Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @stvemillertime
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @stvemillertime
-
Prikvačeni tweet
When explaining things like "aperture" and "threat density" and "fidelity" of different types of logic designed to help one discover the existence of malicious activity, you might find the
#DETECTRUM a helpful frame of reference.https://twitter.com/stvemillertime/status/1172510324773335041 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Woke up this morning to a message from
@edeca about a crazy YARA rule he wrote (https://gist.github.com/edeca/cdc1657fa8a46b8ba45ad732377c035c …) to look for DLLs where exported functions are at the same RVA. I suggested he look into testing my pending PR (https://github.com/VirusTotal/yara/pull/1097 …). 1/?Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Beyond excited to be presenting on Cloud Breach Patterns
@TheSAScon in beautiful Barcelona this April with@tracertea#TheSAS2020 We have been building automation for identifying unwanted exposures in#aws
Attackers are adapting how they find leaks. Are you? #infosecpic.twitter.com/S2ZSVArLlH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Happy to announce I'll be speaking at
@x33fcon this summer demonstrating some novel approaches to post exploitation tradecraft https://www.x33fcon.com/#!s/dominicc.mdHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
https://www.virustotal.com/gui/file/fc1cae874fa74b53d2c19c0ab6d10a94ea03fd248e670bfbf8624334f2072d30/detection … - PE header embedded in document metadata (rich header hash for msfvenom payload) - VBA macro stomped - Macro hidden from Office GUI - Embedded PowerShell commands -> AWS load balancer - RICKROLL REFERENCES - Turkish question about Raven eyes
Bingo!pic.twitter.com/kDByCz3u0F
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
A SharePoint vulnerability that allegedly led to a United Nations' data breach in July is still being exploited by attackers to target Middle Eastern governments. Our latest research found nearly 29,000 unpatched servers still vulnerable:https://bit.ly/392SrQX
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
U.S. universities are a soft target for China's spies, say officials https://www.nbcnews.com/news/china/american-universities-are-soft-target-china-s-spies-say-u-n1104291 … via
@nbcnewsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Here's a short challenge for today:
#DailyDFIR 33: What does this say? PCOBLCKBBUAAAEEC72L4EAWSH6PJZDSNI5J6ABFHEE6PDI5TDVWLSBPU#DFIR#SundayFundayHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
2\ I've put a PoC powershell logistic regression rule up at the github link. Idea here is by Yara-ifing ML we make ML more transparent--the ML logic is right there in the text. And we allow blue teams to mix and match ML rules with signatures, and quickly swap in new models.pic.twitter.com/BDg2kLCTRh
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hey this is cool. Do not sleep on yara. You can institute lots of logic and run it against lots of different data. Static files, runtime data, memory, and even pcap. I appreciate different approaches and creativity expressed in a common language/format/tech.https://twitter.com/joshua_saxe/status/1222502245792501760 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working. https://github.com/inv-ds-research/yaraml_rules …pic.twitter.com/sfuXEkHeNO
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Thank you all so much for coming to my
#Shmoocon talk on threat modeling! You can check out my slides (complete with references) here: https://www.slideshare.net/KatieNickels/resistance-isnt-futile-a-practical-approach-to-threat-modeling …. Thanks to@heidishmoo,@gdead, and the amazing@Shmoocon volunteer crew for having me and making this event possible!pic.twitter.com/GUw6R8tQ14
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Some infosec knowledge is useful for months (knowledge of a given campaign), other knowledge, for years, (TTPs), other knowledge, for decades (the halting problem). Here's a "Pyramid of Pain" (cc/
@DavidJBianco) inspired model of knowledge in cyber I find useful for myself.pic.twitter.com/ZjMbgRfoGF
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Finally!
#x33fcon registration is now open and the agenda is announced. Check the agenda: https://www.x33fcon.com/#!conference.md#Agenda … Our speakers: https://www.x33fcon.com/#!speakers.md Register here: https://www.x33fcon.com/#!conference.md#Conference_Registration … Early Bird only until Feb 16. The number of tickets is limited, so don't wait!pic.twitter.com/wT8vvbxjBY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Want to see how the
@Mandiant red team weaponizes@FireEye threat intel for R&D and TTP development? Check out some research I did with@evan_pena2003 and@FuzzySec. Also includes some new executables that can be used for DLL abuse.https://www.fireeye.com/blog/threat-research/2020/01/abusing-dll-misconfigurations.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
This is how
@BarryV communicates with the#AdvancedPractices team.pic.twitter.com/6KhoLCEsEbHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
In this campaign, ShadowPad's launcher was replaced by a simpler one, not VMProtected and using XOR-encryption instead of RC5. This ShadowPad variant embeds 17 modules including a keylogger and a screenshot module. 2/3pic.twitter.com/7icZEfYM61
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Miller proslijedio/la je Tweet
Winnti Group targeting universities in Hong Kong | by
@ESET@mathieutartarehttps://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
I’m interested in the offensive planning decisions. Real questions: what the expected half-life for a stage 0, stage 1 and stage 2 kits? What’s the dev time per stage? How do devs/operators plan/measure getting burned? How many of each do you have in your arsenal for contingency?https://twitter.com/HackingLZ/status/1222954541265641474 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
Advanced Practices