Jonathan Cran

@jcran

Hacker / Builder ... Research , Founder .

austin
Vrijeme pridruživanja: svibanj 2007.

Tweetovi

Blokirali ste korisnika/cu @jcran

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jcran

  1. proslijedio/la je Tweet
    4. velj

    "No evidence of attack" is extremely different from "evidence of no attack". I cannot stress this enough.

    Poništi
  2. 3. velj

    Dufflebag looks handy for finding exposed data on AWS

    Poništi
  3. 29. sij

    A big part of the issue is that CVSS is widely accepted and not well understood (at least in its limitations) outside researchers

    Prikaži ovu nit
    Poništi
  4. 29. sij

    TEMSL is a pretty usable OT vuln prioritization approach

    Prikaži ovu nit
    Poništi
  5. 29. sij

    showing how its done

    Prikaži ovu nit
    Poništi
  6. 29. sij

    Another good takeaway, start backward from what’s important and measure based on those criteria… “safety” as an example, but … in an ics env… does it affect … visibility, monitoring, control? .. these are ultimately availability & integrity but it’s not about the data in OT

    Prikaži ovu nit
    Poništi
  7. 29. sij

    A New CVSS For ICS Vulnerabilities < takeaway… always consider the attack scenario when prioritizing vulnerabilities via

    Poništi
  8. proslijedio/la je Tweet
    26. sij

    Want to watch 6 disinfo operations unfold in 6 minutes? Thanks to a Open Source Support grant, I’ve done just that with network visualization and documented some interesting patterns on Medium 1/

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    27. sij

    POTUS posse is now attacking the Mueller report to back up the idea that Russia didn’t attack America. This is insane, America.

    Poništi
  10. proslijedio/la je Tweet

    Big change coming to Windows Server this March - insecure LDAP requests will be rejected by default. That's a change in behaviour which will absolutely break things in some orgs How to get in front of the issue:

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    26. sij

    The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:

    Prikaži ovu nit
    Poništi
  12. 24. sij
    Poništi
  13. 23. sij
    Poništi
  14. proslijedio/la je Tweet
    23. sij

    Calling I am looking for a Cloud Security Lead. Infrastructure mostly built with Azure, Docker and K8S. Come work on some life-saving technology. DM me for more info. Austin, Texas.

    Prikaži ovu nit
    Poništi
  15. 21. sij
    Poništi
  16. proslijedio/la je Tweet
    20. sij

    We’re looking for some help reworking our open source engine UX in React.js. Please DM or email if interested!

    Poništi
  17. proslijedio/la je Tweet
    20. sij

    Yesssssss, a rational understanding of APTs as human organizations vs. space-laser wielding omnipotent and omniscient adversaries.

    Poništi
  18. proslijedio/la je Tweet
    28. stu 2019.

    Every security product, process, policy, or project depends more heavily on inventory than even most security folk realize. We cannot measure - whether audit, progress, coverage, percentage complete, verification, attack surface, etc. without accurate inventory.

    Poništi
  19. proslijedio/la je Tweet
    20. sij

    Would love to have as many perspectives as possible on this. Please share with your circles, especially coworkers in relevant roles. Thanks!

    Poništi
  20. proslijedio/la je Tweet
    11. sij

    This is what dinosaurs have become.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·