Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Hal Pomeranz retweeted
Amanda @Pandamoanimum
17 May 2022
The final dance in Dirty Dancing, but they’re dancing to The Muppet Show theme tune.
2,579
37,475
11,662
146,974
0
Hal Pomeranz retweeted
Kim Zetter @KimZetter
18 May 2022
🚨"assume compromise** "for all instances of impacted VMware products that are accessible from the internet: Assume compromise, immediately disconnect from the production network, and conduct threat hunt activities as outlined in CISA CSA available here: cisa.gov/uscert/ncas/alerts/…"

Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control | CISA

cisa.gov
25
2
29
Hal Pomeranz retweeted
Jody T @jtyrus
18 May 2022
I’ll add: if you ever have to have a convo with HR and you see they are taking notes, you should be doing the same.
Jack Daniel is over there, not here @jack_daniel
18 May 2022
Oh yeah, recent conversation with a friend reminded me to remind you that HR exists to protect the company, not to protect or support you. Disregard this at your own peril.
1
6
13
Hal Pomeranz retweeted
prokopios @prokopios11
18 May 2022
Replying to @hal_pomeranz
That’s how you showcase your knowledge: doing dangerous and complex things exactly right (or so you think) when there are easier, safer and less complex ways available..
2
1
Yes, if the sticky bit is set and you do everything exactly right you can safely open files under /tmp without creating a privilege escalation race condition. But why go there when there are so many other options available?
1
1
6
Hal Pomeranz retweeted
Jessica Hyde @B1N2H3X
17 May 2022
Wow! Entry level #DFIR roles at @HuntressLabs #DFIRJobs
Jamie Levy🦉
 @gleeda
17 May 2022
Replying to @B1N2H3X
We have a couple of entry level #DFIR jobs available at @HuntressLabs Threat Operations Analyst I (AUS Weekend Shift) boards.greenhouse.io/huntres… Threat Operations Analyst I (UK Weekend Shift) boards.greenhouse.io/huntres…
5
5
Hal Pomeranz retweeted
Jake Williams @MalwareJake
17 May 2022
If you work in tech today, you stand on the shoulders of giants who stand on the shoulders of giants who stand on the shoulders of giants, whether you're a n00b or a "giant" yourself. Never forget it.
12
31
3
230
Hal Pomeranz retweeted
Jake Williams @MalwareJake
17 May 2022
Fantastic read for exploit devs. Not sure how I missed this before.
Connor McGarr @33y0re
8 Apr 2022
Today I am releasing the final post of a 3 part series on “modern” browser exploitation targeting Windows. In this post we port our exploit primitives to Edge itself & combine 12 ROP chains in order to defeat ACG, CIG, DEP, ASLR, CFG, "no child processes" connormcgarr.github.io/type-…
2
1
16
Hal Pomeranz retweeted
Shanna Niggans 🦄
 @fancy_4n6
17 May 2022
True
2
4
Dear InfoSec newbies: I've been in this industry ~25 years. Professionally speaking, at the exact moment that I type this (or when I re-edit this), there are like AT LEAST 5 things I'm responsible for that I totally have no clue what to do about. It gets better - but not easier🤯
26
76
7
961
TFW you find your "lost" wallet...36hrs after cancelling all your cards.
3
10
The woman in the video is Jackie Harford, owner of Fossil’s Last Stand in Catasauqua (near Allentown), PA. The driver is James W. Bode. This happened Friday night. Bravo James. Bravo!
Adam Parkhomenko
 @AdamParkhomenko
15 May 2022
I don’t know who this Lyft driver is but he deserves an award and a seat in Congress.
31
2
96
Hal Pomeranz retweeted
Marisa @POKE_M0M
15 May 2022
Does anyone in nova need this formula? One is half full, and one of sealed. My daughter transitioned to another formula
1
39
110
Hal Pomeranz retweeted
Jamie Levy🦉
 @gleeda
13 May 2022
This thread is 🌶🔥🌶🔥🌶 #dfir
Dray Agha @Purp1eW0lf
11 May 2022
There are lots of blue team guides for monitoring & detecting, but there's not much on what to actually DO when you catch an active adversary. This article's small contribution is to help you evict the adversary in your environment 🧵 huntress.com/blog/evicting-t…
6
8
Hal Pomeranz retweeted
Jeff Tiedrich
 @itsJeffTiedrich
14 May 2022
you didn't have to tell me that the Buffalo shooter was white. I figured that out for myself when you said he was taken alive
1,983
17,128
609
115,859
Hal Pomeranz retweeted
DFRWS @DFRWS
10 May 2022
Join us for the workshop "Performing Linux Forensic Analysis and Why You Should Care" with Ali Hadi @binaryz0ne and Mariam Khader @maryst33d at #DFRWSUSA2022. The workshop will be held on July 14th. dfrws.org/presentation/perfo…
1
8
17
Hal Pomeranz retweeted
Frank Luntz @FrankLuntz
11 May 2022
The vote to ban the books was held without the usual review process for each title. The reasoning: “By that time, we’ve traumatized or caused mental destruction to these students.”
Jeffrey Sachs @JeffreyASachs
11 May 2022
In a 3-2 vote by the Nampa, Idaho school board, these are some of the books now banned in the district: - The Kite Runner by Khaled Hosseini - The Bluest Eye by Toni Morrison - The Handmaid’s Tale by Margaret Atwood bookriot.com/nampa-idaho-boo…
44
33
7
75
Hal Pomeranz retweeted
Jake Williams @MalwareJake
11 May 2022
Stop trying to boil the ocean, especially if you work on a smaller security team. Don't let perfect stand in the way of good enough. The most frequent problem I see here is incessant data gathering delaying action. You don't need to inventory all B2B VPNs to start blocking SMB.
5
28
1
147
#BPFDoor is an evasive piece of Linux malware recently disclosed by @GossiTheDog. The backdoor employs anti-forensics and can bypass firewalls to hide traffic. In this article we do a technical breakdown of how it works and how to find it on your systems. sandflysecurity.com/blog/bpf…

BPFDoor - An Evasive Linux Backdoor Technical Analysis

BPFDoor is an stealthy Linux backdoor operating for years undetected. We disclose full technical details and detection techniques here.

sandflysecurity.com
87
8
196
Load more