Timothy D. Morgan

It was a real pleasure working with the @Lansweeper team on this #inventorymanagement / #CyberSecurity integration. They're great partners to have. linkedin.com/feed/update/ur…

Learn more on @Lansweeper’s blog ( lansweeper.com/blog/partners-… ), our blog ( deepsurface.com/essential-it-v… ), or get started now by visiting the Lansweeper - DeepSurface Integration Page ( deepsurface.com/lansweeper-int… ). 2/2

#DeepSurface is thrilled to announce our new Integration Partnership with Lansweeper! Together we are pushing the boundaries of visibility– giving you a complete view of your assets AND where your #cybersecurity risk really exists. 1/2 🧵

@techspence DLL sideloading in privileged services or scheduled tasks. Still super common in the real world, anytime someone installs software outside of C:\Program Files deepsurface.com/windows-servic…

Hey hackers.... What's your favorite local privilege escalations in windows/AD environments? 😈😎

And this is why I have such a hard time helping newcomers to the field... Thanks for putting it in an nutshell @halvarflake.

@gf_256 Bonus points if you've ever pulled that off during a pentest. I once submitted negative value as a refund to the "customer". At the report readout, I told the devs "Oh, but I really doubt your fulfillment department would issue the refund" ...*pause*... "You might be surprised."

security researchers be like

Coming up next on #DRNewsDesk Tim Morgan @DeepSurfaceSec @ecbftw on DeepSurface Adds Risk-Based Approach to Vulnerability Management darkreading.com/DRNewsDesk #bhusa

@wvuuuuuuuuuuuuu Glad someone is finding it useful!

As mentioned in the blog post, the technique is from @ecbftw in 2013. The old is new again. 2013.appsecusa.org/2013/wp-conten…

Great chain. A fine example of using XXE to upload a file, too!

Check out a recent finding by one of our own, Naveen Sunkavally. CVE-2022-28219 is an unauth RCE for ManageEngine ADAudit Plus. This XXE -> Deserialization chain often leads to host compromise as well as priv'd AD creds. Check out the blog post and POC: horizon3.ai/red-team-blog-…

Was a fun interview. With that said, these interviews allow for only so much depth in the answers, so I'm curious to know others' thoughts on some of the questions they asked. What are your experiences with the limits of CVSS+TI? Reporting to boards?

OWASP's example implementation of check_private_ip() is quite naive. It can be bypassed with 0x7f.0.0.1 #SSRF #application-layer_1" target="_blank" rel="nofollow noopener">cheatsheetseries.owasp.org/cheatsheets/Se…

Patch what matters. darkreading.com/application-se…

We’re thrilled to announce our latest $4.5 million #seedfunding. Learn how we’re accelerating product development of our award-winning #vulnerability and risk management platform today #cybersecurity #automation bit.ly/3so2XO5

It’s 2022, and the fix is still “disable the anti malware agent”. Don’t ever change, infosec/AV industry.

In 100% #DFIR cases I worked on this year, the victim orgs couldn't tell what information was on their servers, what got compromised, and what impact will it have if this information leaks. So today you are ready to hear the truth... #infosec #cybersecurity #informationsecurity

#Log4J Worm is ITW @vxunderground has a sample of the self propagating worm using log4j as a vector. It installs a Mirai bot which makes sense to targeting embedded Linux devices Looks like it uses user-agent for exploitation and modifies the binary before sending (?)