Jared Semrau

42 posts

Jared Semrau

Jared Semrau

@JaredSemrau

Director, Vulnerability & Exploitation @Mandiant Intelligence Views are my own

Katılım Ocak 2022
41 Takip Edilen169 Takipçiler
Jared Semrau
Jared Semrau@JaredSemrau·
Nothing like returning from PTO and seeing great traction on a piece you worked hard on for months (including from your CEO)! Big thanks to @maddiestone and James Sadowski for the amazing collaboration. If you want to know about zero-days, this is not a report to miss. Enjoy!
Sundar Pichai@sundarpichai

New report from our Threat Analysis Group + @Mandiant observed 97 zero-day vulnerabilities exploited in the wild in 2023, up 50% from 2022. Good news: investments are making a difference - vulnerabilities once common are virtually non-existent today. blog.google/technology/saf…

English
0
1
19
1.3K
Jared Semrau
Jared Semrau@JaredSemrau·
Had a blast talking with @maddiestone about vulns and zero-days on Mandiant's latest The Defender's Advantage Podcast. It's great to have a conversation with other people who are passionate about vulnerabilities and doing what they can to protect people. open.spotify.com/episode/3tALEW…
English
0
0
0
295
Jared Semrau
Jared Semrau@JaredSemrau·
This was some great work done by (@varcharr) and fellow analysts. The culmination of five months of hard work researching and analyzing. Hopefully this continues to be of value for defenders trying to better understand the adversary and what they can do to protect themselves!
Mandiant (part of Google Cloud)@Mandiant

Mandiant identified 55 zero-day vulnerabilities exploited in 2022 which represents a 200% increase compared to 2020. mndt.info/3yLd3MI

English
0
0
4
616
Jared Semrau
Jared Semrau@JaredSemrau·
As always, @campuscodi has nailed the analysis. OpenSSL vulns can be very serious, but we also need to not spin ourselves up without details. Even if they stayed "Critical," OpenSSL's Critical rating can cover a wide range of issues, many of which are objectively not critical.
English
1
1
0
0
Jared Semrau
Jared Semrau@JaredSemrau·
@InfoSecSav I need to do some extensive testing first. May take up my whole Friday!
English
0
0
0
0
Jared Semrau
Jared Semrau@JaredSemrau·
#mWISE was a blast, and I'll have more thoughts on that soon, but coming home to a new member of the family was the highlight of an already great week. Welcome Cora Snickerdoodle Semrau!
Jared Semrau tweet mediaJared Semrau tweet mediaJared Semrau tweet media
English
0
0
1
0
Jared Semrau
Jared Semrau@JaredSemrau·
@InfoSecSav @j2k3k By the second kid, you'll just put them in the crib still awake and think "They'll figure it out..."
English
0
0
1
0
Sav
Sav@InfoSecSav·
@j2k3k Slowly lowering into the crib, looking like:
GIF
English
1
0
0
0
Jared Semrau
Jared Semrau@JaredSemrau·
I'm going to start letting twitter know when I'm about to take PTO, because recent history tells me there is a good chance a big vuln will drop when I do...
English
0
0
0
0
casey
casey@varcharr·
you can also block contacts. imagine your boss trying to contact you and being told they were blocked
English
3
0
10
0
casey
casey@varcharr·
turning off read receipts in teams is a power move
English
4
0
33
0
Jared Semrau
Jared Semrau@JaredSemrau·
In a webinar this week I said: "...but it's not entirely CVSS's fault..." I must be going soft. Not the worst standard in the vulnerability space (looking at your CPE...), but it's not good.
English
0
0
2
0
Jared Semrau
Jared Semrau@JaredSemrau·
@jenschm This game is the reason I still run along every wall in modern games trying to open them, even if there is no logical reason to think there is a door there, haha
English
0
0
1
0
Jared Semrau
Jared Semrau@JaredSemrau·
Last week, our episode of the Risky Business podcast came out, where we got to talk more about the recent @Mandiant and @nucleussec partnership and how integrating Mandiant's vulnerability intelligence into their platform can help operationalize vuln intelligence at scale!
Nucleus Security@nucleussec

Nucleus co-founder Scott Kuffer and Jared Semrau of Mandiant join host Patrick Gray on Risky Business #662 to talk about integrating Mandiant data into Nucleus to make threat intelligence actionable. bit.ly/3k9NSvT #vulnerabilitymanagement #threatintelligence

English
0
2
3
0
Jared Semrau
Jared Semrau@JaredSemrau·
If you're interested in learning more about how vulnerability intelligence can help you better prioritize your remediation efforts, please register for our upcoming webinar. Myself and @_stevecarter_ will be discussing how @Mandiant and @nucleussec can do just that!
Mandiant (part of Google Cloud)@Mandiant

Join experts from Mandiant and @nucleussec as they discuss how vulnerability intelligence can inform vulnerability management prioritization to stay ahead of threat actors. Register today: mndt.info/3xwDjuQ

English
1
1
1
0
Jared Semrau
Jared Semrau@JaredSemrau·
If you want to know what great work my team does at @Mandiant, this blog is just one tiny part of the intelligence we're working on. It's their hard work that makes these types of things possible. Focus on the real threats, not the imagined.
Mandiant (part of Google Cloud)@Mandiant

In 2021, Mandiant Threat Intelligence identified 80 #zerodays exploited in the wild, which is more than double the previous record volume in 2019. Read our latest blog post to learn more 👇 mndt.info/3Mjize6

English
0
0
1
0
Jared Semrau
Jared Semrau@JaredSemrau·
Mandiant's Vulnerability & Exploitation team is hiring a senior analyst! Looking for people who understand vulnerabilities and how they can be exploited, have strong writing skills, and preferably have some software dev skills. If interested, please apply! jobs.smartrecruiters.com/Mandiant/74399…
English
0
1
0
0
Jared Semrau
Jared Semrau@JaredSemrau·
@niksadecimal Agreed. We definitely need a common set of language, but also socialize that scanning is a natural thing that happens when something that is vulnerable is potentially exposed to the internet.
English
1
0
0
0
seantelligence
seantelligence@niksadecimal·
@JaredSemrau I've seen too many panicked emails from customers who don't understand the distinctions. It's painful on the MSSP/vendor side. Usually just lots of all-caps terror about being under active attack, resulting from mass scanning by everyone after a vuln gets announced.
English
1
0
2
0
Jared Semrau
Jared Semrau@JaredSemrau·
SpringShell continues to highlight significant problems within the security community, with the latest battle being the misuse of words and their meanings. There needs to be clear distinction between "scanning activity," "attempted exploitation," and "confirmed exploitation."
English
2
1
10
0
Jared Semrau
Jared Semrau@JaredSemrau·
I say no. This distinction is important and needed for defenders so they know which vulnerabilities need to be prioritized for remediation. By focusing on SpringShell over vulnerabilities that are actively being exploited, you actually end up increasing your threat/risk profile.
English
0
0
3
0
Jared Semrau
Jared Semrau@JaredSemrau·
This is a key distinction, especially in the case of SpringShell. If exploitation requires such specific conditions to be successful, and no one has proven that an exploitation attempt would have been successful against a real-world system, can you call this active exploitation?
English
1
0
1
0

Keşfet

@maddiestone @varcharr @InfoSecSav @campuscodi @Zelmel @ImposeCost @googlecloud @Mandiant