Just finished moving the snow. It’s nice and peaceful here.

trying to find process information on UDP network sessions - Get-process -Id (Get-NetUDPEndpoint).OwningProcess | select * | FT * -GroupBy OwningProcess

Yes I’m still alive. Just been busy with other hobbies. Like preparing a W12 Bentley Continental GT for a trip into the Arctic Circle via the Dalton Highway. Replacing spark plugs, ignition coils, and air filters. Future plans include safari rack aux fuel tank and lift kit

3rd night in a row

Quick update for my friends. I switched over from leading SOC team to get hands on building out security for OT and ICS. Security monitoring, alerting, anomaly detection, and Incident Response for the entire OT stack from level 5 to level 1.

I think this is to find the neurodivergent vs the normals not math majors.

You’re officially old when giving a talk and you have to take your glasses off to read a direct quote

This winter I’m going to modifying my primary vehicle in preparation for my road trip to the arctic circle. This is how my search for a backup vehicle is going so far

Sure I still do incident response and all that for enterprise and now OT/ICS. However when I decide that isn’t enough of a challenge I work on my 19yo Bentley. Nige of the North

I’m not surprised to be honest. You can use a small device to give fake gps info to the receiver. Heck you could use a masking script to hide location yet retain accurate nav Ukraine discovers Starlink on downed Russian Shahed drone: Report - Newsweek apple.news/ALvprtILsQeWyM…

I should probably not have my authentication app right next to my X app. I can’t count how many cat memes I’ve liked and enterprise authentications I’ve timed out of.

Kitten napping time.

Made the trip from Maine to Ohio. I forget how nice the scenery is in Pennsylvania and east Ohio. Bentley ran fantastically. When I got it the check engine light was on after replacing 12 spark plugs, ignition coils, found a loose plug, changed oil and now it runs like a champ

Drive 24 hours for a 3 day OT Security conference and vendor presentation. I’ve been stuck listening to a vendor presenting to leadership- what is vulnerability management? what is Zero Trust? Hey at least I got to enjoy some great scenery on the way here.

having a hard time deciding to reactivate my CISSP or not. AMF fee is no problem but annoyed with the 120 cpe requirements with no ojt credit- I ran the IR program for Fortune 15 company, now I’m developing OT IR for same company at a global level and my skills are stagnant?

Am I just late to the party and everyone else was already aware that former TOR exit nodes and malware C2 node IPs have been getting added to the ntp.org pool and that those dirty IPs are being used to answer ntp request to cloudgenix.pool.ntp.org Palo Alto Networks

Just in case folks needed some cuteness to offset the current nonsense we’re having to deal with.

Let me guess- she was “concerned” about what she was seeing.

25th