Justin Elze Thanks, man. Here's the full resolution: And the deck it's from: bit.ly/3sDneQT

Whelp, wasn’t expecting this ConnectWise RCE to become public today. Guess we’ll publish on Monday how Huntress went from a researcher’s tweet to the ability to push ransomware through ~5,000 R1Soft servers that are exposed on Shodan. #staytuned connectwise.com/company/trust/…

this how ransomware works

Welcome to the new AD Mindmap upgrade ! v2022_11 will be dark only (this is too painful to maintain two versions). Thx again to : Viking and Hocine for their help 👍 Full quality and zoomable version here : orange-cyberdefense.github.io/ocd-mindmaps/i… Overview :

How to do a $50k social engineering pentest in a couple minutes via OpenAI playground. 1/2: Create a EC2 instance with EvilGenX 3. Limit your firewall via iptables to only accept target IP addresses 4. Purchase a domain 🧵 1/2

BREAKING: This morning’s catastrophic FAA computer failure was likely caused by a mistake made during routine maintenance. An engineer “replaced one file with another,” not realizing the mistake was being made. Josh Margolin

Found a neat quirk in #Intune configuration - applying Security Baseline was causing the RDP button to not work in Windows 10. Couldn't find any settings that would just block RDP. Turns out the issue was the firewall settings blocking RDP from being enabled.

Doing some #wehackhealth and #dfirfit this year.

Today is the last delivery of a #Boeing747 jumbo jet, but did you know that plane was influential in the creation of the stripe on credit cards? #aviation #technology #cybersecurity #finance #fraud #riskmanagement npr.org/transcripts/47…

1/This simple powershell command blocks ongoing OneNote attacks! (Microsoft Defender) Add-MpPreference -AttackSurfaceReductionRules_Ids D4F940AB-401B-4EfC-AADC-AD5F3C50688A -AttackSurfaceReductionRules_Actions Enabled 🧵 #CyberSecurity #phishing #OneNote #malware #ASR

#LifeHack : don't put your ESXi hosts on the internet. #ransomware

Holy shit he really said “Have you tried simply not introducing bugs?”

I did a talk at CYPHERCON about #businessemailcompromise and #mfa bypass. It was fun to "steal" $240k on stage! Slides and notes here: helm.is/mailfraud

The perfect way to play Bluey The Videogame: with a #Bluey Xbox! Follow and RT with #BlueyXboxSweepstakes for a chance to win a custom Official Bluey TV Xbox Series X & controller. Ages 18+. Ends 12/13/23. Rules: xbx.lv/47iZyTV

I’m gonna give 10 random people that repost this and follow me $25,000 for fun (the $250,000 my X video made) I’ll pick the winners in 72 hours

A better network stack has never been invented.

Looking into CVE-2024-3094

folks please help me get this word out. @Crowdstrike named some ransomware PunkSpider, literally the name of one of the pieces of software I made. Completely unrelated of course, mine is a security tool. This is NOT cool, appreciate RTs to get them to change this.

Here's the thing about being involved in risk management on any kind of professional basis in any way (whether it be cybersecurity, life & safety, whatever): You are inevitably going to find yourself in conflicts with people who *only* care about maximizing efficiency *now*.

There’s already a KAPE target for Recall?!