Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @kshitijk_
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @kshitijk_
-
Prikvačeni tweet
Too many IR investigations that I do are slowed down because critical systems of interest have been wiped/reimaged. Make evidence preservation guidelines part of your incident response playbooks. Follow them. Please. Future you and any IR team will be grateful.
#dfirHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Ok. Another DFIR pet peeve has come to light (well, two actually). Use the 24 hour clock for times. If you use the 12hr clock not only does it break sorting, but unicorns die. If you use the 24hr clock DO NOT USE AM/PM. Seriously. That's insanity right there.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
If you don’t schedule and block out time for process and tool improvement... ...it will not get done. Don’t expect folks to do “when you find time” during fully booked 40hr weeks after week or to “do it on your own time”.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Kshitij Kumar proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Kshitij Kumar proslijedio/la je Tweet
can confirm. enable defender, crank it all the way up. as a redteamer, i can say its a pain in the ass to get around, so defenders should take advantage of that.https://twitter.com/mshelton/status/1221916015765753856 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Autopsy 4.14 is out. New File Discovery UI, new map UI, APFS from
@blackbagtech, and lots more. Blog below covers major new features and has download link.#DFIRhttps://www.autopsy.com/autopsy-4-14-release-highlights/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Joe is hitting one of my CTI pet peeves.... adversaries can share tools! Be careful of ONLY using tools for attribution.
#CTISummitpic.twitter.com/VAi3MPSmdw
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Learned this a while ago in
@samilaiho's dojo. Write .LOG in the first line of a#notepad file. Inserts a timestamp each time the file is opened. I just leave this here...pic.twitter.com/yCDHfotV8S
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Microsoft Cybersecurity Solutions Groups is hiring globally. We have many roles available across varied cybersecurity and compliance disciplines. We are passionate in our commitment to our customers and partners success. Join Our Team! https://careers.microsoft.com/us/en/cybersecuritycareers …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Inspired by
@thecybermentor "How to Build an Active Directory Hacking Lab" video on youtube, I wrote a step-by-step guide of how to build such a lab in Windows Azure for completely FREE. Check it out.https://bit.ly/35sTLKRHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Detect suspicious keyboard layout loads with this
#Sysmon config & Sigma rule > Example: Allows you to detect CN
, VN
, IR
remote users that connect to your servers maintained by US
staff only
Sysmon Config
https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files …
Sigma Rule
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410 …pic.twitter.com/qRYEz0iMSb
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Did that movie have too much Force Or not enough Force
#TheRiseOfSkywalkerHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Pro-tip: if you're tempted to write "cyberwar something something" — just edit out the "cyber" in your draft, and try "war something something." If it reads like nonsense, it probably was nonsense. Same for "cyberweapon." Also, it's almost 2020.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Kshitij Kumar proslijedio/la je Tweet
There are SO MANY paths in
#infosec. We can learn so much from each other if we’re willing to listen. What path are you walking?pic.twitter.com/VOcMG7VSMq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It’s dark in this plane, and the fella next to me has his phone brightness all the way up. Like ALL THE WAY It’s like staring at the sun. Why would you do this...
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
These stealthy BITS downloads are logged in Windows. You just need to collect the events and discard the few known-good cases and you get high-fidelity alerts for free.https://twitter.com/AmitaiTechie/status/1205226881169141773 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
Writing EDR software is easier than AV. At least 3 reasons: 1) AV detects&remediates, including surgical post-viral infection file repair while EDR primarily logs stuff&then some 2) AV uses tones of legacy code&needs to detect DOS virs 3) no one forgives AV, everyone forgives EDR
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
This should block it from remote use:https://twitter.com/JohnLaTwC/status/802218490404798464 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Kshitij Kumar proslijedio/la je Tweet
#DFIR 101: Today I spent an hour learning how to do something that only takes 5 minutes to complete. I just didn't know. Now I do. I will end up saving hours of work on future cases because of today's "setback".#AlwaysBeLearningHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
too good