Profile picture
Lesley Carhart @hacks4pancakes
, 3 tweets, 1 min read Read on Twitter
I know it seems silly to complain about something that benefits my research personally - but this latest Shamoon incident (and story) is another textbook case on training your analysts and IT teams to not upload potentially targeted malware to VirusTotal (etc) without approval...
Once it’s out there, it’s out there. And people start asking Questions. Researchers on a good day. Reporters on a bad day.
(Once the cat is totally out of the bag, of course, I highly encourage sharing samples and IOCs within policies.) 👍🏻
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Lesley Carhart
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @hacks4pancakes see all

Profile picture
This. THIS is the reason I have to carefully research and buy hundreds of dollars of new clothes before business travel to any new locale, before appearing on news outlets, before attending a formal event. This.

Because not even the most powerful woman in US politics is immune.
Have you heard about the 'weathergirl dress'?

It's a $25 dollar dress on Amazon, and one you have seen it you can't unsee it. Because tons of newscasters wear the same one in various colors - it fits some bizarre dress codes and on-camera requirements.

dailymail.co.uk/femail/article…
Okay so, there are only certain colors you can really wear on video. Red, white, black, and patterns like stripes don't show up on camera well. Green is no-go. So the majority of women's business attire is out, because it's all patterned crap, or colored suits.
Read 6 tweets
Profile picture
The Zurich / Mondelez case is going to have implications for cyber insurance sales and where CISOs spend money. Not only is Zurich’s claim apparently that nation state adversaries can’t be insured against, but it adds the ever tenuous question of attribution to insurance claims.
I mean, they’re not entirely wrong to be wary - if a dedicated state actor wants to compromise your organization, they probably will. That’s not really what happened in the case of NotPetya, though. By design, most of the victims were merely recon-less targets of opportunity...
I can see some really fuzzy semantic space there, even with a clause involving state-sponsored / wartime activities. What if codebase from a state adversary is reused in a commodity attack? Will insurers present their own reversers as expert witnesses?
Read 7 tweets
Profile picture
Something that has served me incredibly well over years working incident response is willingness and capability to play devil’s advocate. When I’m told something is on fire, I take a moment to evaluate if it truly is. When I’m told something isn’t afire, I consider why it may be.
Which do I find myself doing more? To be honest, it’s often arguing against IT folks (and my better sales pitch) that things aren’t as catastrophic as they think. Panic is counterproductive to triage. I do plenty of arguing that conditions really do merit faster response, though.
Good science and investigation involves attempting to disprove hypotheses using quality evidence, methodology, and logic. To be a good investigator and responder, you need to be logical, collected, and always willing to challenge assertions (and have yours challenged as well).
Read 5 tweets

Related threads

Profile picture
Another 🔥 RT from @FORSCOM:

“TRAINING REMAINS A VITAL LIFELINE FOR SOLDIERS”

The @USArmyMCCoE is located in LEAVENWORTH, [KANSAS].

The Mission Command Center of Excellence is an integral training base for the [NATIONAL GUARD].

#DOITQ 🤷🏻‍♂️
2) Not only is Leavenworth home critical training, analysis and continuing education elements of the US Army; it is also home to the US Disciplinary Barracks:

The ONLY [[maximum security]] prison, for ALL branches of the US Military.

TRUST KANSAS? ✔️✔️
I do. Both.
3) Note the simultaneous reference to [Fort McCoy] in the tweet. Ft. McCoy also serves as a training hub for various events.

In July, Ft. McCoy was home to “Patriot North 2018” which was a joint CIV & MIL exercise sponsored by the National Guard Bureau.

lacrossetribune.com/community/toma…
Read 3 tweets
Profile picture
Limiting Beliefs...

1) to upskill we need to hire externally vs. train internally
2) we’ll fail at X because we failed at X once before
3) we can’t innovate internally
4) [some group] can’t handle transparency
5) we can’t afford “good” developers/designers

(1/5) #teams
6) the team needs to start with training wheels
7) the best people have already left
8) we can’t prioritize w/o a solution in mind
9) they’re not management/leadership “material”
10) I need to do it myself for it to be done right

(2/5) #teams #limitingbeliefs
11) there’s no way we can all work together on that
12) this is too rough to show a user/customer
13) w/o supervision, they’ll just slack off
14) w/o a strict process, chaos will ensue
15) this decision is too high stakes to involve the team

(3/5) #teams #limitingbeliefs
Read 5 tweets
Profile picture
I’ve worked with lots of agile #teams, and some of the symptoms of a well functioning high-perfoming teams that I see are:

👇
They start their daily standups on time.
They tend to laugh a lot and have fun.
Read 86 tweets
Profile picture
Story with pictures:
Jeffy playing in the dirt.
But as always, coming at it the long way around...
That road was literally, no exaggeration no bullshit built in an upland seasonal creek.
If you get the right USGS Topo map you can see, the seasonal creekbed with a purple line right on top of it. Purple line added to map <some year>.
The road is in the creek.
Near the edge of our property the road and the creek separate. The road leaves the creek bed at a curve and heads off uphill. No pic.
The valley steepens, deepens, and cuts back to the east, and the road goes on straight, uphill, into a different watershed.
Read 49 tweets
Profile picture
1) I wonder why no news outlet has so far jumped on the spy videos and pictures from Elon's tent. I think this is a reveal in itself. Dear Linette, Lora, Dana, Charley, Drew, I know each of you has had Tesla scoops. @drewharwell @lopezlinette @lorakolodny @CGrantWSJ @danahull
2) I think the "tent spy" story is another Tesla reveal waiting for publication. Elon Musk claimed that this is a full extra "general assembly line", put up in just 3 weeks, fully operational and already spitting out their most expensive Model 3 version.
3) Elon Musk's claim might not only be an exaggeration, but even an outright lie, meaning that he would have mislead investors. @IspyTsla and
@skabooshka have shot videos / photos that show in much detail how messy this "line" is. The "spy shots" seem to be authentic, and:
Read 10 tweets
Profile picture
The debate around @JoyAnnReid and any views she once held and then blogged about is deeply troubling to me, and for some reason, deeply personal.

First, most whole human beings, every single one of us, have held views in our past that today we would be embarrassed by.

Fact.

1/
A decade & more ago, blogs, for those who read them & those who wrote them (I was both) hardly felt like permanent records.

I know that seems silly now, but this truly is a different world than it was then.

And that world was even more different than the ten before that.

2/
It is only in the last five years that we've begun to understand what these new technologies and modes of communications mean to our lives, and the implications are still being revealed on a daily basis.

Tread carefully these paths we must lest they open to swallow us all.

3/
Read 13 tweets

Trending hashtags

#teams #bigdara #bigdats #EgyptStation #au #AccidentsWillHappen #bigdat #comment #aii #TheBeatles #electroneum #msm #facts #Country #know #retweet #WomensChristmas #map #Exvangelical #online #HappyLaborDay #RESEARCH #ThoughtsAndPrayers #RecordStoreDay #ElvisCostello

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!