Scott Massari
2.7K posts
Scott Massari
@scottmassari
Cybersecurity, motorcycles, rock climbing, snowboarding, powerlifting. Lover of all things Cleveland, Detroit, and in-between. Enzo's Dad.
The Glass City Katılım Nisan 2009
738 Takip Edilen265 Takipçiler
Month of Azure Red Teaming Giveaway!
I am giving away two seats of @AlteredSecurity Attacking and Defending Azure (CARTP). Please Repost, Like and Reply to participate. I will announce two random winners tomorrow.
alteredsecurity.com/online-labs
#RedTeam #Pentesting #Azure
English
Scott Massari retweetledi
This is CrowdStrike's Director of Overwatch, so I hope to help spread the word. I believe CS stopped these changes from being pushed out so machines late to the party wont get the faulty driver.
Command in Safe Mode:
del "C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys"
English
Scott Massari retweetledi
Fantastic read on the challenges of building reliable agents. If you think AGI is coming next week you've never tried to build a real world agent.
Garry Tan@garrytan
“If an AI agent carries out a workflow consisting of 10 tasks autonomously but has a 10% error rate per task, the compounded error rate over the whole workflow is 65%.” There is a lot of nuance building production LLM systems
English
@NathanMcNulty @techspence Maddening that it's still pervasive across the entire industry!
With a few decades under my belt, I can count on one hand the number of vendors/products/solutions that actually achieved it.
English
@techspence We don't know how to use what we have, so if we buy the most expensive thing out there, it should practically manage itself, right?
English
Final day of RSA Conference in sunny San Francisco. Join me at 9:40 am in Moscone West 3022 for my presentation with Michael Marriott for an overview of the identity threat landscape. If you missed the book signing, I have a few extra copies with me. Also, today is my birthday!🎂
English
Scott Massari retweetledi
tl;dr on the OpenSSL vuln: it seemed bad originally, but then OpenSSL realized it wasn't critical after all. Treat it like any other software flaw and follow your normal patching cycle. Unlikely to be exploited in real-world configurations.
English
This is a pretty cool community contribution
@
Fox-IT just open sourced their enterprise forensics tooling dissect. This is a big project that some of the smartest people I know have worked on. It supports many filesystems and file formats, all as Python libraries. Docs: docs.dissect.tools / code: github.com/fox-it/dissect
English
@NathanMcNulty Definitely! I bet a lot of orgs are still pushing mobile VPN clients unnecessarily.
English
@scottmassari I see people implementing Microsoft Tunnel so their users can access internal web apps on their phones, and I want to scream
Azure App Proxy can expose APIs too! People just need to know it exists and play with it.
English
What a cool poc.
Azure App Proxy is such a great tool, very flexible. Underated as a digital transformation component, I've seen a lot of orgs that gloss by it when it's likely the best option.
Nathan McNulty@NathanMcNulty
Last night, I got Apache Guacamole published through Azure Application Proxy to share some of my lab machines in a test tenant, and it's so dang cool RDP and SSH right in the browser, no Remote Desktop Services licensing (or crazy farm configuration and certs) Loving this :)
English
So many orgs don't do this.
I've come in to clean up an incident where a TA was responding to the initial triage team on Skype as the compromised user and then moved to another IT user's account.
@
Friendly reminder to all individuals involved in Information Technology: If you suspect a breach has occurred immediately establish an out-of-bounds chat. Otherwise, you might have Threat Actors monitoring your conversations in-real-time.
English
@303Rsa @SteveSyfuhs Curious what you saw as the advantages over the AzureB2C offering, especially with the cost benefit for certain existing customers(first 50k mua free/month)?
English
@SteveSyfuhs I love Azure Ad for everything but as a Microsoft only business we felt forced to use Auth0 for our B2C app. Magic link like technology woulfbe great. Some polish and time and perhaps Azure Ad will get feature parity
English
Rough year for them.
Not hashed is not good
Gal Diskin [email protected]@gal_diskin
New security research: #PassBleed: How to get @okta *master passwords* in *clear text* for *all employees* and several other important findings Why care? Because compromise in your IdP is *game over* for your security A meta thread - Plz RT for reach #identitysecurity
English
@SwiftOnSecurity It's not uncommon, unfortunately.
In an early leadership role I was shocked that it was expected to essentially have a bell curve when doing yearly reviews.
English
Yearly reviews were not to determine merit but kill aspiration.
English
I was negged for years in my reviews. I was never good enough. There was always unoverlookable flaws.
I later realized as much as I nominally liked my supervisor, they were forced to mark me as 3/5 on knowledge.
I left that job for x the pay and awarded Microsoft MVP month later.
English
That moment where you try to take a picture of 50 cent and trying to make sure he doesn’t notice and immediately makes eye contact with you 😂😂😂
English
@notshenetworks @TechEmiiily @taterstiltskin Many women powerlifters/bodybuilders also track, so their coaches can make accurate, data driven changes in diet/load. Some do it to also track when certain variables have caused missed periods (e.g. diet induced hormone impact).
English
@TechEmiiily @taterstiltskin I love the implication that married women aren’t interested in tracking their period or fertility lmao it’s almost like they have no idea what the f they’re doing
English
@ChicagoCyber I would lean towards hyok plus tokenization.
Have seen byok be misconstrued, e.g. it's not enough to protect from subpoena request when talking O365 (actually need double key encryption).
But yes we as industry professionals need to push on vendors to drive that baseline standard
English
@a_r_i_t @mattblaze Admin for everyone on a shared account and forget firewalls and MFA, because every company will be exposed to malware one way or another. Boards should stop worrying about the risk.
English
@mattblaze At this point ... almost all of us are going to get exposed to COVID one way or another. What value is there in obsessing over the risk?
English
We don't have solid numbers for RSAC, but it sure doesn't sound great.
Meanwhile, BH is apparently not planning to require masks or vaccination. Doesn't bode well for hacker summer camp this year.
@
RSAC branded a 'super spreader event' as attendees share COVID-19 test results reg.cx/44sh?utm_sourc…
English