Jay Beale

4.3K posts

Jay Beale

@jaybeale

@InGuardians CEO, Bustakube, Peirates, IANS Faculty, BastilleLinux, #kubernetes @BlackHatEvents Trainer,#neurodivergent fam, he/him, [email protected]

InGuardians Seattle Katılım Ocak 2008

4.3K Takip Edilen6.3K Takipçiler

Sabitlenmiş Tweet

Jay Beale@jaybeale·1 Tem

Excited to teach #Kubernetes Attack & Defense @#BHUSA in Aug (@bhevents)! The class is >50% hands-on, w/ step-by-step labs. Students get computers to keep w/ CTF VMs & K8S cluster to #hack, win flags & break attacks. Come join me & the @InGuardians crew! #0-day-unnecessary-attacking-and-protecting-kubernetes-linux-and-containers-45335" target="_blank" rel="nofollow noopener">blackhat.com/us-25/training…

English

4.5K

Jay Beale retweetledi

Graham Helton (too much for zblock)@GrahamHelton3·10 Şub

HOL UP

Obsidian@obsdmd

Anything you can do in Obsidian you can do from the command line. Obsidian CLI is now available in 1.12 (early access).

English

239

29.3K

Jay Beale retweetledi

Graham Helton (too much for zblock)@GrahamHelton3·27 Oca

We can disagree on many things but dismissing this as a skill issue of kubernetes admins is absurd and insulting. Software that is the backbone of most major cloud infra deserves more scrutiny not less. All points were already addressed in the disclosure reddit.com/r/kubernetes/s…

Graham Helton (too much for zblock) tweet media

Graham Helton (too much for zblock)@GrahamHelton3

Excited to disclose my research allowing RCE in Kubernetes It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout. Unfortunately, this will NOT be patched.

English

135

21.7K

Jay Beale@jaybeale·27 Oca

@GrahamHelton3 I’m so impressed with the work you’ve been doing in this space, Graham. Keep pursuing your passion!

English

Jay Beale retweetledi

Graham Helton (too much for zblock)@GrahamHelton3·27 Oca

@jaybeale Thanks for all your help @jaybeale!!!

English

141

Jay Beale@jaybeale·27 Oca

@GrahamHelton3 ‘s discovery is important to understand. Check this out and follow him for his future and past work!

Graham Helton (too much for zblock)@GrahamHelton3

English

272

Jay Beale retweetledi

Graham Helton (too much for zblock)@GrahamHelton3·23 Oca

90 days from initial disclosure is up on January 30th which means a full blog breakdown, poc, exploit, and a lab to practice in will be made public shortly after. Stay tuned...

Graham Helton (too much for zblock)@GrahamHelton3

I'm releasing research soon detailing a technique to take over Kubernetes clusters. It allows running arbitrary commands in EVERY pod in the cluster using only a commonly granted "read only" RBAC permission. Oh and it's not logged by Kubernetes AuditPolicy 👀

English

198

24.2K

Jay Beale retweetledi

Jayson E. Street 💙 🤗💛@jaysonstreet·22 Oca

I was recently laid off, so I’m officially open to new opportunities. If you need a Hacker, or a teachable moment using Red Team tactics. I can also be a trainer, community builder & liaison. I want more than a job I need a company & purpose I can believe in. Please share! 💜🤗💜

English

160

462

34.9K

Jay Beale retweetledi

Azeria@Fox0x01·14 Ara

Grab a copy if you’re still looking for a nerdy Christmas present 🤓 🦊

D. Kalugin-Balashov@rvncerr

Christmas gift to myself has arrived - @BlueFoxBook by @Fox0x01

English

657

43.7K

Jay Beale retweetledi

Mark Manning@antitree·10 Ağu

Here's a writeup for a tool I released at #DEFCON Cloud Village called "pilreg". It also might help if you're playing @jaybeale 's Kubernetes CTF. Thanks to @JonJohnsonJr for teaching me about whiteout files which this tool hunts for. antitree.com/2025/08/defcon…

English

1.7K

Jay Beale retweetledi

Container Security CTF@CtfSecurity·10 Ağu

One of the Kubernetes CTF at DEF CON organizers, @jaybeale, is doing Kubernetes attack demos and Kubernetes security Q&A at the Wall of Sheep Village at 4:30pm today, Saturday. Come check it out! #DEFCON33

English

294

Jay Beale retweetledi

Queercon@Queercon·8 Ağu

Queercon is getting set up at the #defcon33 kevops pool party, come find us!

