serverless blockchain AI

@jnazario

a 40-something technologist who used to be a biochemist. now in cyber security inventing the future. cooking my way through shelves of cookbooks.

Vrijeme pridruživanja: siječanj 2009.

Tweetovi

Blokirali ste korisnika/cu @jnazario

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jnazario

  1. Prikvačeni tweet

    i'm open sourcing a tool i wrote a couple of years ago, it facilitates using nmap and NSE scripts. aka useful for and uses. has become a go-to tool for me. think an MSF-like wrapper for nmap+NSE. /cc

    Poništi
  2. proslijedio/la je Tweet
    5. velj

    The explosion of IP-connected devices has created a wealth of interesting searches on a platform like Censys... take a look at our new blog on finding exposed IP-connected video cameras: by our very own

    Poništi
  3. 5. velj

    toying around a bit again .. this time i took a tweetdeck search i have for "poc exploit code" and did ngram frequencies - it does what i hoped it would, condenses down dozens of tweets into a single bite about new exploit code.

    Poništi
  4. proslijedio/la je Tweet
    3. lip 2018.
    Poništi
  5. 3. velj

    congrats to and the frest of the crew! a lot of hard work rewarded.

    Poništi
  6. proslijedio/la je Tweet
    3. velj

    RETWEET THIS TONIGHT TO HELP For every RT, Olay is donating $1, up to $500K, to help . Because when we , we make space for everyone

    Poništi
  7. proslijedio/la je Tweet
    3. velj
    Poništi
  8. proslijedio/la je Tweet

    Hello! I am looking for an entry level / job in Chicago or NWI. I have 9+ years of IT experience. I am working on Security+ at the moment. I also enjoy learning through podcasts, videos, books, and hands on projects

    Prikaži ovu nit
    Poništi
  9. 31. sij

    This is super cool and I’m glad to see it released. This builds on work josh and colleagues have been doing for many years and he posited a long time ago. Plus I learned something new about Yara today. Def gonna try this out.

    Poništi
  10. 27. sij

    i don't know if this is the herder's end goal, but given the effects it seems like a deliberate sensor and reporter unmasking strategy. end/

    Prikaži ovu nit
    Poništi
  11. 27. sij

    i don't know which botnet it is, but if you're the herder and know your botnet IPs and who is scanning for those generated paths, you can then cast queries for them in various indicator sharing sites and figure out their sensors. 7/

    Prikaži ovu nit
    Poništi
  12. 27. sij

    again, this doesn't appear to be specific against my honeypots - i was able to figure it out because i queried the IPs that triggered my role in other sensor networks and saw different AdminHEX paths and figured it out from there. 6/

    Prikaži ovu nit
    Poništi
  13. 27. sij

    but in this case the appearance of their method in indicator feeds - in this case IP reputation feeds - would dump the sensor network's IP addresses. so anyone watching such feeds can figure out reporting sensors and poison them, avoid them, etc. 5/

    Prikaži ovu nit
    Poništi
  14. 27. sij

    the attack works because of sensors - like mine - which automatically publish their findings often include evdidence about how they made their judgement, in this case the path queried by the bot. this is there to help an operator decide if the report is trustworthy. 4/

    Prikaži ovu nit
    Poništi
  15. 27. sij

    in Python for that hex string: '.'.join(str(netaddr.IPAddress(0xa0e6cafd)).split('.')[::-1]) ... which yields 253.202.230.160 (a deliberately random hex string and IP). now i know why queries for that path in Google yielded nothing. 3/

    Prikaži ovu nit
    Poništi
  16. 27. sij

    the paths look like /Admina0e6cafd/index.php, where "a0e6cafd" is a hex string - but it's not random. it turns out it's the zero-padded hex encoded IP address of the sensor reversed. here's how the encoding works. 2/

    Prikaži ovu nit
    Poništi
  17. 27. sij

    over the past week or more, my HTTP honeypot has been seeing a small but growing number of hosts querying for a very distinctive path. i figured it out - it's a sensor discovery attack, globally scoped (not unique to me or speicific sensor nets). 1/

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    27. sij

    What are the temporal dynamics of malware outbreaks? Here's a simple model: an outbreak starts with slow growth, followed by takeoff, followed by a dwindling/taper. Detail image shows Zbot/Zeus, image grid shows other malware families. Work done w/ Giacomo Bergamo.

    Poništi
  19. 22. sij

    I never finished the model, I’m sad about that, but after a decade I give up. I share it with the hopes that someone will pick it up and explore it, but it’s made for a fun way of thinking about the problem and how it periodically pops back up, this time as . end/

    Prikaži ovu nit
    Poništi
  20. 22. sij

    and even more I states (for various attackers), and so an attacker in this game would work to hold a machine in a specific I state - their I state representing their unique infection/backdoor/etc. 12/

    Prikaži ovu nit
    Poništi
  21. 22. sij

    S-I-R is the standard in basic epidemiology and was common in malware outbreak modeling. Each population member is either (S)usceptible, (I)nfected, or (R)ecovered. In this modified model, there were multiple S states (for each vuln) 11/

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·