BZH

107 posts

BZH

@bzhinfosec

Former pentester @intrinsec, now incident response @awscloud. Tweets erratically.

Vancouver, British Columbia Katılım Mart 2015

460 Takip Edilen89 Takipçiler

BZH@bzhinfosec·11 Tem

@ChrisDeLeon I just want everything to be perfect on the first try. It shouldn't be that hard...

English

BZH@bzhinfosec·8 Şub

I'm hiring Security Engineers in Seattle (amazon.jobs/en/jobs/143287…) and Vancouver (amazon.jobs/en/jobs/143292…). We're automating incident response @awscloud. Looking for candidates from all sorts of backgrounds. We have interesting problems and interesting people trying to solve them

English

BZH retweetledi

Rob Fuller@mubix·18 Ara

I would like everyone who follows me to do this one thing. DM someone who follows you, but you have never interacted with. Wish them a happy holidays and ask them how they are doing. Do this one thing for me. Please and Thank you 🙏.

GIF

English

BZH@bzhinfosec·20 Kas

@cnotin 🧐 Opened filesystem ➡️ Searched "mimikatz" 😅 Added "EDR" to the marketing website

English

Clément Notin@cnotin·20 Kas

🧐 Opened EDR console ➡️ Searched "mimikatz" 😅 Added "threat hunting" to LinkedIn profile

English

418

BZH retweetledi

Jon Hencinski@jhencinski·9 Eki

Normalize the thinking that a #SOC is a place for innovation: A #SOC: - isn't just "lower-level" work - is where great innovation happens - is just as important as dev / eng / it - is filled with great feature ideas (not just based on the last problem they ran into)

English

247

BZH retweetledi

Colm MacCárthaigh@colmmacc·4 Eyl

We've completed the rollout of TLS1.3 across Amazon CloudFront. It's now available and on for all CloudFront customers with no action or settings needed. Enjoy! aws.amazon.com/about-aws/what…

English

305

BZH retweetledi

Scott Piper@0xdabbad00·27 Ağu

You can now get access to the DNS logs of the VPC DNS resolver! Previously only GuardDuty had access to those. aws.amazon.com/blogs/aws/log-…

English

116

BZH retweetledi

Arioch@ZeArioch·28 Tem

Want to bring your #DFIR skills to a great team in a challenging environment? Take a look right over there! ⤵️

Nicolas Bareil@nbareil

I think we spent more time adding #Yara click-baits than working on the actual description of the job but here it is: We have 3 open positions in Airbus CERT pastebin.com/hqt4mqhX #DFIR #Toulouse #Forensic #DetectionEngineering #Malware

English

BZH retweetledi

AWS Security@AWSSecurityInfo·10 Tem

Updates to the security pillar of the AWS Well-Architected Framework: go.aws/2ZgP0UQ

English

BZH retweetledi

Arioch@ZeArioch·9 Tem

If you're looking into ETW for #DFIR purposes, you'll probably like feeding them into your Splunk SIEM. Bonus round: you don't need to destroy your license consumption! You can define granular filters on providers, event IDs and more. Enjoy!

Sylvain Peyrefitte@citronneur

Love ETW but can't afford #Splunk *and* Defender ATP at the same time? Take a look at our ETW Splunk Forwarder add-on! Set up the providers you want, add some filtering and voilà! github.com/airbus-cert/Sp… By the way, we're hiring! #DFIR #ETW #Windows

English

BZH retweetledi

Scott Piper@0xdabbad00·28 Haz

Almost one year ago after attending re:Inforce, I wanted there to be a cloud security conference that was independent of the cloud providers. I'm so excited that this is actually happening tomorrow as fwdcloudsec.org after so many hours by the organizers and speakers.

English

221

BZH retweetledi

Heather Adkins - Ꜻ - Spes consilium non est@argvee·20 Haz

Plug: Google's IR+Forensics teams have a new blog osdfir.blogspot.com (contributors welcome!) and have done two Forensic Lunches with @HECFBlog on the Google team's open source Forensics Tools (youtube.com/watch?v=0yMGXl…) & how to do Incident Management (youtube.com/watch?v=hhUQcU…)

YouTube

English

BZH retweetledi

Danilo Poccia@danilop·16 Haz

AWS Lambda + Amazon EFS – You can now use a shared file system from your Lambda functions! Here’s my post ✍️ buff.ly/3d2KSLO #AWS #Serverless #Storage

English

124

333

BZH retweetledi

Joe Słowik 🌻@jfslowik·21 May

"So what do you do for money?"

English

129

BZH retweetledi

bridgecrew@bridgecrewio·20 May

We're excited to release TerraGoat, a vulnerable-by-design training tool for #Terraform! 🐐 📑 Read more about why we built TerraGoat: bridge.dev/2XdwAlz ⭐ Check it out on GitHub: bridge.dev/3bLgOUt

English

131

BZH@bzhinfosec·16 May

People interested in Cloud Security should definitely attend this!

Amazon Science@AmazonScience

On May 28 we'll be hosting a live Q&A with @MarcJBrooker, senior principal engineer at @awscloud, about Firecracker, an open source virtualization technology. He'll explain why it was built and how it's used inside AWS Lambda. Register here: amazon.science/videos-webinar… #AmazonScience

English

BZH retweetledi

PortSwigger Research@PortSwiggerRes·14 May

This is a brilliant vector by @RenwaX23 <a autofocus onfocus=alert(1) href=?>. Who knew that Chrome decided to apply the autofocus attribute to every element! Now on the cheat sheet #onfocus" target="_blank" rel="nofollow noopener">portswigger.net/web-security/c…

English

117

289

BZH retweetledi

j00ru//vx@j00ru·14 May

With Windows 10 20H1 (2004) almost out the door, I've updated the system call tables on my blog and on GitHub. Delta-wise, this seems to be the biggest Windows 10 update yet: +7 syscalls in ntoskrnl and +64,-6 in win32k.sys github.com/j00ru/windows-…

English

135

411

BZH retweetledi

human cpu (no longer here)@cpuGoogle·26 Nis

Intel with all the melt/spec/leak mitigations, the bare-bones syscall cost went from ~70ns to about ~350ns. It's crazy. I think we lost 10 years of system call performance.

English

392

1.5K

Keşfet

@ChrisDeLeon @awscloud @cnotin @HECFBlog @RenwaX23 @elonmusk @BarackObama @taylorswift13