Systems security, author DecentSecurity.com, GotPhish.com, SciFi @ UniversalShards.com, sysadmin & SecEng. Microsoft MVP, Client Security 2021. they/them/tay

Cyber, USA
Joined April 2014
πŸ†˜ retweeted
Replying to @SwiftOnSecurity
This is one of my favorite things to demonstrate to people. It’s so easily shown and yet I feel not enough people were ever warned.
0
1
0
1
πŸ†˜ retweeted
Replying to @SwiftOnSecurity
yep, instead of installing the proper strike plates which vary depending on the latch model, they'll just use a single plate that fits all the latches they typically use extremely widespread door vulnerability
0
2
1
19
You know when you close some doors, then press further and hear click? That's the deadlatch falling in and disengaging. This is a common issue especially commercially where doors are poorly fitted. Credit card can push in the bolt. go-rbcs.com/articles/the-dea… piped.kavin.rocks/jM7i9u0VwkY
7
8
0
75
πŸ†˜ retweeted
i have never been so grateful in my life for running water and machines as i was after having to haul and boil water for washing my clothes for two years.
Replying to @SwiftOnSecurity
Water is weight. It is heavy, in a way that seems exponential. It sloshes and jostles, ever building energy to escape your hours-long grasp. Water is so heavy you don't know what those numbers mean until you carry it. A few gallons become granite. A few minutes become eternity.
Show this thread
2
12
0
137
For fellow Microsoft MVPs looking for an exciting job opportunity in a new vertical. #MVPbuzz
7
5
1
74
πŸ†˜ retweeted
We shouldn't overlook that there is likely some intentional strategic messaging by the USG here: "we can track your payments." I understand not wanting to reveal too much, but I wonder if naming the variants (rather than redacting) could have more of an impact toward this goal.
1
6
0
22
Show this thread
πŸ†˜ retweeted
Replying to @SwiftOnSecurity
I have encrypted the message by writing it upside down. If you read it upside down: illegal hacking. Right to jail, right away.
14
61
5
583
πŸ†˜ retweeted
Base64 tl;dr it's a way to wrap content inside other content in a way that doesn't confuse the shit out of systems with weird formatting and avoids other protocol issues. It's not obfuscation it's literally everywhere in tech and it's the chief reason for equals signs.
25
50
5
874
Agreed, Linux-based appliances need to require this kind of visibility especially if we don't have root. Considering bringing this up in our next vendor requirements.
Dear Linux Blackbox Vendors out there you have no excuse anymore to not provide telemetry required to prove that your box has been owned! Ship your products with Sysmon pre-installed and make them available!
5
19
0
139
In fact, my firm's reluctance about deploying a vendor's appliance-based solution because we didn't have visibility, would be dramatically improved by a Sysmon syslog. It would be in a high-threat environment processing critical data. Still going back and forth on it.
1
3
0
38
Another way to transfer files via RDP 3: 1.) Open pic.jpeg in Notepad++ 2.) select all 3.) Plugins > MIME Tools >Base64 Encode 4.) Copy 5.) Paste in RDP Notepad 6.) save picture.txt 7.) certutil.exe -decode pic.txt pic.jpeg 8.) now have original file (Thx @rhysjeffs for reminder)
14
74
1
439
Show this thread
Just for the record governor this was a joke
What I don't understand is: where do I put the secret key when I Base64 encrypt my customer's credit card numbers?
8
10
0
229
New house key (before cut) @levine
12
2
1
189
Show this thread
When you see a Mac Pro for the first time
27
210
6
2,221
WTF. This is the most impressive thing I have ever seen in computer vision. Absolutely incredible. I knew it was going to happen, nevertheless seeing it here is something else. The video is synthetic from a few pictures 🀯 But there is more re where this can go 1/
ADOP: Approximate Differentiable One-Pixel Point Rendering abs: arxiv.org/abs/2110.06635
40
715
68
3,290
Show this thread
πŸ†˜ retweeted
whenever you see a startup who you didn’t join at seed stage goes public, take solace in the possibility that they’d not have succeeded had you joined
32
349
86
3,265
Show this thread
πŸ†˜ retweeted
66
858
65
5,820