techy

@[email protected]
146 Followers
75 Following
42 Posts

security research director at datadog. nyu stern mba 2023, CCDC red team, cloud, intel, detection engineering, builder and breaker

@techy

techyAug 9, 2024
Nick FrichetteAug 9, 2024
Couldn’t make it to Las Vegas? You can watch my talk live! This link should work. Join me in a little over an hour to kick in the door to the cloud! https://m.youtube.com/watch?v=s2ZniG-xnOM
- YouTube

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

techyApr 12, 2023
shellcromancer Apr 12, 2023

Detection Engineering #19 by @techy is out 👀

This weeks roll up has all the things: Sigma, YARA, LOLDrivers, Sublime Email rules, and threat reports 🔥

https://www.detectionengineering.net/p/detection-engineering-weekly-19-elon

Detection Engineering Weekly #19 - Elon Musk killed my Twitter embeds

MY twitter embeds, not yours, but MINE!

Detection Engineering
Show threadtechyFeb 23, 2023
@megan thank you so much!
techyFeb 8, 2023

https://www.detectionengineering.net/p/detection-engineering-weekly-10-you

Detection Engineering Weekly Issue 10 is out! This week includes:

- a gem by Alex Teixeira, who just made Medium's partner program, on launching an internal threat detection team
- A new episode of Detection Challenging Paradigms Podcast with Jared Atkinson and Jonathan Johnson
- GitHub API audit logs, finally!
- Lots of snark around ESXi, OneNote, .NET malware and malvertising
- A free January threat landscape roundup by Scott Small

Thank you all for subscribing!

Detection Engineering Weekly #10 - You don't publicly expose your ESXi servers, do you?

Last week's news and how-tos in the art and science of Detection Engineering

Detection Engineering
techyFeb 2, 2023
DEF CONFeb 1, 2023

We’re just a month into 2023 and we’ve got a whole lot of new open calls for everyone.

Starting today the calls for Papers, Demo Labs, Workshops, and Vendors are open for business. This means two things: more ways for you to participate in making DEF CON 31 amazing, and DEF CON is officially on the horizon. Welcome to DEF CON Season!

Let’s DO this thing, people.

info at defcon.org

#defcon #defcon31 #defconcfp #defconopencalls

techyJan 18, 2023
Corey QuinnJan 17, 2023

This seems bad.

https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass/

AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs

Public disclosure of a method to bypass CloudTrail for specific IAM actions.

techyJan 4, 2023
Thomas H. PtacekJan 4, 2023
LiteFS — which live-replicates SQLite transactions to other SQLite databases, so you can have write-leader, read-mirror setups with SQLite — now does WAL-mode. Fun post! https://fly.io/blog/wal-mode-in-litefs/
WAL Mode in LiteFS

LiteFS v0.3.0 now supports SQLite's write-ahead log journal mode.

Fly
techyJan 4, 2023

Detection Engineering Weekly #5 is out! Lots of stuff to write about since the holiday break, and I try to start it out strong with a classic piece from Florian Roth

Are you in threat detection/detection engineering/a SOC? I need your help! I put a google form inside the post to ask you how you would explain detection engineering to your CEO. Once I get a good sample of responses, I will publish the results in a separate post!

https://www.detectionengineering.net/p/detection-engineering-weekly-issue-a9b

Detection Engineering Weekly #5 - Detection Ideation, AWS IR & I need your help!

Last week's news and how-tos in the art and science of Detection Engineering

Detection Engineering
techyJan 4, 2023
Christophe Jan 4, 2023

If you're analyzing malicious source code samples, Dolos is an amazing tool that can cluster, compare and generate diffs between source code files.

Supports JavaScript, Python, Java, C and more.

Demo: https://dolos.ugent.be/demo/pyramidal-constants/exercise/#/

Website: https://dolos.ugent.be/

Great work from the Ghent University (Belgium)!

GitHub - dodona-edu/dolos: Source code plagiarism detection

:detective: Source code plagiarism detection. Contribute to dodona-edu/dolos development by creating an account on GitHub.

GitHub
techyDec 26, 2022
Show threadChristophe Dec 24, 2022

🗓️ December 24th #AdventOfCloudSecurity

Together with @houston and @rami we wrote an analysis of over 50 publicly disclosed cloud breaches of 2022!

https://securitylabs.datadoghq.com/articles/public-cloud-breaches-2022-mccarthy-hopkins/

Merry Christmas to everyone who celebrates it!

A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins | Datadog Security Labs

Looking back on publicly disclosed cloud breaches of 2022, and what we can learn from them.