Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Good words here. Unfortunately I’ve been involved in far too many IRs where the victim is unable to provide the information the reputable IR firm needs.
Lesley Carhart @hacks4pancakes
11 May 2021
Because predatory companies are taking advantage of the many ransomware victims out there these days, I wrote some basic expectations you should have of your contracted IR team and why, from the perspective of an incident responder. tisiphone.net/2021/05/11/rea… via tisiphone-net
2
2
12
Hal Pomeranz retweeted
Lesley Carhart @hacks4pancakes
10 May 2021
A lot of firms are going to be out there shilling magic boxes to fix “everything” in the coming weeks, but while the malware and anti-forensics in these cases are often quite sophisticated, we see the same lack of security hygiene and basic defense in depth exploited repeatedly.
5
39
3
186
Hal Pomeranz retweeted
Wim Remes TR @wimremes
9 May 2021
What I probably long for the most post-COVID is ending up in random cities and doing lunch/dinner with y'all weirdos without much planning ahead. I don't need the mass events. I need 1:x (x<5) time with y'all weirdos.
1
2
1
43
Hal Pomeranz retweeted
Tim McGuffin @NotMedic
7 May 2021
This. Defenders get to design the playing field where the game is played. Defenders have a huge home court advantage. Defenders can set up telemetry unknown to attackers. Defenders have every advantage, and it isn’t included in blinky-light boxes. Defense engineering is beauty.
This tweet is unavailable
1
20
1
44
$ suntools
Erika Heidi ✨ @erikaheidi
7 May 2021
Without telling your age, tell us how old you are with a Linux command 🐧 $ startx
1
2
Forget Rick-rolls, my future pranks will be using this classic youtube.com/watch?v=4fndeD…
1
2
Replying to @CygCygnus
Cools things off briefly but ratchets the humidity up to new levels. That being said, I do like the sound of the rain coming down as long as I have a solid roof over my head.
1
Hal Pomeranz retweeted
🦇missa🦇 @SecuritySphynx
7 May 2021
Everyone thinks “Zero Trust” is sexy, but none want to have the uncomfortable, often ugly conversation about all the technical debt and IT hygiene they HAVE TO fix before they even begin to design for ZT. Much less actually do the things those conversations uncover.
12
76
9
390
I hope the species that comes after us takes their stewardship of this remarkable planet to heart.
7
Learn about masala chai's history as a tool of rebellion against the British (and how to brew a good cup.) epicurious.com/expert-advice…
2
4
1
6
Hal Pomeranz retweeted
TwistedDoodles @twisteddoodles
6 May 2021
Passwords
35
1,046
96
4,683
Replying to @fancy_4n6
First column, fourth down
1
1
Replying to @HECFBlog
#ClouDFIR?
2
13
Replying to @wimremes @TimMedin
Don’t listen to him, Wim. You’re awesome!
3
I'm his boss. I'm a bigger moron. You CAN do this.
🇺🇦Mike Saunders @hardwaterhacker
6 May 2021
Stop worrying about imposter syndrome. I've got a job and I'm a fcking moron. You're more than adequate for the job.
6
9
3
157
want to bypass Startup folder file write monitoring ? 1) rename "Startup" folder 2) drop the target file in the renamed startup folder 3) rename it back to "Startup"
20
271
14
779
You can tell it’s summer in Florida by the regular afternoon monsoons. 45min of heavy rain sometime between 2pm and 5pm.
1
2
Replying to @hacks4pancakes
I order chicken caesar salads from room service and tell myself I’m being healthy
2
This is awesome! Love you all!
@econrad.bsky.social @eric_conrad
6 May 2021
Quite an honor to be featured in a @BHinfoSecurity #BackdoorsAndBreaches expansion deck along with this all-star team: @AletheDenis @TimMedin @sibertor @itssmithereens @marcusjcarey @RobertMLee @ChloeMessdaghi @jorgeorchilles
1
1
5
Load more