@tinker I'm here. I blame you entirely.
Skimmed through the GPG & S/MIME paper. Some good theory w/decent outlined attack scenarios. Currently involves a lot of work by the attacker, including getting the target to open and decrypt new malicious emails.
Not terribly worried about it. It’s low risk for both my personal and my client’s Threat Scenario. But still cool!
Side issue: I’m going to have to explain this to my C-Lvl... when did I get co-opted by blue team?! This is what I get for pushing purple team all these years.
Post from @PyroTek3@Twitter: https://wpengine.com/unmasked/
June 13, 1973
An individual had a vision. Years before my date of birth he plotted todays headaches through #rfc524. Not to be outdone, someone added a button to modern UI's that allows individuals to continue to inflict pain to large threads of people. They call this button "Reply-All" and it is the ultimate -micro-blogging platform.
#One.#Word.#Emails.#With.#Image.#Based.#Signatures #killmenow
Bitching about ineffective end user training...
If you are in #infosec and tow the “security is users responsibility” line, try getting off your ass and staying on point with current threats, updating your content rules, detection tech (endpoint too, not just network). Security is your primary responsibility. The user has their own job!
Bitching about ineffective end user training...
Why do we continue to #train against the bad behaviors we use as #business practice? A client just trained their staff not to click on #Docusign links. They are a huge docusign shop and provided the users with no tools to spot real from fake. Only “don’t click from untrusted sources.” ... every related incident I have worked lately has been a #phish from a #trusted third party.
https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/ Could impact Sophos, Trend, Fireeye, MalwareBytes, Airwatch and possibly others. #7zip #vulnerability #infosec
humor from Twitter
#IR Actor bin: wmplayer.exe -- When performing least frequency analysis on running processes during an engagement - don't bring previous whitelists. Just do your thing and consider the environment your in.
Husband, Father, Biker, Enigmatologist, Security Research, IR, Close Protection Professional. Proud American. GitHub: nma-io Wire: @nma