Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Slide Rule - another trip down the memory lane. Thinking I got to learn how to and actually use one of these: sliderulemuseum.com/SR_Cours…
2
3
Replying to @daveshackleford @wimremes
I miss my people, not so much the cons themselves
1
Brilliant!!! mcsweeneys.net/articles/math…

Math Concepts the State of Florida Finds Objectionable

Our 7th most-read article of the 2022. - - -Originally published April 18, 2022. - - -“The Florida Department of Education announced Friday that t...

mcsweeneys.net
8
1
4
Hal Pomeranz retweeted
BSidesAugusta @BSidesAugusta
22 Apr 2022
CALL FOR PAPERS | CALL FOR TRAINING | CALL FOR CTFs for #bsidesaugusta 2022 OPENS on 4/28 BSidesAugusta.org #bsidesaugusta #cyber #csra #AugustaGA #cybersecurity #InfoSec

Home

Cybersecurity Conference, Augusta, Georgia

bsidesaugusta.org
25
2
28
Hal Pomeranz retweeted
Jay Parlar @parlar
20 Apr 2022
If I can offer an observation, 20+ years into my software career: Long term, your kindness and helpfulness are vastly more impactful than your technical skills. People will remember how you made them feel. They're much less likely to remember that awesome function you wrote.
46
798
132
4,745
Hal Pomeranz retweeted
Mike Murphy @mmmmurf
21 Apr 2022
This is a pretty amazing statement. dnalounge.com/backstage/log/…
5
7
Hal Pomeranz retweeted
Anjuan @anjuan
21 Apr 2022
While the ideal is to see a story of ongoing improvement and progress, the reality is that careers can be messy. This is especially true for those who lack privilege. People sometimes take a job because they need access to health insurance for a sick loved one.
2
4
165
Let us not forget Paunch buying zero-days on the open market to further Black Hole back in the early 2010s…
This tweet is unavailable
1
This message brought to you by the proud husband of a high school teacher. @JBeanDesign I see what you do every day to provide a safe space for your kids.
2
5
Every day, across the nation and around the world, teachers save student lives quietly and without fanfare. And all we do is make their jobs harder and less rewarding.
2
3
19
Replying to @webjedi @Foone
I love this so much
1
Hal Pomeranz retweeted
Minoru Kobayashi @unkn0wnbit
21 Apr 2022
It took a while, but the English version of the macOS Forensics Hands-on Workshop materials are now available. Have fun! jsac.jpcert.or.jp/archive/20… jsac.jpcert.or.jp/archive/20… #DFIR #JSAC2022
2
100
4
235
Replying to @MoarGood
Certainly eliminates Exchange as the initial breach, but it will be a juicy target after they get in with stolen VPN credentials
1
2
Replying to @UlfLundh @Rvndoorn
Even if you still have to maintain local Exchange in a hybrid environment, those machines can be completely isolated from the Internet and most of your infrastructure.
1
Replying to @typeyourname10
Definitely avoids a raft of problems, and keeps a large cache of user creds away from your home network. Pay extra for higher levels of M365 auditing to help you troubleshoot cloud issues.
1
Actually let me quote tweet this so it’s easier for everybody to see
Hal Pomeranz @hal_pomeranz
20 Apr 2022
Replying to @uplinc
The most common indicator we’re seeing is w3wp.exe spawning csc.exe. Look for webshells under …\Exchange Server\*\FrontEnd\HttpProxy\{owa,ecp}\*
2
7
15
Replying to @uplinc
The most common indicator we’re seeing is w3wp.exe spawning csc.exe. Look for webshells under …\Exchange Server\*\FrontEnd\HttpProxy\{owa,ecp}\*
1
8
1
52
Because there is no integrated calendaring solution.
Replying to @typeyourname10
Recent experience is teaching me that it’s impossible to securely run Exchange on prem. It’s been the initial point of entry for numerous compromises.
2
31
Notes from the IR front lines — if you have on-prem Exchange, assume compromise. Also start a plan to migrate to Microsoft 365… yesterday.
22
72
8
435
Load more