Here are the main ways that vulnerable #OpenSSL instances *might* manifest in-the-wild (we will update this diagram to be more precise once the CVE details have been published). Credit to @ncsc_nl for the appropriately Halloween-themed logo.
In 2019 I heard threat hunting described in so many ways it became hard to pin down what the concept is. What three words would you choose to describe your view of threat hunting?
Spot on. To elaborate a bit:
1) Know what you're protecting (data).
2) Know how #1 can be accessed (systems, via identities).
3) Know the observable events associated with #2.
4) Build and/or buy in an order that makes sense to obtain #3.
5) Detect, respond, improve. https://t.co/uxxtVeefNt
In case you don't already know, the BigCo's (Amazon. MS, GOOG, Apple come to mind) have some *redonkulous* security talent, dealing with offensive and defensive techniques *way, way different* than research in the public sphere. https://t.co/uSYfxUAYxe
We have 25 positions to fill in the Amazon #SOC. I want it done in the next 3 months. Multiple locations, not remote. Security Devs, System folks, Detection folks, and more. Entry to Principal #infosecjobs
I just published a blog post on a new word-list-based domain generation algorithm of the Nymaim malware: https://t.co/z7v4a7VBBX . The algorithm has already been included in the DGArchive https://t.co/z6x7QZdTq5. #nymaim#dga.
Leader of the Carbanak online crime gang arrested in Spain. One of their methods was to hack ATMs to dispense all of its cash at a pre-determined time (also known as 'jackpotting'). https://t.co/kalFHwGUZG
Hijacking the Admin/Jump Servers of Domain Admins: Get Admin on the jump server -> Get SYSTEM -> Run tscon.exe as SYSTEM -> "if you run tscon.exe as the SYSTEM user, you can connect to any session without a password"
https://t.co/vdySfvOZZC thanks @PyroTek3#adsecurity#DFIR
A teacher I know in Toccoa, GA is looking for someone in tech to come speak to her 2nd graders on career day March 30th. Anyone interested? It’s pretty close to Knoxville, Asheville, and Greenville.
Great opportunity to do something positive in a rural community!