Samuel Bourgeois

Finally stopped skipping #legday. Working way too much lately, this is the only balance keeping me sane and #blueteamfit.

#blueteamfit even on Sundays…

Last set of the day; bad form but almost got 4 sets of 10, pyramid up to 70lbs (70, 65, 60, 55). #blueteamfit

650# leg press + endless crunches! Way too heavy but wondering if it’s mad muscle gains😬 #blueteamfit

Finally getting back to pre holiday form! 480# fail, but feeling great on the decline! #blueteamfit

cc .@aza .@tristanharris .@sp_bourge .@elonmusk

@HackingDave @ryd3v Legend!!

@ryd3v Insane lol.. Like wtf am I doing

Spotting Ronnie

VMware makes Workstation Pro and Fusion Pro free for personal use - @LawrenceAbrams bleepingcomputer.com/news/software/… bleepingcomputer.com/news/software/…

CISA and review board torches Microsoft internal response and how bad the 2023 compromise actually was. It was way worse than what was communicated from Microsoft - way way way worse and avoidable. This is a good read and something folks really need to equate in their own threat models and risks in cloud - especially one as high profile as Microsoft/Azure. Extremely alarming imo. Key highlights below is scary AF. Also bang up job on this report from @CISAgov - grade A disclosure and documentation and analysis. Also, this isn’t me bashing the amazing folks that work at Microsoft. Some of the most brilliant folks out there. What is clear is that there needs to be some serious and concerted effort on monitoring and massive momentum on additional security controls (esp keys to kingdom ?!) to protect their cloud infrastructure that other cloud providers already have that Microsoft is seriously lagging behind in. Excerpt below: “Given Microsoft’s inability to determine how and when the adversary was able to steal its signing key, all CSPs should review and revise as appropriate their logging and overall forensics capabilities around their identity systems and other systems that enable environment-level compromise, such as root key material. 1. the cascade of Microsoft’s avoidable errors that allowed this intrusion to succeed; 2. Microsoft’s failure to detect the compromise of its cryptographic crown jewels on its own, relying instead on a customer to reach out to identify anomalies the customer had observed; 3. the Board’s assessment of security practices at other cloud service providers, which maintained security controls that Microsoft did not; 4. Microsoft’s failure to detect a compromise of an employee's laptop from a recently acquired company prior to allowing it to connect to Microsoft’s corporate network in 2021; 5. Microsoft’s decision not to correct, in a timely manner, its inaccurate public statements about this incident, including a corporate statement that Microsoft believed it had determined the likely root cause of the intrusion when in fact, it still has not; even though Microsoft acknowledged to the Board in November 2023 that its September 6, 2023 blog post about the root cause was inaccurate, it did not update that post until March 12, 2024, as the Board was concluding its review and only after the Board’s repeated questioning about Microsoft’s plans to issue a correction.” cisa.gov/sites/default/…

3...2...1...Let's go! Check out the new 2024 BSides Tampa logo & Artwork!! Thank you, Chris Machowski @runguns , with @RANSOMWEAR for the new look. See you all on April 6th, 2024 University of South Florida Marshall Student Center!! buff.ly/3HrlNMa

Around July, 2023 an individual operating under the alias "Blue" and "Trout", successfully phished someone and stole $213,000 from the victim. They subsequently paid a group of men to dance and thank the victim for the money.

#NoDaysOff #wehackhealth chest and tri day - heavy sets.

I don’t usually brag about my IT skills… but I just keyed in an upper, lower, number, special, 16 character random pw on the first try with a FireTV remote in under 90 seconds. 😏🤣

Desperately looking for IFAKs/tourniquets for a TDF unit about to be called up. The need is urgent and immediate. Their supply officer has called me and I can put you directly in touch with him. I don’t have time to source enough before I arrive. Any help absolutely appreciated.

The Federal Trade Commission has found that Alexa, Amazon’s personal voice assistant technology, violated a federal law meant to protect kids. wapo.st/42ewsSw

450lbs for 8 reps; new PR!! #wehackhealth #blueteamfit rep’ing @JackRhysider #jacked

Well, here we go again…

🫣That moment when you realize your bench (decline 450lbs) is more then your leg press… #wehackhealth #dontskiplegday 😬

THE TIGERS TAKE IT #NationalChampionship x @LSUwbkb