John Harrison

357 posts

John Harrison

John Harrison

@drdriveby

Security dude focused on protecting users from Ransomware attacks and some of the latest threats. The opinions I express here are my own

Mountain View, California Katılım Ağustos 2008
292 Takip Edilen228 Takipçiler
John Harrison retweetledi
Nasreddine Bencherchali
Nasreddine Bencherchali@nas_bench·
We just finished processing or in other words we just "Slash & Grabbed" this amazing report from @HuntressLabs team. Made some updates and added some new Sigma rules. But fortunately a lot of it was already covered by old generic rules. Here is a quick thread on every Sigma rules from @sigma_hq you can use to catch things mentioned in this 💎report
Nasreddine Bencherchali tweet media
John Hammond@_JohnHammond

We just published a report on EVERYTHING that @HuntressLabs SOC is seeing for post-exploitation from #ScreenConnect CVE-2024-1708/CVE-2024-1709. huntress.com/blog/slashandg… There's A LOT of it. We're talking: - Adversaries Deploying Ransomware (LockBit and others) - Classic LOLbin enumeration and reconnaissance - Dropping cryptocurrency miners (masquerading as SentinelOne) - Installing other persistence and backdoors (SimpleHelp C2, SSH, Remote Desktop, new users, reverse shells) This includes all the technical details and tradecraft for each variety of these attacks. Please go look through this. If I may be so bold, I think this is seriously the biggest and most-comprehensive release of the active threat intel that we've seen shared publicly so far.

English
2
27
123
82.4K
James Sun
James Sun@jamessun·
@drdriveby @EarthLink Glad to hear your email situation was resolved. I *still* use a Mindspring email account and every few months it gets hijacked. Would like to DM you to discuss how your situation may be similar to mine.
English
3
0
1
35
EarthLink
EarthLink@EarthLink·
@drdriveby Good Afternoon, John. I am very sorry we are taking so long to get things back up and running for you. I'd like to look into this further and see if there's anything I can do to help. I'll contact you in a direct message for further assistance.- Nelson, EarthLink
English
1
0
0
31
Florian Roth ⚡️
Florian Roth ⚡️@cyb3rops·
Don't expose your VMware, RDP, Confluence, firewall management interface and TeamCity server to the Internet I think the main reason you don't see this in best practice guides is because it's so obvious It's like telling people "Do not put pets in the microwave to dry them"
English
28
86
468
46.7K
John Harrison
John Harrison@drdriveby·
Nice overview and summary from @CeciliaZin ! This should be very interesting to watch! I wonder what @kevinroose and @CaseyNewton think about it! Hardfork episode time! #hardforkpodcast #chatgpt4
Cecilia Ziniti@CeciliaZin

🧵 The historic NYT v. @OpenAI lawsuit filed this morning, as broken down by me, an IP and AI lawyer, general counsel, and longtime tech person and enthusiast. Tl;dr - It's the best case yet alleging that generative AI is copyright infringement. Thread. 👇

English
0
0
0
60
John Harrison retweetledi
Robert Graham
Robert Graham@robertgraham·
Cybersecurity expert here: no. The stories of teenage hacking are sensationalized. As far as we can tell, he didn't hack into the company using a FireTV stick. He accessed the company using his phone. Specifically, he connected his phone to the TV and its bluetooth keyboard, through the FireTV stick. This made things more convenient when accessing the Internet from his phone, but was by no mean such things were essential. Moreover, the story sounds like he'd hacked into the company and stolen the content weeks before. He then just logged into their Slack to taunt them while in the hotel room. Accessing Slack from you phone is not terribly difficult. As for his skills, most teenagers have no skill in general, but have been taught by other teenagers one specific skill. What makes it work isn't because the teenagers are smart but because their targets are dumb. The NSA already has all these skills. The one thing that would be valuable to the NSA is autistic obsession with tech. There are a lot of autism-spectrum people who you could just stick in a room and watch blossom with tech skills because they are obsessed with them. You don't have to 'train' them, they'll train themselves. But, their goals aren't aligned with the NSA. The NSA doesn't go romping through the Internet hacking whomever they find. NSA hackers are given specific tasks to achieve, they must play by the rules, and the paperwork involved is more arduous than the actual hacking. Such autistic kids would not do well in that environment. The kind kids the NSA wants to hire are those that are socialized enough they won't get so angry at the needless paperwork and roadblocks that they go off on a rampage (like Snowden). That's a rare enough skill to find. All the rest of the hacking skills can be taught. If you are an organization with zero skills of your own, then sure, hiring such kids will at least get you started. But you'll exhaust their value within 3 months, after which you've got a sociopath on your hands that you have to deal with.
Noah Smith 🐇🇺🇸🇺🇦🇹🇼@Noahpinion

Hire this kid for the NSA immediately

English
37
285
2.2K
417.1K

Keşfet

@HuntressLabs @sigma_hq @jamessun @EarthLink @fusepark @cyb3rops @CeciliaZin @kevinroose