Share this page!

Enter Twitter Thread URL to Unroll

Needs to be the full URL like: https://twitter.com/threadreaderapp/status/1644127596119195649

How to get URL link on Twitter App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
mRr3b00t Profile picture
@UK_Daniel_Card
Apr 21 4 tweets 4 min read Twitter logo Read on Twitter
Had an awesome time this morning with @Tzardan where I learnt something about #politics and then we chatted about the #cyber security society challenges and how #communication is key to helping #solve todays and tomorrows cyber #challenges! 🫡❤️🇬🇧🤗 ImageImageImageImage
I also promise I did not jack into their net ;) 😈 ImageImageImageImage
Also I’m a shirt ass and Dan had to keep bending down to fit in selfies 🤣🤣🤣 ImageImage
^short 🤣🤣🤣🤣

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with mRr3b00t

mRr3b00t Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @UK_Daniel_Card

mRr3b00t Profile picture
Apr 22
Shall we go do some cyberz? Sort of simple this one, chrome triggered an SMB connection to google on install. The binary is signed by google, the file size is not elevated. It looks legit.. but it triggered an alarm 🚨 (also bear with me I have a headache… :( ) Image
Now I’m gonna deploy a quick vm locally. Windows 11. Then deploy MDE. ImageImageImage
Now you can obviously use public sandboxes but I really wanna be able to look at this in detail because the behaviour is odd but looked legit. So by me looking publically we can share the findings with the world to help peole! ❤️ proving integrity is much harder than assuming it… twitter.com/i/web/status/1…
Read 12 tweets
mRr3b00t Profile picture
Mar 11
#Veeam Community Edition Install on server 2022 for the #Ransomware Lab
Backup and Replication License Agreement goes brrr
I ACCEPT
Now here is the default config
Read 28 tweets
mRr3b00t Profile picture
Mar 10
ok let's #ransomware some servers! (in a lab of mine not for real coz it's NASTY!)

VMs go BRRRRR

But wait... we are gonna look at how we can PROTECT, RESPOND and RECOVER! I'm going to deploy @Veeam to help me (coz I like the product, it rocks!)
to start with I'm going to just do some PREP. We are going to need to think about Initial Access then Escalation to Domain Admin and then RAMPAGE!
I'm gonna thread some stuff whilst I build.. I'm going to start with using @VMware workstation PRO. I might do some stuff with the RACK mounted servers but let's see.
Read 45 tweets
mRr3b00t Profile picture
Mar 10
NCSC CAF 3.1
Vulnerability management IGPs (indicators of good practise) let's take a look at some real world stuff...
"You do not understand the exposure of your essential function to publicly-known vulnerabilities."
I think 90+% of orgs will meet this criteria..

this would put most orgs at NOT ACHIEVED.

"You do not mitigate externally-exposed vulnerabilities promptly."

most orgs aren't that… twitter.com/i/web/status/1…
don't worry there is more..

"You have not suitably mitigated systems or software that is no longer supported."

I can go on a Shodan safari and point out this one quite quickly in most orgs..

An example: UK hospital running a public VPN which is out of learn.microsoft.com/en-us/lifecycl…twitter.com/i/web/status/1…
Read 5 tweets
mRr3b00t Profile picture
Mar 10
The idea management need to not really understand computer science and security in depth is probably partly why our world has such a shit cyber security posture! If you think management decisions should be made as n uninformed zombie please think again… same as… twitter.com/i/web/status/1…
I’m assuming the people that think this:
A) have not led and managed teams (fixed or project based) and
B) have a CISSP and not much else

😂😂😂😂😂
Part of the reason it’s such a mess is because people leading didn’t know what they were doing. If you have ever worked with people that don’t know what they are doing and they are in charge it’s a fucking nightmare!
Read 4 tweets
mRr3b00t Profile picture
Mar 9
ok my day plan has changed! time to make a tea and then I think I'm going to do some work on SECURITY ORGANISATIONAL DESIGN for orgs that have:
> HERITAGE (people used to call this LEGACY)
and
> PRODUCT!
now remember the first rules of org design are there are NO RULES of org DESIGN! but there are good vs bad ideas! there are also a million different different ways orgs organize their businesses so this is not ever going to fit an org (if it does it's luck!) but it's some food… twitter.com/i/web/status/1… Image
now i'm sketching on the fly here...
We need to think about
CHANGE THE BUSINESS
RUN THE BUSINESS
and then we have
the PROJECT vs PRODUCT scenario...

simple right! Image
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(