Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹

@jaythvv@infosec.exchange
576 Followers
1,099 Following
6.1K Posts

Technical Advisor, Office of the CSO
Trying to figure out Cloud Security and Secure Cloud Transformation, as well as random other stuff of life

#CloudSecurity
#CloudSecurityOperations
#CloudTransformation
#Cybersecurity
#Infosec
#SecOps
#antifa
πŸ‡³πŸ‡± in πŸ‡ΊπŸ‡Έ

It's Mastodon - obviously posts don't represent my employer

Burn, Cybersecurity Industry, Burn

PronounsHe/Him
LinkedInhttps://www.linkedin.com/in/jay-thoden-van-velzen/
Why I am in securityhttps://www.linkedin.com/pulse/what-did-you-do-during-cyberwars-dad-cybersecurity-jay/
Cloud Migration Requires Organizational Transformationhttps://www.linkedin.com/pulse/cloud-migration-requires-organizational-technical-13-jay/
Hyperscale Security Bloghttps://infosec.press/jaythvv/
Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹23h ago
Catbus1d ago

liberal: omg how do we defeat Trumpism

socialist: *explains how*

liberal: that's not realistic, I meant without changing anything

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹1d ago
ACARS Drama1d ago

VDLM2 Message From: N614NN / OH5250

Message: DDDUUUUUDDDDEEEEEEEEEEEE 31 MIN TURN...SMOKIN THA MOGT BRO.... PHILTHADELPHIA GOT GAME ...IT DOES HELP THAT ALL THE RAMPIES WANTED TO GO HOME.......

Track Aircraft

Area: New York City, NY, USA

#acars #vdlm2

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹1d ago

Everything that Trump touches dies....

... including the Canadian Conservatives

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹1d ago
Soatok Dreamseeker1d ago

https://docs.openssl.org/master/man7/EVP_PKEY-ML-KEM/#provider-configuration-parameters

Of course the fucking OpenSSL developers choose the worst possible option for PQ keys.

See https://soatok.blog/2025/03/17/post-quantum-cryptography-is-about-the-keys-you-dont-play/ for background.

They really should've just listened to Filippo. https://words.filippo.io/dispatches/ml-kem-seeds/

EVP_PKEY-ML-KEM - OpenSSL Documentation

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹1d ago
Jon Gales3d ago
It’s so weird seeing the Port of Seattle without any ships. I don’t see how we get out of this without a ton of supply shortages. Empty shelves are coming.
Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹1d ago
Quixoticgeek2d ago

It's important to have a sense of perspective when everything is so divided...

#Photography #Netherlands

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹1d ago
Kevin Beaumont2d ago

That EDR chart from a ransomware group doing the rounds on LinkedIn and the related discussion from people at EDR product vendors all pretending their product is the best is.. well, a mess.

Given basically every EDR product gets routinely bypassed in ransomware incidents (usually by just turning it off), I don't think anybody should be particularly precious.

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹3d ago

when is liberal America going to realize that "laws", "the courts", or "institutions" are not going to save them?

The sooner people realize the next step is a new Constituent Assembly, the better

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹3d ago
Kevin Beaumont3d ago
lol https://www.varonis.com/blog/malicious-firewall-rules-in-azure-sql
Burning Data with Malicious Firewall Rules in Azure SQL Server

Exploiting a security gap in firewall rule-naming can suddenly delete entire servers and targeted assets when combined with admin actions.

Jay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹3d ago
Alejandro3d ago

The Death of Windows 10 Could Net You a Bunch of Free Linux PCs https://www.howtogeek.com/the-death-of-windows-10-could-net-you-a-bunch-of-free-linux-pcs/

The laptop I am writing from is a beast that boots Arch Linux in less than 7 seconds and was discarded by a large corporation for who knows what reason. Anyway, some people's trash, others' treasure!

#linux #circulareconomy

The Death of Windows 10 Could Net You a Bunch of Free Linux PCs

One mans trash is another mans useful trash that runs Linux.

How-To Geek
Γ—
Efani4d ago

🚨 SAP NetWeaver Zero-Day Under Active Exploitation β€” Patch Immediately

SAP has released an out-of-band emergency update to fix a critical zero-day vulnerability (CVE-2025-31324) in NetWeaver Visual Composer β€” and it’s already being exploited in the wild.

The flaw (CVSS 10.0) allows unauthenticated remote attackers to upload malicious files and gain full remote code execution β€” no login required.

Here’s what’s happening:
- Threat actors are abusing the `/developmentserver/metadatauploader` endpoint
- They're dropping JSP web shells and executing commands directly from browsers
- Post-exploitation activity includes tools like Brute Ratel and MSBuild injection for stealth
- Even fully patched systems were compromised β€” confirming this was a true zero-day

Both ReliaQuest and watchTowr have confirmed active exploitation, with attackers already moving to establish persistence and lateral movement.

Who’s affected:
- SAP NetWeaver Visual Composer 7.50 environments
- Systems exposed to the internet, especially if Visual Composer is enabled

What you need to do:
- Apply the emergency patch from SAP (released after the April 8 update)
- If you can’t patch immediately:
- Restrict access to the vulnerable endpoint
- Disable Visual Composer if unused
- Forward logs to SIEM and scan for unauthorized servlet uploads

Also included in the emergency update:
- CVE-2025-27429 β€” Code injection in SAP S/4HANA
- CVE-2025-31330 β€” Code injection in SAP Landscape Transformation

In a world where zero-days are increasingly exploited within hours of discovery, patching isn’t optional β€” it’s urgent.

#SAP #NetWeaver #CyberSecurity