Ben Potter

320 posts

Ben Potter banner
Ben Potter

Ben Potter

@benji_potter

Founder of FIRCY. ex AWS security leader. Ambassador for #NoMoreRansom. Tweeting cyber and cloud.

Adelaide, South Australia Katılım Ağustos 2015
218 Takip Edilen405 Takipçiler
Ben Potter
Ben Potter@benji_potter·
@__steele I drive past where it’s made at least monthly, it’s good stuff!
English
0
0
1
48
Aidan W Steele
Aidan W Steele@__steele·
I brought this chicken salt on my latest trip around the world. It travelled 39,700km with me and now it’s home because I completely forgot to share it with (in order) my cousins, colleagues and fellow conference-goers. I also learned it sets off X-ray machines 100% of the time.
Aidan W Steele tweet media
English
3
0
16
1.1K
Ben Potter
Ben Potter@benji_potter·
Call it social media threat intelligence gathering 😎 If you can only search for single IP's then start with 52.27.191[.]181, 52.27.190[.]67, 52.27.190[.]9, 52.27.190[.]10, 52.27.191[.]179, 52.27.191[.]164, 52.27.190[.]82, 52.27.190[.]78, 52.27.190[.]90. Yes AWS are aware.
English
0
1
2
173
Ben Potter
Ben Potter@benji_potter·
Thought I'd ask the cloud community to DM me or reply if you've seen activity in your AWS logs (S3 / VPC / web application) for IP addresses in the range of 52.27.190[.]0 > 52.27.191[.]255 between July 2022 and April 2024. We've seen billions of requests, are we alone?
English
1
1
2
304
Ben Potter
Ben Potter@benji_potter·
@QuinnyPig The real real horror is if the requests were “accidentally” generated by AWS themselves doing security scans billions of times a month.
English
0
0
2
819
Ben Potter retweetledi
Nick Frichette
Nick Frichette@Frichette_n·
As someone involved in the AWS offsec space, I want to share why I strongly do NOT recommend the HackTricks AWS Red Team Expert course. The author of it is a plagiarist, stealing content from other creators and is directly profiting off of it through sponsorships. A 🧵
English
7
75
323
119.8K
Ben Potter
Ben Potter@benji_potter·
@crbholdings @ericpullen @Ford This meant my Powerwall never charged and had to buy a generator to get through another 48h outage. AC coupled batteries are not good in backup or off grid situations!
English
0
0
0
19
ericpullen
ericpullen@ericpullen·
And with that, the power is back on and Luna is drinking from the grid again. She did a great job helping us through the outage and deserves a nite off! Total time off was 1hr shy of a full 5 days. @Ford #F150Lightning
ericpullen tweet media
English
18
24
272
40.9K
Ben Potter
Ben Potter@benji_potter·
@crbholdings @ericpullen @Ford I have a powerwall and would love to sell it, last big outage where I live lasted 12h powering single fridge and lights and was fully charged. Next day it wouldn’t charge because utility increased grid voltage to 265v to force grid feed solar to turn off.
English
0
0
0
21
Ben Potter
Ben Potter@benji_potter·
@0xdabbad00 Add to this AWS encourage “small” businesses and partners to use distributors, which means the distributors own root access and their email and phone systems become responsible and therefore targets for literally thousands of accounts.
English
0
0
1
0
Ben Potter
Ben Potter@benji_potter·
@0xdabbad00 My (non) favourite feature is the S3 server access logs are configured to log to itself, circular logging is definitely not cost optimised!
English
1
1
12
0
Ben Potter
Ben Potter@benji_potter·
AWS IAM Identity Center replaces the old Single Sign-On console, looks much better thank you @AWSIdentity !
Ben Potter tweet media
English
3
0
8
0
Ben Potter
Ben Potter@benji_potter·
This is not a drill for Jenkins users that choose to expose their instances / servers to the internet. Long list of plugins vulnerable with no patches: bleepingcomputer.com/news/security/… Time to remove them from being publicly exposed!
English
1
0
1
0
Ben Potter
Ben Potter@benji_potter·
I’ve been staring at this hotel phone… do I do it?
Ben Potter tweet media
English
1
0
4
0
Ben Potter
Ben Potter@benji_potter·
@0xdabbad00 Nice! I taught myself tig as it’s so precise and similar to soldering (done lots over the years).
English
0
0
1
0
Scott Piper
Scott Piper@0xdabbad00·
Weekend project, built a lumber rack by cutting and welding steel stock. My gasless flux core mig welds are really bad, but “a grinder and paint makes me the welder I ain’t”, and it holds! (Though the bottom rack has the concrete probably doing most of the work)
Scott Piper tweet mediaScott Piper tweet media
English
6
0
28
0
Ben Potter
Ben Potter@benji_potter·
Found my first working #IoT project in storage… Nokia 6110 with SMS microcontroller for digital I/O! 15+ years ago it was pretty sophisticated for a home alarm system compared to what we have now. Little circuit board on the right is actually a remote doorbell receiver.
Ben Potter tweet media
English
0
1
3
0
Ben Potter retweetledi
Joseph Cox
Joseph Cox@josephfcox·
New: underground trade of bots that steal your 2FA codes. Bot places convincing automated call to target. Victim enters code, gets fed to hacker instantly. Dramatically lowers the barrier of entry for bypassing 2FA, no social engineering skills needed vice.com/en/article/y3v…
English
7
286
532
0
Ben Potter
Ben Potter@benji_potter·
I will always prefer working virtually. Today was Clare in South Australia amongst nature with a beautiful creek. Bees got a bit close a few times!
Ben Potter tweet media
English
0
0
2
0