GuillaumeBen

@domchell If it's your scope, i get it. It's just not what the vast majority need (only). Although ofc, i expect something else than expected and basic recon from a competent red team.

@tux_be We're here to prove the art of the possible and demonstrate real world impact. The clients we engage with are usually the ones who want to know how they stack up against the high end %. If you want coverage get a purple team.

I wonder why I try so hard on red teams sometimes if this shit works 😅

@domchell So you test your blue team only on 0.01% of incidents ttps (real APTs) all the time? That does not sound about right either.

If you pulled any of this on one of our red teams, it would be the last one you ever did 😅

@jsecurity101 Kel definitely! The worst stays Elastic though.

I had to use Splunk to query something today for the first time in a long time. I hope it's the last time in a long time. Inb4 all the Splunk lovers come after me, KQL > SPL.

Playing with computer vision, guillaumeben.xyz/Quishing-Compu…

@HackingDave Great message there @HackingDave !

What I love about this industry and community is I learn from folks everyday. Doesn’t matter if they are just starting off or experienced. Tag me in this thread if I’m not following you and I’ll follow you. I look forward to learning from you and what you do next! 🫡 #FF

Quak 🦆! Goodbye #Qakbot, I hope we won't see you ever again 👋. And this is how it looks like from Feodo Tracker' perspective ⬇️. All #botnet C2s are offline 🛑 feodotracker.abuse.ch/browse/qakbot/ Tango down! 💪

@chrisalbon Unless you don't understand security, i don't see how using local Python install is good.

I love that Excel’s solution to installing Python is to just not do it. Legends.

@qkaiser Isn't that infosec life? Bookmarking stuff and never find time to read it? 😅

It’s officially august when I want to load all the USENIX preprint on my e-reader but won’t have time to read any of them.

@vxunderground Would love to see them 'give the key' when victims pay 👀

NoBit ransomware group states they encrypt data in SHA 😭😭😭

@light47 @markusdd5 @engineers_feed @emurgo_io Right 😂

@markusdd5 @engineers_feed Crypto is here for that. Cardano will solve this with stable coins. @emurgo_io will release the first fiat backed coin $USDA

What doesn't need to exist anymore but won't go away?

@AliceCliment Great article 👍

Finally done! My latest article introduce the basics of Windows kernel drivers/internals and how to find and exploit process killer drivers using LOLDrivers 🤓 I hope you'll enjoy it! alice.climent-pommeret.red/posts/process-…

@scrumdumpster69 So you don't have a certification in XYZ experience??

Does anyone know where I can get some [ENTER XYZ EXPERIENCE THAT CANDIDATE IS LACKING]???

@cybersecmeg Always depends on metabolism as well

@cybersecmeg Thats one week of eating? Probably not enough vegetables and also some transformed food you should avoid, alpro and similar"high protein" marketing stuff are crap. Probably missing some glucids if you do sport. Glucids arnt to ban, they are to limit (depends on your activity).

@cybersecmeg Now i have seen one of your other reply with sample of day eating and its good. I do similar but i don't need/want to lose weight, just keep building muscles and i do 5-6times sport/week. I do add collations at 11a.m and 4pm generally though like yoghurt/skyr or healthy desserts.

@cybersecmeg Too me it's so much overrated. But if it can help people learn the basics why not!

Earning the CISSP quite literally changed my career and my life - without earning the certification, “Cybersecurity Meg” would never have been created. In order to be an official CISSP holder, you need to have 5 years of experience working in the field (1 year can be replaced with formal education), but if you are unable to meet that requirement just yet, I urge you to look into (ISC)²’s One Million Certified in Cybersecurity opportunity where you can earn FREE Cybersecurity training and a FREE certification attempt. The campaign is geared at entry-level folks who are trying to make their way into the Cybersecurity field, or even for those who already work in the field to bolster their fundamental Cybersecurity skills.    Take advantage of this opportunity to garner more knowledge while you can!   Learn more about One Million Certified in Cybersecurity at: bit.ly/LearnMore_MegW…   #ad

@reprise_99 First job, as a consultant, i did an 'alter table' in production to an Oracle DB, with a full manufacturing line using views based on these tables. I let you find what this does but product line stopped for 1 hour.

Infosec/sys admin mistake therapy session: what's the worst mistake you have made that you can now laugh about months or years later? I enabled MFA in Conditional Access on 35,000 phones thinking ActiveSync was fully MFA aware, it was not. Let it out, this is a safe place.

Note you may already be licensed for Azure AD Application Proxy, which is literally the use case this is for. Everything is behind an authenticated reverse proxy. No public services. Kill your VPN.

@4ndr3w6S Reading this seems similar to warnings on thermometers: Once used rectally, the thermometer should not be used orally.

Domain Controllers are not PAWs. Please DO NOT USE your Domain Controllers as “jump boxes” to other systems.