Show newer
Jerry Bell boosted

Can't recall which feed I saw this in, but I love this approach to laptop design. If they offer the same in a 15-16" form factor, I think I've found my eventual next laptop

frame.work/blog/introducing-th

Jerry Bell boosted

Yo! $DayJob is looking for to recruit security researchers, developers, engineers team leaders and more to join the team. Seriously...hit me up and I can give you more intel.

has anyone played around with ebpf? The feed of exec() and open() calls seems quite useful from a security monitoring perspective

Jerry Bell boosted

bullshit levels are currently at 84% but fluctuating wildly

(84%) ■■■■■■■■□□

Jerry Bell boosted

Mitigating Web Shells

This repository houses a number of tools and signatures to help defend networks against web shell malware. More information about web shells and the analytics used by the tools here is available in NSA and ASD web shell mitigation guidance Detect and Prevent Web Shell Malware.

github.com/nsacyber/Mitigating

Jerry Bell boosted

I'm hiring two Principal Security Researchers to join my Applied Research Team at Veracode. One focused on application static analysis and auto-remediation, one focused on dynamic analysis of web apps and web APIs.

My team is fully remote always (we have team members in EU, UK, US so far), great support for education (including attending conferences), pursuing your own projects, flexible scheduling, etc.

Boosts appreciated!

More info: mobile.twitter.com/chriseng/st

Jerry Bell boosted

YAML configs for:

1. NSA Events to Monitor List hannahsuarez.github.io/2021/Wi

2. Events from the Windows 10 and Windows Server 2016 Security auditing and monitoring reference hannahsuarez.github.io/2021/Wi

3. Exploit protection events based on attack surface reduction events hannahsuarez.github.io/2021/Ex

And, which Windows auditing events require failure and success logging?
hannahsuarez.github.io/2021/Wh

YMMV!

I have a few more to share next week.

I did not have on my bingo card “Wall Street traders monitor Reddit memes for clues to next breakout stock”

In other news, This is going to be my bug out spot soon. bestbeachgetaways.com/property

Not very good for a bugout spot, but it does have a nice view.

Forgot to announce that the upgrade completed successfully. Currently pruning preview cards and old remote media - freed up >150GB so far 😅

Show thread

Upgrading infosec.exchange to Mastodon 3.3.0. Hold on to your hats...

Jerry Bell boosted

Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues

Nice overview of a number of tools (Checkov, Regula, Terraform-compliance, Terrascan, tfsec) with examples of custom check writing and more.

blog.christophetd.fr/shifting-

Jerry Bell boosted

us pol 

Dept of State says that Trump's term ends tonight at 7:49PM. Definitely a defaced website, but we can dream.

state.gov/biographies/donald-j

Jerry Bell boosted
Jerry Bell boosted
Jerry Bell boosted

I have to say, whatever they did has made the infosec.exchange server very snappy. Pretty happy. So far.

...and we’re back. Hosting company moved us to a new server and it took about 10x longer than expected.

Jerry Bell boosted

I've started up a new called EliteCast. It's aimed at business leaders and decision-makers who want to understand the importance of without all the technical jargon. The first episode is a bit rough, IMO, but I'll get back into the groove soon.

Spotify link as I wait for Apple to approve my listing:

open.spotify.com/show/1bwMb0Ro

Thanks, and I hope you all enjoy it!

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.