Jared Perry

@jared_perry

I work in InfoSec. Founder @ . Tell me your blue team problems.

Newfoundland, Canada
Vrijeme pridruživanja: studeni 2007.

Tweetovi

Blokirali ste korisnika/cu @jared_perry

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jared_perry

  1. proslijedio/la je Tweet
    16. ruj 2019.

    Just received my first non dup, non info-only bug bounty pay out. This one feels great due to the impact and greater good. Will disclose if I can, also will be sharing the bounty via swag, drinks, and treats for my team. :)

    Poništi
  2. proslijedio/la je Tweet

    Beyond stoked to announce that we () have been acquired by 🥳 This opportunity to take our Mac-focused enterprise security efforts to the next level, is a dream come true 🍎🛡️

    Poništi
  3. proslijedio/la je Tweet
    31. srp 2019.
    Odgovor korisnicima

    Oh look, surprise surprise Verge had a completely different (better) take

    Poništi
  4. proslijedio/la je Tweet
    31. srp 2019.

    Wondering how the capital one breach could have been prevented? Check out our very own 's post on early lessons

    Poništi
  5. proslijedio/la je Tweet
    30. srp 2019.

    SSRF is the new RCE in the world of magic IP addresses.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    30. srp 2019.

    Sorry, Senator, but that wasn't "Cybersecurity 101." It was a non-trivial attack that required significant expertise in systems engineering and information security. 1/

    Prikaži ovu nit
    Poništi
  7. 30. srp 2019.

    As a mitigation you can use IAM conditions by NAT gateway IP or block/proxy access to the metadata endpoint but not super scalable or enforceable. Does anyone have a more scalable solution?

    Prikaži ovu nit
    Poništi
  8. 30. srp 2019.

    If you have a misconfigured proxy, functionality that can be abused for SSRF or poor container setup, an attacker can get at the metadata. If a role is assigned, they can grab the temp credentials and use them outside the VPC. In this case there was excessive privileges to S3.

    Prikaži ovu nit
    Poništi
  9. 30. srp 2019.

    In light of the Capital One breach, it sounds like credentials were obtained from EC2 metadata for the WAF role. Something I don't think is really appreciated is that you can get temp credentials for a role from the metadata on an instance and use them outside VPC.

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    9. srp 2019.
    Odgovor korisniku/ci

    I thought that the BlueJeans daemon on tcp:18170 went away in a recent update. It used to be passing a url with user input from the bjn:// handler into a nodejs child_process.spawn sink that gets passed to the macOS open command.

    Poništi
  11. proslijedio/la je Tweet
    9. srp 2019.

    Everyone is sharing the Zoom vuln, but the crucial bit is this : $> lsof -i :19421 $> kill -9 <pid> $> rm -rf ~/.zoomus $> touch ~/.zoomus Read the article, be horrified at 's response. Use the exploit link to prove you've patched your system.

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    12. ožu 2019.

    I'm exited to announce, that I just released the first version of the v2. You will find continuous metrics benchmarked for the products of and on Tell me what you think!

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    26. velj 2019.

    This hits home today. AKS, EKS, and GKE are far from created equal. Maturity levels (especially in security features) differ wildly.

    Poništi
  14. proslijedio/la je Tweet
    26. velj 2019.

    SSO without proper security (strong password plus strong MFA) is a hacker’s dream. Everyone in one spot. But SSO properly managed and secured is awesome for security. It sure beats trying to wrangle multiple login points that get orphaned and lost (looking at you, OWA!).

    Poništi
  15. proslijedio/la je Tweet
    30. pro 2018.

    Don't come to me with your " talent shortage" when what you really mean is "I'm not willing to train people up". There is a legit shortage of experts to fill available positions. The solution isn't to fight over the same candidates. It's to make more experts.

    Poništi
  16. proslijedio/la je Tweet
    12. pro 2018.

    Patch your Domain Controllers running DNS (typical config, so most orgs) ASAP. DNS remote code execution vulnerability which runs as LocalSystem on Windows DNS server (usually a DC).

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    17. lis 2018.

    Tired of setting up your own DNS server for pentests? Check out our latest blog post by for doing just that using

    Poništi
  18. 17. lis 2018.

    Tired of setting up your own DNS server for pentests? I wrote a simple blog post for using AWS Route 53 instead.

    Poništi
  19. proslijedio/la je Tweet
    16. lis 2018.

    As of today, we’re auto-scanning public repos for exposed tokens and keys. ​​ ​​If we find them, we’ll alert the providers to prevent security breaches before they even happen ​😍

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet

    Congratulations on launching Actions! If you didn’t notice, Actions are configured with HCL (HashiCorp Config Language). 🤩

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·