Alexander Kot
@Alex_S_Kot#InfoSec #WiFi #FOSS #Linux #Firmware Thoughts are my own and not of my employer.
Similar User
@sno0ose
@RockieBrockway
@Gillis57
@TonikJDK
@cryptoishard
@SecureWVCon
@SciaticNerd
@cxstephens
@jmcmurry
@Pl1nko
@Secureholio
@grap3_ap3
@ArmyTra1n3d
@essobi
@tatanus
What was the first software you cracked? 🥹
Complains HIPAA is outdated because of incident with UHG. List of companies addressing how outdated HIPAA is… en.m.wikipedia.org/wiki/HITRUST
Hot take. Citrix is more expensive and less secure than deploying laptops. With EDR you have no reason to use VDI. Show me one Citrix admin who maintains a secure gold image! Also network issues are a nightmare. Why I ripped Citrix out my org.
For Citrix? I work in healthcare where half my EMR don’t support SAML. Clearly Change Healthcare has MFA adoption. Though Citrix is rare and complicated.
This year's @HackSpaceCon badge included an ATtiny-controlled LED matrix — complete with an RGB party mode feature. hackaday.io/project/195598…
Are. 1. MFA adoption level 2. Have an adversary simulation (unscoped pen test) 3. Partnerships with IT, Legal, Risk, Compliance, and HR 4. Can your EDR/SIEM detect net,whoami, or other lolbin commands if not deploy Sysmon 5. Proper inventory list including external domains/IPs
If you were (or are) a CISO, what are your 5 non-negotiables? For me: 1. If it's vulnerable, it's being patched 2. Connecting to a VPN? You are coming from a device I trust. 3. MFA everywhere. 4. Any security tools are fully deployed and actively monitored 5. I get all the logs
If you were (or are) a CISO, what are your 5 non-negotiables? For me: 1. If it's vulnerable, it's being patched 2. Connecting to a VPN? You are coming from a device I trust. 3. MFA everywhere. 4. Any security tools are fully deployed and actively monitored 5. I get all the logs
Second. Our company had training before with Steven great information!
Want to learn Windows forensics by @TrustedSec IR people in one of the coolest settings ever? Now you can! hackspacecon.com/tactical-windo… #dfir
Got my original PlayStation on clearance liquidation.
Age yourself with a store that no longer exists.
Canada's PM Trudeau has gone full dictator
This is an incredibly obtuse answer by the president of @signalapp I trust Signal -- but now this answer makes me doubt whether I should. How can anybody in this business believe that "decompile the binary" is any sort of assurance against backdoors or untrustworthy behavior???
Decompile the binary? Check our open source repos? It's all there to review and scrutinize, for the paranoid and anyone else.
The amount of people trying to wrongfully explain RFC1918 hurts. It’s a two second google, yet people are arguing…even someone who supposedly had a CCNA.
When you see the new twitter/X logo and you remember the days of updating a config file to change the resolution of your monitor.
As an industry can we stop calling this a bypass and just say Lack of EDR detection. You have thousands of file type and thousands of ways to handle them. No EDR promises to handle them all properly.
For instance: Writing your malicious VBA macro in the legacy WordBasic6 engine via WordBasic methods instead of traditional VBA7+ causes malicious code to execute without detection.
Stay tuned for some exciting news on 2023 and all things Hack Red Con!
United States Trends
- 1. Thanksgiving 673 B posts
- 2. #AEWDynamite 9.969 posts
- 3. Custom 84,3 B posts
- 4. #BillboardIsOverParty 101 B posts
- 5. Zuck 6.901 posts
- 6. Vindman 37,5 B posts
- 7. #CONVICT 6.849 posts
- 8. Kamille 1.470 posts
- 9. Shelton Benjamin 1.012 posts
- 10. Mbappe 439 B posts
- 11. James Harden 3.429 posts
- 12. #ConorMcGregor 6.948 posts
- 13. #spatchcock N/A
- 14. Verify 30,8 B posts
- 15. Madrid 534 B posts
- 16. Brett Berard N/A
- 17. Mark Briscoe N/A
- 18. Kissing 48,5 B posts
- 19. Brandon Crawford 3.790 posts
- 20. HAZBINTOOZ 9.325 posts
Who to follow
-
Sno0ose
@sno0ose -
Rockie Brockway
@RockieBrockway -
Gillis Jones
@Gillis57 -
Jim Kennedy
@TonikJDK -
cryptopotato
@cryptoishard -
SecureWV
@SecureWVCon -
[email protected] & bsky
@SciaticNerd -
Caroline
@cxstephens -
Whiskey
@jmcmurry -
Ben
@Pl1nko -
Scott Thomas
@Secureholio -
Chaos Monkey
@grap3_ap3 -
ArmyTra1n3d
@ArmyTra1n3d -
Kyle 'esSOBi' Stone
@essobi -
Adam Compton (@[email protected])
@tatanus
Something went wrong.
Something went wrong.