syn for the win @coffjack
mastodon:https://t.co/j43aNKnCkY Joined November 2012-
Tweets154
-
Followers111
-
Following3K
-
Likes1K
@cyb3rops Why not < file grep “something”
@techspence Has gone out of favour (complexity) but no default route, explicit proxy and fake root dns. Malware then has to be proxy capable and dns tunneling is largely prevented and becomes part of URL filtering control.
@techspence @KiPos_info Can you explain what you mean by identity furewalling ? windows doesn’t seem to have a way to specify that an account can only login if the source is machine x,y,z. Can alert in SIEM possibly ?
@UK_Daniel_Card Use SAML to provide MFA and that _might_ also prevent unauth access to the vulnerable endpoint
@techspence use dedicated infra for vpn so you can patch faster. Disable web portal based access if possible. SAML auth Net seg (identity based access policies) is hard work and that is why it typically isn’t done.
@SwiftOnSecurity Even that doesn’t work. low TTL records and single load balanced responses mean the firewall drops what the client connects to. To fix either URL filtering (sni and cert snooping) or, better, explicit proxy. There should be an fqdn for “all ip’s that might host this service”.
@da5ch0 @_mbanana tools.ietf.org/html/draft-ito… recommends these should never appear on the wire. That won’t help the edr case though
@HackerHurricane 5158 is helpful when the firewall breaks things and to see who is jiggling the door handles. I guess you can log it all and use filtering to reduce noise to siem.
@HackerHurricane there doesn’t seem to be a way to en/disable logging on a specific win firewall rule. In network firewalls we use drop no log rules to get rid of noise. Am I missing something or is it really all or nothing ?
@PyroTek3 @sundhaug92 Not sure we can get the industry to move to gru 😉. I see the point about master, I was thinking martial arts but there are other problematic connotations.
@sundhaug92 @PyroTek3 I like master and minion (from salt stack)
@wimremes @dinodaizovi Transfer $1 and a unique code in the description. Get intended recipient to confirm both then transfer balance using the saved details.
@msftsecurity can you folks develop/advise a way to restrict the source Ip address/range/ subnet an account can be used from ?. I can detect in event logs but i cant prevent.
@jepayneMSFT Is there any way to restrict the source IP address/range/subnet that an account can be used from ? can detect misuse with logs but appears as though there is no way to enforce via policy.
@cyb3rops Explicit proxy also means you can fake root dns. Bye bye dns tunneling.
@Antonlovesdnb @PyroTek3 @SBousseaden Even better than alert - vuln scanner account can only be used from defined Ip addresses - but I don’t know how/if that is possible in windows. Easy with Tacacs+/RADIUS
@caseyjohnellis Face like a half chewed mintie
Threat Hunting Labs @ThruntingLabs
2K Followers 1 Following Train on raw telemetry from actual breaches. Investigate malware and reconstruct the kill chain from process creation to exfiltration and beyond.
Unprompted AU @UnpromptedAU
613 Followers 0 Following https://t.co/YGo0O2YvDi - Security conference with an AI focus based in Sydney, Australia. Sister conference to Unprompted.
Mayor Zohran Kwame Ma... @NYCMayor
2.3M Followers 1K Following Fighting every day to deliver a city that working New Yorkers can actually afford. Mayor of New York City.
petikvx @petikvx
5K Followers 936 Following Malware Researcher Collecter - All my samples will be on https://t.co/ifIYiMAyVd
Eddy Jokovich @EddyJokovich
37K Followers 2K Following https://t.co/Gsjw4EngYL New Politics podcast, publisher, journalist. Son of refugee boat people, MEAA. As biased as they come. #auspol
Kevin Gosse @KooKiz
6K Followers 135 Following Bluesky: @kevingosse.net Principal engineer @ JetBrains, passionate about .NET, performance, and debugging. MVP. Coauthor of Pro .NET Memory Management - 2nd ed
secret club @the_secret_club
17K Followers 0 Following secret club is a not-for-profit reverse-engineering group; publishing new research on popular software. No ads, no cookies, just research.
