Posts by woland@infosec.exchange
 (DIR) Post #9xaPTSl4masbW0Ik6a by woland@infosec.exchange
       2020-07-29T18:21:30Z
       
       0 likes, 0 repeats
       
       Really enjoyed your talk on federated instances at HOPE conference today c0debabe @TheGibson, @TheDoctor, and R¥. Wanted to make sure I caught it live. #hopeconf
       
 (DIR) Post #9xdHQ32BocwRm3MQxE by woland@infosec.exchange
       2020-07-31T03:35:22Z
       
       0 likes, 0 repeats
       
       @R10T Michael Bazzell's podcast The Privacy, Security, & OSINT Show https://www.inteltechniques.com/podcast.html Or anything from him really.
       
 (DIR) Post #9xdHUu6WReFxWehdzs by woland@infosec.exchange
       2020-07-31T03:36:15Z
       
       0 likes, 0 repeats
       
       Hey look everybody, the DHS is using #OSINT to collect information on journalists. From the article it doesn't  look like very sophisticated intelligence, but read from it what you will. https://www.washingtonpost.com/national-security/dhs-compiled-intelligence-reports-on-journalists-who-published-leaked-documents/2020/07/30/5be5ec9e-d25b-11ea-9038-af089b63ac21_story.html
       
 (DIR) Post #9xgjt6EkMs8oIMktnM by woland@infosec.exchange
       2020-08-01T19:38:30Z
       
       0 likes, 0 repeats
       
       @TheGibson I'd be interested if you don't have anyone else.
       
 (DIR) Post #9xgkaeKRUUzQTuBZWi by woland@infosec.exchange
       2020-08-01T19:46:10Z
       
       0 likes, 0 repeats
       
       @maxeddy Lol. That was fast. But those journalists were obviously dangerous, elite hackers and totes deserved it!!111
       
 (DIR) Post #9xnccq9Eof9k2V1ii0 by woland@infosec.exchange
       2020-08-05T03:20:02Z
       
       0 likes, 0 repeats
       
       If I'm being honest I've never been to DEFCON and I'm not really the type. I've never liked big crowds and 30,000 people is a little much. But this year it's virtual and the price is right!On Thursday I'll be in an all-day class learning about analysis tools like Graylog, Moloch, osquery, Velociraptor, Zeek, Suricata, etc. Those talks will be free to the public on twitch. https://cfc.blueteamvillage.org/call-for-content-2020/schedule/
       
 (DIR) Post #9xncuNIMpRKplaerLs by woland@infosec.exchange
       2020-08-05T03:23:16Z
       
       0 likes, 0 repeats
       
       Then Friday and Saturday I'll be participating in the OpenSOC CTF, learning about threat hunting and IR. And then on Sunday I'll be watching the (free) Blue Team Village workshops I registered for.  Not a bad first #defcon.
       
 (DIR) Post #9xpBc2w5TcA8xrBzxg by woland@infosec.exchange
       2020-08-05T21:26:51Z
       
       0 likes, 0 repeats
       
       When the DEFCON Arts and Entertainment team gives a shout out to Ruth Bader Ginsberg. #defcon #defcon28 #DEFCONSafeMode
       
 (DIR) Post #9zn3TdPw5oCpmT0vMu by woland@infosec.exchange
       2020-10-03T16:30:26Z
       
       0 likes, 0 repeats
       
       I've been quiet lately, but for a good reason. A month ago I got a help desk/network engineering/security job at this really cool MSP. I've already learned so much about system administraton, powershell/GPOs and even physical security systems. We do it all. Three weeks ago I got to see my first big data center and help install a server there. Feels weird to be working in an office as everything is falling apart and so many are suffering. It's surreal.
       
 (DIR) Post #9zn3tIdlxlcOs6iwK0 by woland@infosec.exchange
       2020-10-03T16:35:02Z
       
       0 likes, 0 repeats
       
       Gearing up for my first business trip with the new job. I'm still nervous about flying but I'll be masking up and getting tested multiple times after the trip. Not going to any crazy hot spots. We'll see how it goes. If it wasn't a pandemic I'd see the sights, but not now. (One day I will see the Bell Labs museum in Murray Hill, NJ!) Has anyone in the US traveled by air recently? How was it?
       
