I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
In 1986 I was attending a small liberal arts college that had a CS program with a single faculty position that was cross-listed with the math department. So the CS students got to run the small network of Sun3 machines.
2
20
If you felt a strange disturbance in the Force it was just me finally turning off the email/DNS services that I've been running for decades. This is somewhat bittersweet for me, so hang on for some stream of consciousness storytelling about 30+ years of email management.
6
19
5
110
Hal Pomeranz retweeted
RBAC doesn't scale. At all. It's time we do away with this theoretical approach to access control.
Every decade or so the world (re)discovers RBAC/MAC. tailscale.com/blog/rbac-like…
2
1
3
Hal Pomeranz retweeted
@strozfriedberg has released a new Cobalt Strike Beacon Parser.
#strozfriedberg #dfir #CobaltStrike
aon.com/cyber-solutions/aon_…
34
3
67
I know COVID is on everybody’s minds right now but don’t neglect your other regular vaccinations. It’s flu vaccine time again, and this is particularly important for the immunocompromised.
2
12
Hal Pomeranz retweeted
I'm collecting used laptops to fix up for 1000+ families in need. Let me know if you have any to spare
8
19
2
20
For those of you who have been missing it during the COVID crisis, this is what leadership looks like. Kudos to @strandjs and @WWHackinFest for making the tough call and doing the right thing. youtube.com/GZ__IuhDqyc
4
13
1
80
Hal Pomeranz retweeted
great find! 😁
☝ triggered the exploit without owning a Razer mouse device! with a (rooted) Android device (using configfs) it was possible to construct the required usb gadget.
👉 so just plug in an Android phone and elevate to local admin immediately 💥🔥💥
Need local admin and have physical access?
- Plug a Razer mouse (or the dongle)
- Windows Update will download and execute RazerInstaller as SYSTEM
- Abuse elevated Explorer to open Powershell with Shift+Right click
Tried contacting @Razer, but no answers. So here's a freebie
8
174
10
578
Demonstrably false. Certainly the sex workers are not benefitting financially from losing their livelihoods.
Hal Pomeranz retweeted
This is pretty much the most acceptable and best answer when a friend shares something like this. Look at any of your friends. Had they met you as another gender would you still enjoy their company? Yup. Cool, can we go do the thing now? Accept and love people for who the are. ❤️
1
4
35
Somebody is spending a lot of money lobbying to make the Internet hostile to sex workers. Who benefits financially from this?
4
4
You do know what is right. Beware any person or group who tries to interfere with your personal moral compass. True mastery comes from within.
1
Hal Pomeranz retweeted
It's OK to not be OK.
Reach out for help. Right now, times are tough.
Disaster Distress Helpline
1-800-985-5990, or text “TalkWithUs” to 66746
National Suicide Prevention Lifeline &
Veteran Crisis Line
1-800-273-TALK (8255)
National Institute of Mental Health Crisis Text Line 741741 (text “HELLO”)
cohcwcovidsupport.org/
1
7
14
Hal Pomeranz retweeted
This is why we can't have nice things.
Fortinet FortiWeb OS Command Injection [‼️0-day]
[PoC]
POST /api/v2.0/user/remoteserver.saml HTTP/1.1
...
...
Content-Disposition: form-data; name="name"
`touch /tmp/vulnerable`
rapid7.com/blog/post/2021/08…
3
5
22
My county in Florida is now offering booster COVID vaccines for the immunocompromised. While I’d like to see more of our population getting their first dose, this is good news for those that need it. seminolecountyfl.gov/departm…
2