Michael Weber @BouncyHat
1K Followers 87 Following Security Consultant. Not affiliated with Red Hat. I just like the hat. @[email protected]
𝚔𝚒𝚖𝚖𝚢.... @kimmydotzip
9K Followers 1K Following Highly Unprofessional | Cyber Treat Actor | Hardcore Wholesome | Hackery Type | Failed Man | Polyam | XY(ZZY) | Taller than you | Threat actors say I'm hot
Only In Monroe @OnlyInMonroe
134 Followers 0 Following
Matthew Keys @MatthewKeysLive
47K Followers 7K Following Award-winning news publisher, covers the business of media and tech at @thedeskdotnet | Past: @reuters, @fox40, @abc7newsbayarea | [email protected]
Bub the Clownfish �... @therealbaldtim
3K Followers 2K Following Flatlander trying to figure out VT country life in wife's childhood home. Faithful follower ✝️ Hopeful homesteader Clownfish
Saltwater Crocodile @saltyincrisis
8K Followers 4K Following The modern Dinosaur The Biggest, the strongest, the deadliest
Socket @SocketSecurity
22K Followers 5K Following Socket is the #1 software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware
OpenAI @OpenAI
5.0M Followers 4 Following OpenAI’s mission is to ensure that artificial general intelligence benefits all of humanity. We’re hiring: https://t.co/dJGr6LgzPA
KnosticAI @knosticai
134 Followers 18 Following
PassiveAggressiveInco... @indexnforgetit
41K Followers 2K Following Building wealth through single family rentals in a small town - Path to 20 cash flowing units
Jum @JesterJum
35K Followers 15K Following Daily unhinged humor from an Army vet who doesn't give a fuck 🔥 God, guns, family & zero filter. Follow or stay soft.
Derek Devicemanager @IT_unhinged
17K Followers 7 Following Your laptop is broken? Well, so is my heart, but you don't see me calling you to fix it at 3 AM. I am looking for love. Managing devices @deel
Breaking The Internet... @breakingthepod
828 Followers 3 Following A podcast by @endingwithali and @shenetworks
The Record From Recor... @TheRecord_Media
22K Followers 467 Following Covering the world of cyber and intelligence from every angle.
Shark @sharkincrisis
13K Followers 203 Following Ocean Master 🔱. A Great White Shark on Adventure (Documentary).
Het Mehta @hetmehtaa
42K Followers 2K Following Security Engineer | Content Creator | I talk about Cybersecurity, Tech, Privacy, AI & Startups | Building @100xSecurity
Mitchell Hashimoto @mitchellh
209K Followers 147 Following Creator of Ghostty. 👻 Prev founded @HashiCorp, created Vagrant, Terraform, Vault, and others.
Sam Erde @SamErde
3K Followers 2K Following PowerShell MVP that is passionate about helping others succeed with Active Directory, Entra ID, Defender XDR, and Microsoft 365. Always learning! ✝️👨👩👧👦☕
Bits, Bytes, and Bour... @DecryptedTech
2K Followers 603 Following A Technology Journalist and cybersecurity professional. I have a mission to remove the marketing-speak from the information people receive in their news.
Amanda Ungaro @AmandaUngaroA
107K Followers 6 Following
Give A Shit About Nat... @giveashitnature
160K Followers 193 Following I post practical ways to help wildlife & nature. Join the free newsletter, link in bio Say hi: [email protected]
Schiekadelic @cyberChad101
268 Followers 3K Following i defend 10% of the internet from all the things. (DFIR, vulns, cloudsec, Privacy) Views are my own. he/him/jawn. you do you
Andy Swift @SwiftSecur1
1K Followers 296 Following Security Research | Red Team | Penetration Testing | Reversing | DFIR | CEO of SwiftyNet Firewalls | Views are my own.
Sigrid Jin 🌈🙏 @realsigridjin
15K Followers 1K Following experiencing context rot @ubc 🇨🇦 🇰🇷 proudly korean-canadian
Epstein File Search @epsteinsearchin
95K Followers 0 Following An open source user interface to easily navigate the official published Epstein files. Work in progress.
Aaron Smith @aaronsmith
18K Followers 8K Following Tech for work, swimming for sanity, and doing my bit to fight for integrity in our politics. Also aaronsmith333 at the other place.














