Aaron Boyd

@IAMERICAbooted They never are… sadly

The weekend was not long enough lol

Why use the person who can hit grand slams when you've got plenty of people who can bunt?

👀 hope to see you there!

📣 BSides Calgary 2025: Keynote Announcement Update! 📣 We're very excited to update our last keynote announcement, an amazing keynote panel! ICS Security Management, a Business Perspective from Former Front-liners With ICS Experts: Ashif Samnani, Pamela Pouliot, Austin Scott, Paul Smith, Herman Lee, and Paulo Silva, VCP PCNSE hosted at Bow Valley College Annual threat reports from industry thought leaders like Dragos, Waterfall and Mandiant confirm that cyber-physical attacks are increasing at an exponential pace. While smaller in raw numbers, the consequences can be significantly higher. The increase is only part of the story and just one more aspect to the risk management challenges facing decision makers responsible for businesses heavily reliant on industrial control systems. BSides audiences are most likely familiar with the current and emerging ICS threat landscape. Less understood is how these threats are balanced against the multitude of other operational realities such as high capital costs, workforce skill management, regulatory oversight, operational safety, reliability and financial obligations to shareholders. Get your tickets here for an event you don't want to miss! showpass.com/bsidescalgary2… #bsidescalgary #bsides #cybersecurity #speakers

@dnvr_is_burning Taco Bron closed as well. Yesterday was their last day. Damn shame to compare the area now to what it was even 10 years ago..

Another 16th St restaurant is closing: Zoe Ma Ma* 16th St has so many vacancies right now & I don't think the $175m in tax $ we put into renovations will make one bit of difference There are so many ppl who used to come downtown and won't anymore... that's what needs to change

@d0rkph0enix Flaccid lap pinkies. You never cease to amaze and if you ever decide to kickstart one of those daily calendars with jokes or thoughts of the day, I’ll gladly support.

If not for free school lunch programs, I wouldn’t have had access to the only 2 consistent meals a day I ever got as a kid. My Mom was a single Mother with 4 kids working 2 jobs just so we weren’t on the street. This man can eat a bucket of flaccid lap pinkies.

@JetBlk Sp0rkeh

@ics_blitz “I know you hack REEEEEEEEEEE”

This game changed everything for me in a similar way as Tobias. It is when I started coding, designing, and many other things with a computer that led me to where I am today.

@JetBlk Funny you mention myg0t..

@ics_blitz myg0t_blitz ;)

@AdamSandler @netflix @Maize_N_Blue__

Happy Chanukah! Merry Christmas! Happy Holidays! And Happy Gilmore to all!!!!!!

@NathanMcNulty @kerberoasting @EricaZelic Just for my own confirmation, this is only displaying when MFA is reset (i.e., force user to re-enroll) or a user enrolling in MFA for the first time, correct? It wouldn't necessarily capture or display when a new method is added since it's not necessarily a registration event?

@ics_blitz @kerberoasting @EricaZelic This data is recorded in the audit log, never seen the Entra audit logs missing data (unlike UAL) The data from the Entra Audit logs is exposed both in the Entra portal as a nice dashboard and via the Reports API Portal: #view/Microsoft_AAD_IAM/AuthenticationMethodsMenuBlade/~/RegistrationAndResetLogs/fromNav/Identity" target="_blank" rel="nofollow noopener">entra.microsoft.com/#view/Microsof… API: learn.microsoft.com/en-us/graph/ap…

@NathanMcNulty @kerberoasting @EricaZelic Can't say that I've seen a case where the logs were just missing from Entra, but the limitation of only being able to display the last month is mainly what I was referring to. Like you also said though, UAL on the other hand.. who knows 😅

@ics_blitz @kerberoasting @EricaZelic Also of note, if events were missing from the Entra audit logs, no other solution is going to get if the source didn't If you ever know for sure that these events are missing from the Entra audit logs, that's a major issue that warrants tickets and hitting up some MS folks :p

@EricaZelic @kerberoasting @NathanMcNulty Yeah, natively in azure it usually won’t let you view past 30 days and querying data via workbooks is wildly inefficient and inaccurate. It’s why I just ship logs to another log aggregator. Much less of a headache and has multiple different logs in a single pane of glass.

@ics_blitz @kerberoasting @NathanMcNulty Everything "SHOULD BE" logged. Microsoft sometimes misses log events sadly and not many orgs do adequate testing to see that.

@techspence Not impossible. Takes time, confidence, and some outside the box thinking. I’ve done it at current employer and former ones with success.

@ics_blitz If only

Attackers obtaining local admin privileges on end-user systems is a given. Now what...design your security around that fact. Doesn't matter if you use LAPS or Tiered. Local admin access by threat actors is inevitable.

@hddenver1 @jeffhunt Well, I’m pleased to say you won’t be shocked then. None of us are happy about this or pleased. We do speak up, we do vote, we do write letters, we do voice concerns, they just don’t listen. They are chasing dollars and ensuring they get to keep riding the gravy train next term.

Denver is in real trouble. It's not pulling in sales tax revenue because no one wants to go there. To deal with drug-addicted homelessness, there should only be three options: 1. Get help. Connect with Denver Rescue Mission, Catholic Charities, or Step Denver. 2. Leave the city. 3. Go to jail for drug possession. This is compassionate. The government needs to intervene. No more living on streets drug addicted - it harms the community, local businesses, and the individual.

@barstoolsports @Maize_N_Blue__

The Ohio State band literally shat all over Michigan