Vulnerability and Exploitation Analyst @Mandiant, Army Vet, Comments here are my own and are not those of my employer

Joined March 2019
Can we put this on the signup page?
Advice to people who experience sudden Twitter prominence. Don't engage with the new influx of trolling & harassment. Absolutely don't amplify it, even if you seek only to critique it. Don't compulsively look at replies & mentions, either. Spend your energy doing what you do.
Show this thread
0
0
0
1
nluedtke retweeted
Advice to people who experience sudden Twitter prominence. Don't engage with the new influx of trolling & harassment. Absolutely don't amplify it, even if you seek only to critique it. Don't compulsively look at replies & mentions, either. Spend your energy doing what you do.
32
209
54
1,395
Show this thread
nluedtke retweeted
Confirmed this second by a friend in Hong Kong. S16E12 of The Simpsons is removed from Disney+ in Hong Kong.
78
1,356
95
3,411
"We're way beyond birthdays now, I'm going to have write a special program here."
0
0
0
0
Start ups have advantages over the established vendors, their ability to focus with less tech debt allows them to reap big rewards if they execute. don’t discount or assume a start up lacks visibility due to time the company has been around, those employees have legit experience
0
0
0
1
Things i learned this week. 1 - Discord is a Social Engineering gold mine and given their list of "out of scope" vulns, its not likely to get better anytime soon. 2 - Creating a QR code and leaving it next the salt+pepper shakers at a restaurant will result in many visits.
1
0
0
1
It does not seem to matter if that restaurant uses QR codes for their menus at all...
0
0
0
0
nluedtke retweeted
Plot twist. MG says that Palo Alto Networks actually fixed that controversial 0-day a year ago — and they fixed it a month *before* Randori found it in Oct 2020. So the only systems that remained vulnerable the last year were ones that weren’t patched.
Hey... did anyone notice that PAN 0day was fixed in a version that was released over a year ago? Guess it wasn't easy to notice under all the loud opinions about ethics. 🤣
Show this thread
10
56
3
198
Show this thread
Just continuing this thought piece...if CVE-2021-42321 was demo'd at Tianfu Cup...
Thought train for the morning. If researchers compete at a hacking competition in China and demo a 0day successfully, are they not required to also turn over that 0day to the Chinese Government per the rules laid out by CAC? 🤔
0
0
0
4
Hope you remember how to patch those Exchange Servers
1
0
0
0
As if infosec wasn’t enough, I’ve take on being the president of my HoA … not what I expected… depending on the community it could easily be another full time job…mistakes were made.
1
1
0
2
Fearmongering is the basis for several organizations and industries…
0
0
0
0
Claiming that any government is taking meaningful steps against ransomware, is delusional…
0
0
0
2
Companies should inspire their employees…
0
0
0
0
In future engagements, most contested environments will be GPS denied.
0
0
0
0
Stop using niche VPNs…
0
0
0
1
Winnie the Pooh wants you to believe that COVID came from lobsters…
0
0
0
0
Thought train for the morning. If researchers compete at a hacking competition in China and demo a 0day successfully, are they not required to also turn over that 0day to the Chinese Government per the rules laid out by CAC? 🤔
1
1
1
1