Nicholas Albright @nma@infosec.exchange
Husband, Father, Biker, Enigmatologist, Security Research, IR, Close Protection Professional. Proud American. GitHub: nma-io Wire: @nma
Joined Dec 2017
Daughters graduation! She is officially smart and I am officially old!
My London VPN nodes are going really slow. -- Lots of US based traffic I presume.
I dislike HTML5. Nearly as much as Flash. - That is all.
Nicholas Albright
boosted
@tinker I'm here. I blame you entirely.
Wow, just checked. My last PGP/GPG/SMIME encrypted email was sent in 2016 (I had to actually pull OFFLINE archives.) My last encrypted (non-email) message was sent 4 minutes ago....To my wife. Times have changed. :)
Nicholas Albright
boosted
Skimmed through the GPG & S/MIME paper. Some good theory w/decent outlined attack scenarios. Currently involves a lot of work by the attacker, including getting the target to open and decrypt new malicious emails.
Not terribly worried about it. It’s low risk for both my personal and my client’s Threat Scenario. But still cool!
Side issue: I’m going to have to explain this to my C-Lvl... when did I get co-opted by blue team?! This is what I get for pushing purple team all these years.
Post from @PyroTek3@Twitter: https://wpengine.com/unmasked/
Its a new week! You have a fresh start at frustrating weak red teams. Disable ICMP globally.
June 13, 1973
An individual had a vision. Years before my date of birth he plotted todays headaches through #rfc524. Not to be outdone, someone added a button to modern UI's that allows individuals to continue to inflict pain to large threads of people. They call this button "Reply-All" and it is the ultimate -micro-blogging platform.
#One.#Word.#Emails.#With.#Image.#Based.#Signatures #killmenow
Bitching about ineffective end user training...
If you are in #infosec and tow the “security is users responsibility” line, try getting off your ass and staying on point with current threats, updating your content rules, detection tech (endpoint too, not just network). Security is your primary responsibility. The user has their own job!
Bitching about ineffective end user training...
Why do we continue to #train against the bad behaviors we use as #business practice? A client just trained their staff not to click on #Docusign links. They are a huge docusign shop and provided the users with no tools to spot real from fake. Only “don’t click from untrusted sources.” ... every related incident I have worked lately has been a #phish from a #trusted third party.
https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/ Could impact Sophos, Trend, Fireeye, MalwareBytes, Airwatch and possibly others. #7zip #vulnerability #infosec
#IR Actor bin: wmplayer.exe -- When performing least frequency analysis on running processes during an engagement - don't bring previous whitelists. Just do your thing and consider the environment your in.
Husband, Father, Biker, Enigmatologist, Security Research, IR, Close Protection Professional. Proud American. GitHub: nma-io Wire: @nma
Joined Dec 2017
