I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

Orlando, FL
Joined November 2008
This is a great write-up about LockBit 2.0 Ransomware! Very interesting they are using NtQueryInformationFile() with "FileProcessIdsUsingFileInformation" with the goal of killing file lock holders This is a more low level and evasive approach than using the Restart Manager API
Check out my analysis of #LockBit #ransomware v2.0 where I analyze all of its functionalities in IDA! chuongdong.com/reverse%20eng… h/t to @BushidoToken for the CTI and @demonslay335 for helping with the crypto!
1
16
67
We can house all refugees, not just the white ones. We can lift all out of poverty, especially children. We can work with dignity with flexibility & no commute. What else have we seen proof of in the last couple of years of the lies of the white supremacist classist patriarchy?
4
10
74
Hal Pomeranz retweeted
Being poor is not something to be ashamed of, and does not devalue you as a human, and as a human you should always have what you need to be well.
3
29
2
389
Watched “The Map of Tiny Perfect Things” on Amazon. Highly recommended.
3
3
120
2
357
Compassion is hard. Living with anger and hatred is harder.
1
1
12
Hal Pomeranz retweeted
This is a good one & I believe it. "If you have knowledge, let others light their candles by it."
5
12
Hey everyone. @Antisy_Training now has On-Demand training for many of our classes (and more to come!) On-Demand gets you lifetime access to all class updates. We have an amazing start with some amazing instructors. Check it out. antisyphontraining.com/on-de…
6
35
7
83
This is the best synopsis of what happened, why I sued Microsoft seeking class action, why I dropped my individual lawsuit, & the white-hot generational fire that forged what I did next & will continue to do until I’m gone or until we have #payequity theverge.com/22331972/pay-eq…
4
2
15
Hal Pomeranz retweeted
I wish I could like this more than once.
I had a mask on & walked into a jammed post office. A guy was leaving, approaching the doors as I entered. He looked at me & muttered loudly “Fucking sheep,” & I hollered back “Nobody wants to hear about your hobbies.” The entire PO exploded in laughter. A few folks clapped.
1
13
50
Hal Pomeranz retweeted
Anyone know of any entry level cybersecurity analyst jobs open? Cybersecurity community college grad (hell yeah!) looking to get their foot in the door somewhere!
58
116
1
447
Hal Pomeranz retweeted
Have you always wanted to give open source investigation a go, but don't know where to start? We've produced this easy to follow guide for beginners to help get you started: bellingcat.com/resources/202…
9
269
18
747
Hal Pomeranz retweeted
#DFIR Tip: Don't forget to check out the files sitting in `ProgramData\Microsoft\Windows\Power Efficiency Diagnostics\*`. These XML files are snapshotted daily and denote processes using high CPU cycles. See screenshot for a command to review process names/files.
5
121
2
349
Last chance to register for the first in-person run of my Linux Forensics training! If you're looking for a small class setting, this is going to be your best bet! kernelcon.org/training#linux…
7
1
15
Hal Pomeranz retweeted
1\ How to detect what command line spawned a process with no EDR/AV? 👀 #DFIR If you have a memory sample, this is how you can figure out what cmd spawned the processes by using volshell and memory forensics. STEP BY STEP GUIDE BELOW 👇 👇 👇 👇  #MemoryForensics
22
353
4
1,183
Hal Pomeranz retweeted
This is 100% correct.
This tweet is unavailable
1
11
1
60
Hal Pomeranz retweeted
Thrilled to share my new blog post: Put an io_uring on it: Exploiting the Linux kernel. Follow me while I learn a new kernel subsystem + its attack surface, find an 0day, build an exploit, + come up with some new tricks. I go deep and demystify the process graplsecurity.com/post/iou-r…
48
648
41
2,419
When #Linux is trending... Time to sudo apt upgrade
2
6
2
24