I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Hal Pomeranz retweeted
“There comes a point where we need to stop just pulling people out of the river. We need to go upstream and find out why they're falling in.” - Desmond Tutu
#DesmondTutu
3
170
2
499
Part three of my Linux honeypot analysis with a whole bunch of encoded shell scripts of dubious origin and quality. Thanks again for the image, @SecShoggoth! righteousit.wordpress.com/20…
18
1
45
Hal Pomeranz retweeted
WMEye - A small project I wrote that uses WMI foo to remotely upload shellcode into a WMI Class and execute it by invoking MSBuild.
It uses LogFileEventConsumer Class to write the MSBuild Payload.
github.com/pwn1sher/WMEye
#redteam
1
166
3
366
Could two followers please copy and re-post this tweet? I'm trying to demonstrate that someone is always there, especially at this time of year. Call 800-273-8255 (National Suicide Prevention Helpline US). Just two. Any two. Copy, not retweet. Let’s all look out for each other.
Could two followers please copy and re-post this tweet? I'm trying to demonstrate that someone is always there, especially at this time of year. Call 800-273-8255 (National Suicide Prevention Helpline US). Just two. Any two. Copy, not retweet. Let’s all look out for each other.
1
2
Hal Pomeranz retweeted
And this is why we'll be finding software with embedded log4j for years to come...
5
73
3
353
For those of you who are looking for more of my Linux honeypot analysis, Part 3 & 4 will be appearing this coming Mon/Tue (Dec 27&28). In the meantime, get started with righteousit.wordpress.com/20… and righteousit.wordpress.com/20…
1
13
1
36
Hal Pomeranz retweeted
This is totally true. And. The investment required to get this right and maintain it is a massive piece of overhead most orgs can’t afford. Don’t tell us we need it. Tell us how to do it well without strangling ourselves.
In 100% #DFIR cases I worked on this year, the victim orgs couldn't tell what information was on their servers, what got compromised, and what impact will it have if this information leaks.
So today you are ready to hear the truth...
#infosec #cybersecurity #informationsecurity
3
4
12
Hal Pomeranz retweeted
OK folks, this is NOT a drill. If you're not monitoring access to your IMDS, you better start NOW.
Don't panic. This is very observable. But you do have to enable logging.
Attacking the metadata api with #Log4j
And getting crisp on #log4j impact on the cloud control plane.
Merry Christmas y’all
vectra.ai/blogpost/log4j-uni…
4
27
3
87
Hal Pomeranz retweeted
A retweet but great link for the Unix crew to read and remember. www-uxsup.csx.cam.ac.uk/misc…
1
3
3
Hal Pomeranz retweeted
It probably won't be a surprise that my favorite movie of all time is Willy Wonka and the Chocolate Factory (1977). I get asked about that a lot this time of year. Tis the season, so let me to tell you why I love it so much...
5
15
2
68
Hal Pomeranz retweeted
COVID is to public health as recycling is to the environment: people were sold a solution they can fix with good citizenship, rather than a massive public policy undertaking, and they're rightly confused when that--and nothing else--didn't work.
62
7,237
179
43,072
Part two of my honeypot image analysis righteousit.wordpress.com/20… — shout out to @CraigHRowland and thanks again for the image @SecShoggoth!
2
7
1
19
Real world Linux honeypot image to investigate? Thanks @SecShoggoth! Part one of my analysis is here righteousit.wordpress.com/20…
13
1
17
Hal Pomeranz retweeted
In case it helps anybody else...
CONFIG_THUNDERBOLT is no longer in the Linux kernel, it's called CONFIG_USB4 now. So if you update your kernel and suddenly your dock stops working, maybe this tweet will save you all the time I just spent troubleshooting that. :)
80
3
341
Hal Pomeranz retweeted
Can I say there is something morally injurious to being urged to cancel all my Christmas plans so I don’t get Covid so that I am still capable of looking after all of the people who got Covid because they didn’t cancel their Christmas plans.
34
11,939
561
87,788
Hal Pomeranz retweeted
I have no idea what this is about, but it’s Michelle Yeoh, so does it really matter? Everything Everywhere All At Once | Official Trailer HD | A24 youtube.com/wxN1T1uxQ2g via @YouTube
1
1
6