cherokeejb_

@[email protected]
26 Followers
6 Following
141 Posts
///
soc, blue team, threat hunt, 'computer forensics,' EMEA "security book club" facilitator @brakesec
-
denying by default & stress testing this Life
///
my blog (computer forensics netsec focus)https://cherokeejb.blogspot.com
twitterhttps://twitter.com/cherokeejb_
cherokeejb_Aug 24, 2018
sorry all with so many things to learn and work on, and so much life to live, I'm just usually to toot to toot :-}} need to catch up on here|!
cherokeejb_Aug 6, 2018

https://cherokeejb.blogspot.com/2018/08/packet-analysis-and-timestamping.html

Mommy where do timestamps come from??

Packet-analysis and timestamping

It's not enough to just know your tools; a great engineer knows their tools inside out. You're going to eventually have to analyze ...

cherokeejb_Jun 26, 2018
banned for burgerpostingJun 17, 2018
i immediately assume any word ending in d is a daemon tbh

fired? fire daemon
card? car daemon
word? wor daemon

What these daemons could possibly be doing? I have no clue, but you can be sure they're always there... running in the background
cherokeejb_Jun 26, 2018
TarikJun 19, 2018
Does cyber insurance make us more (or less) secure? https://www.csoonline.com/article/3280990/security/does-cyber-insurance-make-us-more-or-less-secure.html#tk.rss_all #infosec
Does cyber insurance make us more (or less) secure?

Underwriting cyber risk remains more art than science, but in the absence of regulation, cyber insurance might still be the best hope for improving cybersecurity practices across the board โ€” at least for now.

cherokeejb_Jun 25, 2018
if anybody is in NW AR / SW MO I'll be in town for a couple weeks in mid July, dm me. I'm trying to get some informational meetings in Security to move back to the area. <As well I'll be at BSides Springfield again (this time with Sunny Wear & Bryan Brake) is going to be ..interesting...^^>
cherokeejb_Jun 4, 2018
Jerry ๐Ÿฆ™๐Ÿ’๐Ÿฆ™Jun 2, 2018
@espen there are some important nuances in the GDPR that most people seem to be unaware of which makes the regulation stand out from anything else. Iโ€™m canโ€™t do it justice even in 500 characters, so will write a blog post about it. The essence, though, is that the problem is around the security expectations, not consent, right to be forgotten, et al.
Show threadcherokeejb_Jun 1, 2018
@espen I gave you a thanks-"shout out" in this. From right here on mastodon ๐Ÿ˜Ž ๐Ÿ‘
cherokeejb_Jun 1, 2018

New post to share:

https://cherokeejb.blogspot.com/2018/05/linux-privilege-escalation-preview-last.html

If such a strange vulnerability exists in fundamental programs like top (procps), we should be diligent and creative to find more, and protect against them, and of course know your systems inside & out. ^

Linux Privilege Escalation Preview: Last week's "Top" Vulnerability

with a logo like this, who can resist to learn more An interesting report by Qualys Last week a rather intriguing alert came across...

cherokeejb_May 28, 2018

Anyone know of any case at all where no $HOME constant is set by default on linux or unix? maybe in #iot ..or #busybox or similar

- writing a blog here shortly about last week's "top" linux priv esc vulnAnyone kno

..or like which dev found the original bug..?

back tooting after a long winter ๐Ÿ‘

cherokeejb_Nov 16, 2017
Jerry ๐Ÿฆ™๐Ÿ’๐Ÿฆ™Nov 4, 2017
Some thoughts on cyber security while at the Oโ€™Reilly Security Conference: https://infosec.engineering/random-thoughts-from-the-oreilly-security-conference-2017/
Random Thoughts From The OReilly Security Conference 2017

I had a chance to attend the Oโ€™Reilly Security Conference earlier this week.  I find that when I am at these conferences, I get into a mode of thinking that is more open and creative.  Here aโ€ฆ

Infosec Engineering