I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

Orlando, FL
Joined November 2008
My pandemic travel saga starts with notification last night from @united that my flight had been cancelled due to “unexpected operational issues” (my translation: “Crap! We have no crew!”).
1
1
4
Hal Pomeranz retweeted
The loudest voices rarely represent the majority. They're usually speaking for the extremes. You won't understand the views of a group until you've invited the quieter voices into the discussion. Don't mistake silence for disengagement. It's often a sign of deep reflection.
113
2,483
233
9,455
Hal Pomeranz retweeted
Our latest blog post covers how our services team detected and then investigated a 0day vulnerability being exploited in Sophos firewalls #DFIR #infosec
✅ Exploitation of 0⃣ day at the time? ✅ Web🐚s involved? ✅ DNS MiTM? 👨‍🏭 It can only mean one thing. Volexity blog: volexity.com/blog/2022/06/15… #threatintel #cve20221040 #apt
3
13
Looking back is just nostalgia without learning & growing from the past. I’m planning to cover the lessons of the past & introduce evolutionary revelations for the future of bug bounties, labor rights, & the world we want to build. I hope to see you there. blackhat.com/us-22/briefings…
1
3
17
$60K bug bounty and thank you Tzah for not selling this on the black market where you likely could have made much more.
I was able to access thousands of companies’ passwords on #Azure and run code on their VMs. This includes access to Microsoft’s own credentials… 💣 Here’s HOW I did it. This is the story of #SynLapse. (1/11)
2
2
23
Hal Pomeranz retweeted
What I had to say about AI in 2018, and pretty much what I say today.
128
5,991
614
23,128
Hal Pomeranz retweeted
Researchers on Palo Alto's Unit 42 team analyse PingPull, a remote access trojan used by the GALLIUM APT group (also known as Softcell). PingPull has the capability to leverage three protocols (ICMP, HTTP(S) and raw TCP) for command and control. unit42.paloaltonetworks.com/…
14
2
30
In this blog, Microsoft provides details about the BlackCat ransomware, also known as ALPHV, techniques and capabilities. They also take a deep dive into two incidents they’ve observed where BlackCat was deployed | microsoft.com/security/blog/… @MsftSecIntel
15
1
24
Hal Pomeranz retweeted
You deserve to live your authentic gender expression, and it’s profoundly wrong of people to take that from you.
3
34
179
Hal Pomeranz retweeted
Let’s internalize this for a second.
1,004
67,940
1,208
345,192
If we ever get solid "right to repair" laws in this country, make sure they also include the "right to refill" to stop the greedy bloodsuckers like @HP and @Keurig
1
2
8
Hal Pomeranz retweeted
Louder for the people in the back! Very few things survive full forensic analysis, but that's not the goal. Even if your "one cool trick" does, entire (useful) attack chains do not. The goal is (and always has been) bypassing real time alerting. Anything else is gravy.
Replying to @NotMedic
Note that we’re not fully trying to bypass forensic data, but just alerts that get sent to a SOC analyst for triage.
3
27
Hal Pomeranz retweeted
Some asshat from NASA called me Joe’s “PR girl” at the rocket launch today, and I’ve spent the day trying to talk myself down from quitting rocketry forever. I’m 25, I’ve been dealing with this shit for over a decade in STEM, and it STILL gets to me sometimes. A thread 👇
270
628
107
5,016
If you had to pick one movie to introduce Chicago to non-Chicagoans, what would it be? I picked "The Blues Brothers", and @JBeanDesign went with "Ferris Bueller's Day Off".
1
1
Anybody have a car service they prefer to Uber/Lyft in Chicago? Looking for airport transit to/from downtown and occasional trips within the city, mostly near the Loop.
1
Hal Pomeranz retweeted
I'm hiring linux threat researchers! If you want to join a crack team of cyber detectives, check us out! jobs.lever.co/sophos/ec6a661…
5
47
4
110
GIF
power outage hold on (via @wendynather)
The title of your memoir is the last text message you sent.
2
Here are next week's courses! ⬇️ • "Attack Emulation Tools: Atomic Red Team, CALDERA and More" | @OrOneEqualsOne • "Linux Forensics" | @hal_pomeranz | On-Demand available • "Intro to Social Engineering" (PWYC) | @c1ph0r Training calendar: antisyphontraining.com/train…
7
1
12
Trivia time! > The attackers have deleted your critical logs. Write a regular expression to recognize the Linux log timestamp format and find the deleted logs in unallocated space. < Comment your answers! Learn more about Linux w/ @hal_pomeranz! ➡ antisyphontraining.com/linux…
2
7
2
21