Vulnerability and Exploitation Analyst @Mandiant, Army Vet, Comments here are my own and are not those of my employer

Joined March 2019
Pinned Tweet
If the majority of appointed senior policy positions consist of @NSACyber people, it should be no surprise that you are going to end up with warped view on cyber security policy...#dontbesurprised
1
0
0
5
In a past life, I had to help decide what stream to base off of and what patches to pick up and when. @kees_cook provides very important advice here, sadly many vendors will be too far in debt to action it…
security.googleblog.com/2021… Want to have a secure Linux kernel? Continuously update, and avoid redundant work by participating with upstream! We need more investment in bug fixers, reviewers, testers, infrastructure builders, toolchain devs, and security devs. Make it happen. :)
1
0
0
1
InfoSec Twitter been going on about the same topics for over a month now...with no real progress...
2
0
1
0
It seems that in most cases red teams are faster at incorporating free 0days than Threat Groups....
1
5
3
22
You can conduct the best research/analysis possible, but if you can't communicate it to decision makers and stakeholders then its near useless.
0
0
0
1
These type of interviews only demonstrate that your company has a toxicity problem…
If people cry in your interview process, it is terrible. I am floored that someone *bragged* to me that their coding challeges make people cry.
0
0
0
3
GIF
nluedtke retweeted
What happens when Microsoft accidentally gives BUILTIN\Users the ability to read the Windows 10 SAM: Mimikatz lsadump::sam as a non-admin user, for example. Some installs off of very-recent ISO builds are not vulnerable. But assume you are vulnerable until you prove otherwise.
11
163
10
381
Show this thread
nluedtke retweeted
RT for coverage please: Who's #hiring in the security sphere? One of my good pals is looking for a role in Security. They have a vast skillset: Policy Advisor, Law Enforcement Liaison, Events and Project Management. (not going to tag them upon their own request) Reply or DM 😎
7
18
1
18
Show this thread
Celebrate your indictments….I wait for real action…these people aren’t traveling anyways….
1
0
0
0
It’s a good day for those needing to escalate on a Win10 box. I’m seeing similar results….:(
Replying to @GossiTheDog
Confirmed; works on a Win10 Professional endpoint. It looks like the ACLs have been set wrong in Win10 on SAM database. 🤦‍♀️ It’s obvs not the only priv esc as the print spooler stuff also works out the box.
Show this thread
0
0
0
0
If you are playing sensationalist CyberSecurity "News" Reporting Bingo at home this week, you might have bingo already...on Monday...
1
0
0
1
Unfortunately I was laid off from my new job of “3 weeks” today due to them “realizing” they want a more experienced or senior person.If anyone is hiring junior Devops or cloud Security Engineers I’m available and ready. #infosecjobs #BlackTechTwitter #tech #infosec #techishiring
171
1,375
82
2,066
Show this thread
Cyberpsychology. Yep that’s a wrap I’m out. (For the week) nsiteam.com/social/wp-conten…
0
0
0
0
If you think every org can “just disable print spooler” you don’t know the holes that some vendors/orgs are in regarding legacy tech/equipment. Think healthcare settings…
1
1
0
8
This is becoming hard to watch, @msftsecresponse continued to tell people the patches worked…. msrc.microsoft.com/update-gu…
0
0
0
1
A lot of infosec people congratulating Facebook while at the same time they become less transparent regarding disinformation…
0
0
0
0