Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
The science of COVID's indoor vs. outdoor transmission: The risk of infection indoors is almost 19 times higher than in open-air environments theatlantic.com/ideas/archiv… A good look at mitigating risks of transmission indoors #ncpol #COVID19NC #avlnews
1
26
2
34
“Shit, Helen, we’re all disposable. You’re disposable, too... That’s how this works. Same with me. We all have to find ways to keep ourselves indispensable, for the time being.” apple.news/AT8w_wN5hSzOS65Kg…
Replying to @Carlos_Perez
Paging @CCrowMontance! Enjoy it in good health, @Carlos_Perez!
1
1
Finally got a refund for my last outstanding airline itinerary. I officially have no airline or hotel reservations for the first time in decades. Feels weird, but I’m grateful to be home with my people.
3
“Don’t stop me now! I’m having such a good time, I’m having a ball...” youtube.com/watch?v=HgzGwK…
1
2
Also I am wondering if there is a legitimate reason to see DNS responses with Authority but no Glue? Shouldn’t such responses simply be dropped?
Reason number eleventy-billion to be using “allow-recursion” ACLs on your internet-facing BIND DNS servers, along with rate-limit. But, yes, please patch.
The Register
 @TheRegister
21 May 2020
FYI: A vulnerability was found in the domain name system that can be exploited to massively amplify traffic to a victim's DNS server, knocking it offline You need to patch at least: ISC BIND, NLnet labs Unbound, PowerDNS, and CZ NIC Knot Resolver theregister.co.uk/2020/05/21…
1
1
Replying to @MalwareJake
And what about the commercial real estate market?
3
Replying to @try2Bthere4ea
You’re most welcome!
This whole thread
strandjs - strandjs@bsky.social @strandjs
21 May 2020
Replying to @strandjs
We all need to work together. Any weakness is a weakness that needs to be fixed, let's work together to fix things. As I said, things are only fragile till they break. Or, as @k8em0 says "Don't hate the researcher, hate the vuln."
2
6
12
Glad you enjoyed it! Hope you can put the knowledge to good use!
This tweet is unavailable
1
1
“Well how much more can we take with all of this corruption?” youtube.com/watch?v=MOhGgR…
Replying to @matchstickboy
Gamera is friend to all children!
1
This morning’s Florida wildlife adventure was rescuing the 5lb turtle from my pool and releasing it in the neighborhood retaining pond. Poor little lost dinosaur.
3
16
“But I tell myself that I was doing alright. There’s nothing left to do at night but go crazy on you...” youtube.com/watch?v=vGEKW-…
Replying to @strandjs
NTDSExtract
4
2
Replying to @jamesyorke @BHinfoSecurity
I LOLed
1
2
"capa: Automatically Identify Malware Capabilities" from @m_r_tz and me at the upcoming (virtual) @sansforensics DFIR summit. we've been working on this tool for more than 10 months and can't wait to finally share it. sans.org/event/digital-foren…
5
93
8
231
Another postcard from a simpler time... youtube.com/watch?v=3Eaz9z…
2
Oops
Frank ⚡ @jedisct1
18 May 2020
Ubuntu Server installer: the LUKS passphrase for any encrypted volumes was leaked into the logs, which were then copied to the installed system (CVE-2020-11932). github.com/CanonicalLtd/subi…
1
2
8
Load more