Ralph Langner

@langnergroup

Tech entrepreneur. Cracked Stuxnet's payload. Founder & CEO of the Langner group (US + Germany). Bootstrapping w/o VC. We're hiring, DM for job applications.

Munich, Washington DC
langner.com
Joined March 2014
1,193 Photos and videos Photos and videos

Tweets

You blocked @langnergroup

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @langnergroup

  1. 3 hours ago

    good decision

    is postponed from Jan 25 - 27 to a late spring date we are working on, see 3-days, 5-venues is taking a bit of work to get new dates. Will let you know as soon as we get it all arranged. Details on tickets, hotel block, etc. in the article.
    2 likes
    Undo
  2. 22 hours ago

    We are saved. From now on, hacking is no longer a thing.

    CrowdStrike Beefs Up Exploit Detection With Intel CPU Telemetry -
    1 like
    Undo
  3. 22 hours ago

    Yeah, that happens. When you code in C.

    CVE-2020-23026 A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).
    Undo
  4. Jan 2

    Takeoff is a little weird, but other than that: Good flying

    0:59
    1 like
    Undo
  5. Jan 1

    Promising entry for most moronic headline of the month

    In Review: Cybersecurity Leaders Scramble to Decipher SBOM Mandate -
    1 retweet
    Undo
  6. Jan 1

    Working on a new video on the OT security skills shortage

    5 likes
    Undo
  7. 31 Dec 2021

    I guess this would also apply to ransomware? via

    3 likes
    Undo
  8. Retweeted
    30 Dec 2021

    The ultimate freedom is living without fear. That’s my wish for all of us in 2022.

    89 replies 756 retweets 4,687 likes
    Undo
  9. Retweeted
    30 Dec 2021
    Replying to

    One of the personal redpills I experienced in adulthood was realizing that so much of world; institutions, agencies, organizations, companies, the economy, etc... Its all a mess. That it runs at all it is miraculous. Incompetency is the rule, competency the exception

    15 replies 26 retweets 248 likes
    Undo
  10. 30 Dec 2021

    A man's gotta do what he's gotta do.

    2 replies 7 retweets 46 likes
    Undo
  11. 30 Dec 2021

    What I find most disturbing about "studies" like this is the fact that their authors apparently count on nobody actually reading beyond the executive summary -- and they may be right

    1 reply 1 retweet 4 likes
    Undo
  12. Retweeted
    28 Dec 2021

    If any person or organization is suggesting you get spun up about CVE-2021-44832, you should really take a good look at what their motivations may be.

    20 replies 123 retweets 427 likes
    Show this thread
    Show this thread
    Undo
  13. 29 Dec 2021

    The underlying disease is ridiculously vulnerable OT architectures that most of the time could be fixed easily if one only had a clear network & asset model, and a consistent governance regime in place.

    1 retweet 4 likes
    Show this thread
    Show this thread
    Undo
  14. 29 Dec 2021

    The business model of ICS Detection products is to instill and channel fear, and offer palliatives that relieve some of the symptoms, especially at board meetings, all while purposefully leaving the underlying disease intact.

    1 reply 2 likes
    Show this thread
    Show this thread
    Undo
  15. 26 Dec 2021

    Electric typewriters with automatic correction capability (= overstriking the last character with white color) were a big thing once. Not sure why, but somehow this reminds me of attempting to build an asset inventory from network traffic you have picked up. 🤔

    Apple II give away at he same time typewriters were being advertised.
    Show this thread
    2 likes
    Undo
  16. 26 Dec 2021

    Strange: The core message of the Dragos/Ponemon report that they even put on the front page ("The Risks Created by the Cultural Divide Between the IT & OT Teams") is not an empirical finding based on survey results, but unsubstantiated framing. I wonder why?

    1 like
    Undo
  17. 26 Dec 2021

    The Netgear CVE dump (CVE-2021-45519..45579) illustrates once more that the idea to do vulnerability management manually is absurd. Get a decent asset management system.

    1 retweet 3 likes
    Undo
  18. Retweeted
    25 Dec 2021

    Christmas in the trenches, c.1916.

    3 replies 19 retweets 104 likes
    Undo
  19. 22 Dec 2021

    Very insightful. We can arrive at a system that allows us to prioritize vulns and risks with a good degree of accuracy. But it still doesn't tell us where to make the cut! Unfortunately, that decision is usually dictated by (meager) budget, not by risk management.

    Replying to @anton_chuvakin @jeremiahg
    Yeah, if you don't have a certain level of resources devoted to it than even the absolute very best prioritization possible will still leave important vulns unpatched.
    3 likes
    Undo
  20. 22 Dec 2021

    TL;DR: The military won. Saved you a click, and valuable seconds of your life!

    Belgian Military in Five-Day Battle Against Cyberattack
    1 like
    Undo

@langnergroup hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·