this!

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    30. sij

    I would suggest everyone to take a look at his blog post about Windows Firewall, where he covers into the details on how you can mitigate lateral movement in AD

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    30. sij

    New writeup by me and of a new Iranian campaign we discovered! Special thanks to for assisting as well!

    Poništi
  6. proslijedio/la je Tweet
    30. sij

    Blue teamers, just watched this webinar by on how to use to hunt over data. Hypothesis formulation, graph investigation, notebooks, and more!

    Poništi
  7. proslijedio/la je Tweet
    28. sij

    1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    28. sij

    THREAD 1/5 In 2019, malware devs began adopting Cloudflare Workers via for some components of a C2 schema "Deploy without having a Cloudflare domain, to a " Use of "legit services" is an rel to 's T1102

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    28. sij

    We've all received emails with no attachment and assume it's "safe" to open in a mail client (as long as we don't explicitly click on any URLs). Right? Not so much...

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet

    New research into REvil ransomware. This is totally out of control. - Over 150k unique infections demanding $38m in ransom in last few months. - The last 30 days have been most active yet.

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    28. sij

    Cyber Threat Trends. Excellent analysis by .

    Poništi
  12. proslijedio/la je Tweet

    Thank you and for generating sharing these IoT capture files!

    Poništi
  13. proslijedio/la je Tweet
    28. sij
    Poništi
  14. proslijedio/la je Tweet

    Big change coming to Windows Server this March - insecure LDAP requests will be rejected by default. That's a change in behaviour which will absolutely break things in some orgs How to get in front of the issue:

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    27. sij

    The answer to, “What cert should I get?”

    Poništi
  16. proslijedio/la je Tweet
    27. sij

    A massive cyber espionage campaign, which we found so spooked US intelligence that it changed how the government handles DNS registration, was the work of hackers aligned with the Turkish government

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet

    Oh good. Shit we had backdoors but hey OOPS we removed them it's all ok.

    Poništi
  18. proslijedio/la je Tweet
    26. sij

    Log Sources - ordered by priority - with ratings in different categories - personal and highly subjective assessment - from my most recent slide deck on low hanging fruits in security monitoring

    Poništi
  19. proslijedio/la je Tweet
    27. sij

    Wrong and New Paradigms in Security Monitoring What are yours?

    Poništi
  20. proslijedio/la je Tweet
    25. sij

    Threat Bus: a real-time pub/sub broker to get intelligence/indicators from and feed your in real-time & get sightings from your NIDS to MISP. A clever way to connect efficiently open source security tools. Thanks to

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·