My London VPN nodes are going really slow. -- Lots of US based traffic I presume.

I dislike HTML5. Nearly as much as Flash. - That is all.

Wow, just checked. My last PGP/GPG/SMIME encrypted email was sent in 2016 (I had to actually pull OFFLINE archives.) My last encrypted (non-email) message was sent 4 minutes ago....To my wife. Times have changed. :)

Skimmed through the GPG & S/MIME paper. Some good theory w/decent outlined attack scenarios. Currently involves a lot of work by the attacker, including getting the target to open and decrypt new malicious emails.

Not terribly worried about it. It’s low risk for both my personal and my client’s Threat Scenario. But still cool!

Side issue: I’m going to have to explain this to my C-Lvl... when did I get co-opted by blue team?! This is what I get for pushing purple team all these years.

Its a new week! You have a fresh start at frustrating weak red teams. Disable ICMP globally.

June 13, 1973 

An individual had a vision. Years before my date of birth he plotted todays headaches through . Not to be outdone, someone added a button to modern UI's that allows individuals to continue to inflict pain to large threads of people. They call this button "Reply-All" and it is the ultimate -micro-blogging platform.
......

Bitching about ineffective end user training... 

If you are in and tow the “security is users responsibility” line, try getting off your ass and staying on point with current threats, updating your content rules, detection tech (endpoint too, not just network). Security is your primary responsibility. The user has their own job!

Show thread

Bitching about ineffective end user training... 

Why do we continue to against the bad behaviors we use as practice? A client just trained their staff not to click on links. They are a huge docusign shop and provided the users with no tools to spot real from fake. Only “don’t click from untrusted sources.” ... every related incident I have worked lately has been a from a third party.

Actor bin: wmplayer.exe -- When performing least frequency analysis on running processes during an engagement - don't bring previous whitelists. Just do your thing and consider the environment your in.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.