Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Hal Pomeranz retweeted
Binni Shah @binitamshah
29 Jul 2021
macos-virtualbox : Push-button installer of macOS Catalina, Mojave, and High Sierra guests in Virtualbox for Windows, Linux, and macOS : github.com/myspaghetti/macos…
10
193
6
767
Hal Pomeranz retweeted
chompie @chompie1337
29 Jul 2021
So excited to finally release my blog post- Kernel Pwning with eBPF: a Love Story. I cover eBPF, the verifier, debugging, exploitation, mitigations and other cool findings! I do root cause analysis and exploit CVE-2021-3490 for LPE with PoC included. graplsecurity.com/post/kerne…
36
591
37
1,853
My recent ransomware reports are all depressingly similar. PLEASE look to the security/patch level of edge firewall/VPN devices, send their logs to an external host for long-term storage, and make sure you have network-layer logs that show attempts to compromise these devices.
1
28
4
115
Replying to @HeatherMahalik
MCO approach is right over the 528 freeway. It’s exciting if you’re driving along that stretch at the right moment.
1
2
Replying to @Steph3nSims @HalbornSteve
Don’t forget @strandjs
1
Hal Pomeranz retweeted
Blake Rogers @RakeDodgers
23 Jul 2021
37
1,173
81
6,050
Replying to @PSYber_Jen @sansjen
I also think it's very well done. The video message with the Tom Hanks narration must have been spendy.
1
1
Hey @4n6woman what’s your fan’s take on the Cleveland baseball team name change?
Hal Pomeranz retweeted
Jake Williams @MalwareJake
1 Jul 2021
If you want to detect exploitation of #printNightmare/CVE-2021-1675 (and you most certainly do) enabling PrintService-Operational event logging (not default), was the most reliable method we found in the @BreachQuest lab. Here's how to script enabling the logging:
3
144
10
373
Replying to @LaNMaSteR53
For me there's something about being in the same room with attendees and sharing that energy
1
3
Replying to @codeslack
It will probably finish shortly after I’m asleep in … zzzzz
Running bulk_extractor overnight, hopefully waking up to clues in the morning!
1
14
Hal Pomeranz retweeted
Christophe Veltsos @DrInfoSec
21 Jul 2021
Great thread!
Chris Sanders 🔎 🧠 @chrissanders88
21 Jul 2021
One of the more helpful things new analysts can do is to read about different sorts of attacks and understand the timeline of events that occurred in them. This enables something called forecasting, which is an essential skill. Let's talk about that. 1/
1
2
Replying to @LaNMaSteR53
Not at all. Generally the students see my video but I don’t see them.
1
1
Replying to @LaNMaSteR53
Speaking as an instructor, I miss in-person training. I miss being with the audience and getting instant non-verbal feedback.
1
4
They found their niche but it’s all they have in their lives that makes them feel special. So they defend it ruthlessly.
10
Replying to @yerdonna8 @justdo_com
Direct exploits are easier/more predictable for the attacker. They are often stealthier. And yes, user awareness and training does have something to do with all of this.
1
Replying to @yerdonna8
It’s just a general rule of thumb based on my experience buying IT solutions. Budget 20% of the original purchase on an annual basis for license renewal/upgrades.
1
Hal Pomeranz retweeted
GKIDS Films @GKIDSfilms
20 Jul 2021
Happy 20th anniversary, SPIRITED AWAY! ✨
20
2,740
170
7,793
Hal Pomeranz retweeted
~ @nemesis09
21 Jul 2021
And there’s the exploit. Think Reddit scored this as CVSS 7.0. Just consider for a moment what orgs patching policies tend to be for something scored 7.0. And yes, many orgs go purely by cvss score in terms of patch urgency.
Florian Roth
 @cyb3rops
21 Jul 2021
Exploit code for the Linux PrivEsc vulnerability CVE-2021-33909 #Sequoia is on Github github.com/AmIAHuman/CVE-202…
7
4
6
Load more