 (DIR) Post #9znlipCQxsmEeKkg4G by woland@infosec.exchange
       2020-10-04T00:46:04Z
       
       0 likes, 0 repeats
       
       @jerry Thanks for the info. I'll share my experiences once I fly.
       
 (DIR) Post #9zpDCn0KaCQYRuYzlQ by woland@infosec.exchange
       2020-10-04T17:28:50Z
       
       0 likes, 0 repeats
       
       @JohnsNotHere I really enjoyed your show. Found out about it here. Listened to one episode where you had Marcus on talking about Tribe of Hackers. At the time, before covid-19, I was managing a night club and doing security stuff for fun. I bought the book and read it, and then I started following Marcus on Twitter. Long story short, he ended up funding my Security+ exam and gave me some job hunting advice, and now I work in the industry. It started with your podcast though. 😎
       
 (DIR) Post #9zrpypOxq07V2USXlQ by woland@infosec.exchange
       2019-03-26T18:19:05Z
       
       0 likes, 0 repeats
       
       In one corner we have the Master Lock 570, a pin tumbler lock with a dead core (not spring loaded) and 4 security pins. In the other corner we have a snake rake and tension wrench. Guess who wins? (Within 45 seconds, every single time.) #lockpicking
       
 (DIR) Post #A4HBKpVsSXy2R6s3wO by woland@infosec.exchange
       2021-02-14T20:48:42Z
       
       0 likes, 0 repeats
       
       Lately, I've been looking more into Windows internals, and I found this easy and informative read about pass-the-hash attacks and what they look like in logs. In general, on the source host you'd want to look for EVID 4624 with a Type 9 logon with "Authentication Package: Negotiate", and the seclogo process. https://stealthbits.com/blog/how-to-detect-pass-the-hash-attacks/
       
 (DIR) Post #A4LWDed6oQyuglA36W by woland@infosec.exchange
       2021-02-16T23:01:47Z
       
       0 likes, 0 repeats
       
       AFAIK #LastPass service changes will limit the use of the password manager to either mobile or desktop; you will not be able to use both without paying approx. $36 yearly. Free users will also lose email support. This isn't a big deal for me--I only use it on a few devices. I'm also not against paying a fair price for services. But I think we're seeing a backlash here because it signals that this is likely going to be the first of many ill-conceived changes to come for this popular app.
       
 (DIR) Post #A4LnToFqUgNkOSZLX6 by woland@infosec.exchange
       2021-02-17T02:15:11Z
       
       0 likes, 0 repeats
       
       Why yes, I do enjoy the disgruntled, fine-print warnings that IBM attaches to its security products. The all-caps at the end is a nice touch.
       
 (DIR) Post #A4M05Y5kEb8iiebepk by woland@infosec.exchange
       2021-02-17T04:36:28Z
       
       0 likes, 0 repeats
       
       @JohnsNotHere I'll have to look into 1Password. I was reading a bit on LogMeIn today and that did not inspire confidence for the future.
       
 (DIR) Post #A8rnU4jyVSSrRBlr8a by woland@infosec.exchange
       2021-07-02T04:13:42Z
       
       0 likes, 0 repeats
       
       I can write in COBOL, I can foil a ransomware attack, I can decipher pcap files, but I can not spell the word "schedule" to save my life.
       
 (DIR) Post #ABLNcsDC6olfukCMMK by woland@infosec.exchange
       2021-09-14T06:29:30Z
       
       0 likes, 0 repeats
       
       When Ultravox's Vienna inadvertently syncs perfectly with the 1959 Twilight Zone episode you have playing on mute....
       
 (DIR) Post #AxGorGDVTkgQRFYiki by woland@infosec.exchange
       2025-08-17T18:28:39Z
       
       0 likes, 1 repeats
       
       In a world full of Zucks, be a Woz https://www.pcgamer.com/gaming-industry/on-his-75th-birthday-apple-legend-steve-wozniak-pops-up-in-a-comment-thread-about-his-bad-decision-to-sell-his-stock-in-the-80s-with-a-devastatingly-zen-reply-i-gave-all-my-apple-wealth-away-because-wealth-and-power-are-not-what-i-live-for/