English

661

Jay Beale retweetledi

r00t@r00t0wns·8 Ağu

Family is forever.

English

4.5K

Jay Beale retweetledi

Sarah Young@_sarahyo·7 Ağu

Achievement unlocked: a book I co-wrote at the @BlackHatEvents bookstore!

English

673

21.8K

Jay Beale@jaybeale·7 Ağu

Definitely recommend catching @GrahamHelton3's panel!

Graham Helton (too much for zblock)@GrahamHelton3

Made it to @defcon. Would love to chat, I'll be around and trying to keep a pretty open schedule. Saturday I will be on a @RedTeamVillage_ panel @ 12:00pm discussing "Getting caught in offensive security" if you'd like to stop by.

English

211

Jay Beale retweetledi

Container Security CTF@CtfSecurity·7 Ağu

Come play in one of two Kubernetes Capture the Flag events we're facilitating at #DEFCON 33! Fri – Sun: Learning CTF Saturday: Competitive CTF First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer! containersecurityctf.com @defcon #DEFCON33

English

4.2K

Jay Beale@jaybeale·25 Tem

Julian was incredibly smart, creative AF, & so driven. He was really generous w his time, mentoring when I was a teenager at Bethesda-he was the technical and creative lead at the beginning. He had even been in a electro-pop band in Denmark. Shocked that he's gone so early.

Bethesda Game Studios@BethesdaStudios

It’s with great sadness we learn of the passing of Julian LeFay. He was the driving force in the creation of The Elder Scrolls and the foundations of Bethesda as a game studio. Simply put, without Julian, we would not be here today. If you had the opportunity to work with Julian, you were blessed to know a one-of-a-kind force of nature, who pushed everyone to create something special. His work and spirit will live on both in our memories and in our games.

English

313

Jay Beale@jaybeale·15 Tem

So excited to teach Kubernetes Attack and Defense in August at @BlackHatEvents #BlackHat!

InGuardians™@inguardians

Our own Justin Searle @meeas and @jaybeale are teaching industry leading courses at Black Hat next month! Join them to learn how to pen test, hands-on: Control Systems, IIoT and Kubernetes! Kubernetes: #0-day-unnecessary-attacking-and-protecting-kubernetes-linux-and-containers-45335" target="_blank" rel="nofollow noopener">blackhat.com/us-25/training… Control Systems and IIoT: #assessing-and-exploiting-control-systems-and-iiot-44520" target="_blank" rel="nofollow noopener">blackhat.com/us-25/training…

English

285

Jay Beale@jaybeale·12 Tem

So many people have learned so much in Justin’s classes both at Black HAt and SANS. He is a really great teacher.

Justin Searle@meeas

Now adding a whole new day of content, including 4FSK and basic FHSS recovery, among other things!

English

332

Jay Beale retweetledi

Katie🌻Moussouris (she/her/she-ra/she-hulk) 🪷@k8em0·9 Tem

Another fun fact: This vulnerability was one that helped me launch Microsoft Vulnerability Research (MSVR), the first major software vendor multiparty vulnerability coordination process & 3rd party vuln research & reporting process. Google Project Zero followed ~7 years later.

thaddeus e. grugq@thegrugq

Fun fact: this vulnerability spurred the creation of the pwnies.

English

8.4K

Jay Beale retweetledi

Today In Infosec@todayininfosec·9 Tem

2008: Several DNS vendors released patches to mitigate an attack method discovered by Dan Kaminsky which could be used to cause DNS cache poisoning. Kaminsky had discovered the vulnerability 6 months prior and reported it to vendors privately so they could address it. RIP, Dan.

English

213

26.3K

Keşfet

@GrahamHelton3 @JonJohnsonJr @BlackHatEvents @defcon @elonmusk @BarackObama @taylorswift13 @cristiano