Sandro Bachmann

We released a critical advisory, affecting many customers, mainly in Switzerland and Germany. TLDR: Pre-authenticated RCE in Cluebiz cloud, allows arbitrary takeover of internal endpoints over the Internet. infoguard.ch/zero-day-clueb… Stay safe!

@SANSEMEA When I ask who is ready for lunch and nobody answers. This is a horror for me.

Introducing the 2020 SANS Halloween Competition! 🎃 We want you to tell us your work from home horror stories for your chance to win a limited edition SANS t-shirt! To enter just comment with your story, retweet this post and follow @SANSEMEA - winners will be announced 31 Oct

Thank you @SANSEMEA you are awesome 🤗 #SANSHalloween

St.Nicholas🎅🏼 has some gifts for you 🎁 If you want the Defcon Switzerland Snowflake, then retweet *this* till Sun 8.12. 23:59 CET we will select 10 at random & send each one per post PS: Dont forget to safe the date for AREA41 conference 11-12/6/2020 #DC4131 @a41con

@SANSEMEA Honeypot Lecter

🎃 #SANSHalloween 2019 Competition 🎃 “Not all monsters live under beds” 👻🧟‍♀️ This year we want you to combine a creepy character with cybersecurity 🔐. The best entries will receive a custom T-shirt of their entry. Get commenting below! Here’s one to get you started......

@SANSEMEA Van Hunting

And another one... Passed the #GNFA exam today. Thanks to @PhilHagen @SANSEMEA @sansforensics @SANSInstitute #SANSZurich #SANSAlumni #FOR572 And now let‘s hunt the adversaries on the wire.

Passed my GREM exam today 🥳 Thanks to @lennyzeltser @SANSInstitute @SANSEMEA for providing excellent course material and an awesome class experience in #SANSAmsterdam

After yesterdays talk of @mathias_fuchs I also needed to develop something. I present you the #SANSAlumni Logo #FOR572 Edition #SANSZurich

I know I shouldn‘t but now i like cookies. #FOR572 #SANSZurich #SANSAlumni

PCAP or it didn‘t happen. Ready for day 2. #SANSZurich #SANSAlumni #FOR572

Wir suchen eine/n Analyst/in Security Operation Center. Interessiert an dieser spannenden Position im Bereich #ITSecurity? Jetzt bewerben: stadt-zuerich.ch/portal/de/inde…

Finished my GCFA exam today. Many thanks to @mathias_fuchs and @SANSEMEA for this great and instructive week in Prague.

Did some more experiments with RDP MRUs. It really looks promising. cyberfox.blog/attackers-and-…

Doing some Treat Hunting. Still didn't find anything. Probably have to wait until Halloween :p @SANSEMEA #SansPrague

Wie Hacker in beinahe jeden Computer kommen: Millionen von Computern weisen Sicherheitslücken auf dank BIOS Chips. Wie es dazu gekommen ist und was es nun zu tun gilt, erklärt unser CDC-Experte @mathias_fuchs! #InfoGuard #CDCBehindTheScenes bit.ly/2xUVTw3

As dangerpus as #lowjax is, the basic principle applies: malware can hide, but it must run! Suggesting hunting techniques like shimcache stacking. As the malware's usually only on few machines, rpcnetp.exe and autoche.exe should be right on top of your inverse shimecache stack.

Great OSINT/GEOINT, this thread is worth reading 👇

«Hände hoch, du bist verhaftet!» Kommt das Ihnen bekannt vor? «Räuber & Gendarmen» hat mehr mit Cyber Security zu tun, als Sie vielleicht denken. Was genau, erklärt Ihnen einer unserer #InfoGuard Gendarmen im #CyberSecurityBlog! bit.ly/2PUevnx