I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Today I'll be giving a rapid intro to eBPF. Hope to see you there! zoom.us/webinar/register/WN_…
2
3
Hal Pomeranz retweeted
Good morning. Today is a great day to review your DNS logs. You might find:
* Malware C2
* Automatic update checks for unauthorized software
* Use of unapproved SaaS (go shadow IT!)
* Website access patterns consistent with insider threats
Go get it folks!
6
39
5
210
Hal Pomeranz retweeted
For anyone who thinks a negative covid test means that you just have a cold or something else, think again. Paul and I were both sick with covid and testing negative for 2-3 days before we got a positive test.
4
2
14
I’m weirdly happy that IRC bots are making a comeback
We observed notable updates to the long-running malware campaign targeting Linux systems by a group known as the 8220 gang. The updates include the deployment of new versions of a cryptominer and an IRC bot, as well the use of an exploit for a recently disclosed vulnerability.
3
Hal Pomeranz retweeted
I *so* want to put a sign out by our street that reads as follows:
No matter how loudly you rev your engine,
No matter how fast you race down our road,
It still doesn't make up for your teeny, tiny penis.
2
1
9
Hal Pomeranz retweeted
Here's a #BumbleBee loader behavior we've seen lately that we briefly wanted to share with the community. odbcconf.exe is a lesser-known LOLBIN...learn more about it here: lolbas-project.github.io/lol… Some good peeps to follow for more on 🐝 are @k3dg3 and @pr0xylife
The #BumbleBee dropper/downloader continues to change. We’re now seeing odbcconf.exe load the malicious DLL (rather than Rundll32). While odbcconf.exe can execute DLL files, we don’t commonly observe it doing so in the wild, so this is an interesting change! #RCIntel
3
63
5
162
Hal Pomeranz retweeted
Didn’t know I needed to read this little story today.
Who needs a quick wholesome story break?
So I grew up in the middle of nowhere, Ohio. My house was in the center of a bunch of neighboring cornfields.
We didn't get girl scouts, encyclopedia salesfolks, knife sharpening, or proselytizers.
1
1
Hello friends! I'll be doing a quick overview of eBPF for Linux monitoring this Thursday at 1pm US/Eastern (17:00 UTC). zoom.us/webinar/register/WN_…
8
9
Special mention for @AmericanAir for flying the oldest, rattle-iest CRJ-700 in the skies. But at least it got us to Florida. Step up the maintenance though, OK?
2
11 hours, four airports, two canceled flights, two rental cars, one @lyft, one trip in the family minivan and we are home! Easy!
4
5
Our American Eagle flight needs to be jump-started from ground power and has no A/C until the main engines get going. Could be a little warm in this buggy, but at least we have an aircraft.
2
2
So here I am at 4:15am in a @Lyft shuttling between IAD and DCA. Our itinerary today takes us to four airports (IAD, DCA, TPA, MCO) with only one leg in the air. Good times!
1
We had rented from @Thriftycars at IAD and were told it would be a $500 charge to drop off at DCA. Pre-COVID, that surcharge didn’t exist—free drop-offs at any DC area airport.
1
No flights at all from any DC airport to Orlando. Finally found a flight into Tampa on @AmericanAir.
1