malware Archives - Jean-Christoph von Oertzen

Event takeaways: BSidesMeSh21 – day 2

jean-christoph — Tue, 22 Jun 2021 16:05:01 +0000

My key takeaways 11 min from publishing credentials (accidently) to github till pwn 2019: ~200k credentials in Github ; 2021: +20% runtime secrets go to application secrets managers AWS Secrets Manager GCP Secrets Manager Hashicorp Vault Azure Vault InfoSec’s dirty little secret: We can’t know all the options, but we still need to help secure […]

The post Event takeaways: BSidesMeSh21 – day 2 appeared first on Jean-Christoph von Oertzen.

Event takeaways: BSidesMeSh21 – day 1

jean-christoph — Mon, 21 Jun 2021 16:34:29 +0000

My key takeaways Security in sprints vs whole security sprints? Smaller activities from the very beginning. It is not full time, but always ongoing. And maybe, if the situation is very tricky, entire sprints might be necessary, too. — Thomas Fricke Kubernetes does its best to be secure inside. Unfortunatly it is not configured so […]

The post Event takeaways: BSidesMeSh21 – day 1 appeared first on Jean-Christoph von Oertzen.

Webinar takeaway: Move Aside Script Kiddies: Malware Execution in the Age of Advanced Defenses

jean-christoph — Thu, 03 Dec 2020 19:02:11 +0000

My key takeaways it’s getting harder to execute malware in a lot of environments, also due to endpoint maturity 3 parts of an assumed compromise: priv esc, lateral movement, senstive data access Win10 is safer then ever, also Windows Defender has improved defense vendors have signatures for almost all metaspoilt machine code nowadays you can’t […]

The post Webinar takeaway: Move Aside Script Kiddies: Malware Execution in the Age of Advanced Defenses appeared first on Jean-Christoph von Oertzen.