Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @tifkin_
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @tifkin_
-
On this same note, disable Chrome sync in your organizations. I can't tell you how many times I've seen domain/server admin creds saved to Chrome with sync enabled. I can guarantee your admins' home computers and personal devices aren't secured as well as your corporate devices.https://twitter.com/Centurion/status/1222749520594735104 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
Big change coming to Windows Server this March - insecure LDAP requests will be rejected by default. That's a change in behaviour which will absolutely break things in some orgs How to get in front of the issue:https://opensecurity.global/forums/topic/249-preventing-ldap-apocalypse-in-march-2020-ldap-signing-requirements/ …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: https://github.com/specterops/at-ps … Enjoy! For information about our current training offerings, information can be found here: https://specterops.io/how-we-help/training-offerings … (4/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
Revisiting RDP lateral movement https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 … and releasing a project that will be part of a bigger tool coming next week
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
I just published a ~45 page whitepaper on attacking and defending terraform infrastructure as code in GitHub. Includes attack scenarios, hardening, detections, etc. Deep thanks to
@tifkin_ and@harmj0y for their inspiration and research.
https://www.sans.org/reading-room/whitepapers/securecode/defending-infrastructure-code-github-enterprise-39380 …
1/3Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
We released a Red Teaming book! Red Team Development and Operations. It's been a crazy project that has existed in many forms. It started as simple notes, came together as a SANS class, and will now live as a book. Read about it here. http://threatexpress.com/blogs/2020/red-team-development-and-operations/ … https://twitter.com/minis_io/status/1219710714790567936 …pic.twitter.com/DvdRa4mGWw
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
It is common to hear people refer to the Johari Window (known knowns, unknown knowns, etc.) in discussions about infosec and detection. During detection engineering efforts which of the following do you find yourself more concerned with and why?
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
Just released Satellite, a payload hosting and proxy software for red team operations. In the blog post, I discuss the feature set of Satellite as well as why an operator would choose it over Apache or Nginx.https://posts.specterops.io/satellite-a-payload-and-proxy-service-for-red-team-operations-aa4500d3d970 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
My favorite articles are the ones that walks you through the author methodology and strategy to find/exploit bugs. This is the case for
@mmolgtm last post on Chrome IPC vulnerabilities:https://securitylab.github.com/research/chromium-ipc-vulnerabilities …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: https://posts.specterops.io/mimidrv-in-depth-4d273d19e148 … 1/3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
New year, new
#infosecjobs on the@PalantirTech information security team. Why Palantir? Our software has been used to stop terrorist attacks, develop new medicines, improve national defense, combat child trafficking, etc. InfoSec is germane to our existence. 1/nPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
The offensive security community means a lot to me. Following
@Antonlovesdnb's great thread that injected some much needed infosec positivity, I wanted to highlight a few (offensive-ish) posts/talks that my team and myself enjoyed over the last year or so.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. https://tyranidslair.blogspot.com/2020/01/empirically-assessing-windows-service.html … h/t
@cesarcerHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
This is soooo useful.
@jdu2600 has a repo comprised of all ETW instrumentation manifests and classic MOF event schemas. If you ever want a reference to help answer "is there an event for THIS?", bookmark this.
https://github.com/jdu2600/Windows10EtwEvents …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
A lot of mud slinging on InfoSec twitter lately; I wanted to flip the script a bit and highlight the blogs, tools, talks etc that I keep coming back to on a regular basis, both as a defender and general InfoSec professional. Thread..
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
I've been doing this more and more with interesting articles, vuln disclosures I think may vanish, and more. Highly recommend this after years of getting burned where my meticulous notes lead to 404'd sources.https://twitter.com/RidT/status/1209313870688509955 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
Offensive security tools, new ones that bypass current security measures, are absolutely required to be in the public space. It’s regulators thinking the opposite that hinder defense more than trying to keep these things secret. Same debate as 1853.https://www.darkreading.com/vulnerabilities---threats/vulnerability-disclosure-deja-vu-prosecute-crime-not-research/a/d-id/1320384 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
These “paper trails” that don’t offer any actual real world control of the tool transfer amount to a regulatory burden that I and so many others fought so hard to exempt researchers & incident responders from having to deal with. The world you’re describing isn’t ideal. Opposite.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lee Christensen proslijedio/la je Tweet
New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-) https://googleprojectzero.blogspot.com/2019/12/calling-local-windows-rpc-servers-from.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.