ComputerDoWhat's profile picture. https://infosec.exchange/@ConanChiles

Conan

@ComputerDoWhat

https://infosec.exchange/@ConanChiles

Conan أعاد

Do not mistake the serenity of a professional for peace.


Conan أعاد

Blog writeup of what we know airlockdigital.com/microsofts-rev…


Conan أعاد

Something is happening at Digicert. It looks like on many Windows systems the VeriSign Class 3 Public Primary Certification Authority - G5 root certificate (serial: 18dad19e267de8bb4a2158cdcc6b3b4a) has been revoked as of around 9 hours ago.


Conan أعاد

Had some fun last weekend with dumping NTHashes from #AzureAD / #EntraID ◾ I can now force AADConnect to use my certificate to encrypt Windows legacy credentials 😈 ◾ Forcing full password hash sync on AzureAD Connect syncs all NTHashes encrypted with my certificate 😱 Not a…


Conan أعاد

Finally my talk from @x33fcon is online! 🔥 I try my best to explain what websites could do to protect the users against reverse proxy phishing attacks like Evilginx.🪝🐟 There is also a bonus live demo at the end with some Evilginx Pro secret sauce! 💡 youtube.com/watch?v=C-Fh4s…

mrgretzky's tweet card. 16. How Much Is The Phish? Evolving Defences Against Evilginx Reverse...

youtube.com

YouTube

16. How Much Is The Phish? Evolving Defences Against Evilginx Reverse...


Conan أعاد

Handy little tool you may not be aware of; IdFix, if you are having issues with certain objects not syncing up to Microsoft Entra ID from on-premises Active Directory, this can help you find and fix the problems - microsoft.github.io/idfix/


Conan أعاد

Agencies are throwing it all into the cloud at the behest of a certain cohort of software engineers/manager types with acronyms and credential letters splattered all over their LinkedIn—with zero analysis of workload variability, deployment frequency and software leverage points.


Conan أعاد

Reassuring message for Commonwealth Bank customers after $10 billion profit announcement.

من ABC News

Conan أعاد

Break free of hardware licensing sales models with #UniFi. Learn more at ui.com


Conan أعاد

Dropping #Downfall, exploiting speculative forwarding of 'Gather' instruction to steal data from hardware registers. #MeltdownSequel - Practical to exploit (POC/Demo) - Defeat all isolation boundaries (OS, VM, SGX) - Bypass all Meltdown/MDS mitigations. downfall.page


Conan أعاد

#PingCastle 3.1 released !!! pingcastle.com/download/ Active Directory & AzureAD security health check in seconds >200k AD audited, management readable, no install, no admin, no data sent "to a cloud" Example of report: pingcastle.com/PingCastleFile… github: github.com/vletoux/pingca…


Conan أعاد

First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.html


Conan أعاد

⚡️💻 BREAKING: Wiz Research reveals surprising elements of the recent Microsoft Storm-0558 incident — it's much bigger than you thought! Here's what you need to know:

wiz_io's tweet image. ⚡️💻 BREAKING: Wiz Research reveals surprising elements of the recent Microsoft Storm-0558 incident — it's much bigger than you thought!

Here's what you need to know:

Conan أعاد

Done my talk in #bsidesbrisbane . Great vibes. Thank you everyone who listened to my talk. If someone happen to have a picture of me presenting, I appreciate if you can share that photo.

Sh1n0g1's tweet image. Done my talk in #bsidesbrisbane . Great vibes. Thank you everyone who listened to my talk. 

If someone happen to have a picture of me presenting, I appreciate if you can share that photo.

Conan أعاد

Meta turned over their DMs, used as evidence to convict them on felony charges for accessing criminalized healthcare. Meta had no choice -- they had the data so had to hand it over. End-to-end encryption keeps people safe. jezebel.com/nebraska-mom-p…

jezebel.com

Nebraska Mom Pleads Guilty to Giving Abortion Pills to Her Teen Daughter

Jessica Burgess faced eight years in prison for helping her then 17-year-old get abortion pills. A plea deal brought it down to two.


Conan أعاد

Nobody knows what the hell a DBA does but trust me you do not want to be doing it.


Conan أعاد

A security director that hired me on but I no longer report to told me one of the greatest wisdom shots I've ever heard: Every network they've ever defended is a mix of accidentally great security decisions baked-in & thus accepted as trivial — and profoundly innovative failure.

هذه التغريدة لم تعد متوفرة.

Conan أعاد

Not even #tradingStandards know what to do. No Directors but still trading... and leaking everyone's #PII and #paymentData

Stumbled upon an enormous breach (PII, payment info, stripe keys, Facebook, Google, email private keys etc) and upon reporting to the business, it has no directors! Trading illegally & thus nobody I can contact or relay info to. It's a first for me. Thoughts?



Conan أعاد

📅 The schedule for #BSidesBrisbane is here! It's packed with thrilling talks and amazing networking opportunities. 🎉 Join us on 15 July 2023 for a day of cyber security knowledge sharing and collaboration. Check out the full schedule at bsidesbrisbane.com/schedule/


Loading...

Something went wrong.


Something went wrong.