Teri Radichel #cybersecurity #pentesting
@TeriRadichel
Followers
10,678
Following
2,482
Media
1,721
Statuses
26,575
CEO @2ndSightLab | Cybersecurity Pentester Researcher | AWS Security Hero l GSE | IANS Faculty | Contact: LinkedIn | Author
Savannah, GA
Joined March 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
TLP LETS GET BACK TOGETHER
• 372838 Tweets
#ปิ่นภักดิ์EP13
• 369436 Tweets
ZNN SIAM HALLOWEEN
• 215874 Tweets
MAHALIMA 2ND DAY SA ARANETA
• 213466 Tweets
Sanchez
• 205772 Tweets
#Perfect10LinersEP1
• 200123 Tweets
選挙速報
• 144624 Tweets
当選確実
• 123977 Tweets
過半数割れ
• 116889 Tweets
Tapper
• 99949 Tweets
裏金議員
• 94349 Tweets
Palmer
• 88804 Tweets
開票速報
• 87734 Tweets
落選確実
• 76113 Tweets
裏金問題
• 75743 Tweets
選挙特番
• 61801 Tweets
winwin
• 52866 Tweets
萩生田さん
• 49867 Tweets
比例復活
• 49528 Tweets
政権交代
• 48675 Tweets
Newcastle
• 45829 Tweets
裏金マーク
• 44121 Tweets
Ten Hag
• 42966 Tweets
Evo Morales
• 40570 Tweets
West Ham
• 39522 Tweets
石破さん
• 38752 Tweets
投票率の低さ
• 36379 Tweets
神奈川県民
• 30924 Tweets
Neto
• 30533 Tweets
埼玉14区
• 27612 Tweets
Dalot
• 27091 Tweets
#CHENEW
• 26311 Tweets
Garnacho
• 22492 Tweets
IDENTITY OUT NOW
• 21122 Tweets
東京24区
• 19195 Tweets
#WHUMUN
• 18236 Tweets
Rashford
• 13811 Tweets
IMAGINARY FRIEND MV OUT NOW
• 12015 Tweets
国民民主
• 11374 Tweets
Pinned Tweet
Free content on jobs and careers in cybersecurity and tech. Also salary negotiations for women. Sign up for my email list to learn something new in cybersecurity almost every day.
#cybersecurity
#jobs
#career
#salary
0
5
13
Behold...Rules for pentesting on AWS just changed...
34
666
1K
Twitter accounts sharing video from Ukraine being suspended. Researchers concerned that suspensions could be part of mass reporting campaign to disable OSINT accounts during Russian invasion. [Literally JUST tweeted thread about Twitter manipulation.]
18
333
560
Google Chrome DNS Security Bypass: Google Chrome overrides system DNS settings in some cases, bypassing third-party security services and tools | by Teri Radichel |
#cybersecurity
| April 19, 2021
9
111
300
Every possible Windows command you ever wanted ~ doc published by Microsoft
2
132
291
Please when reviewing news on Ukraine, double check every report with multiple, credible sources. Russia is the master of fake news.
5
88
252
The SANS GSE
What’s it like to take one of the hardest cybersecurity certifications in the industry — and pass!
21
39
225
Why one of your favorite pen testing techniques doesn’t work on AWS ~ I’m going to mention this in my talk at AWS
#reinforce
2
51
194
AWS: Literally. There is no room with monitors and people sitting in it, etc. I have exactly one on-call security engineer. Exactly one.
2
72
189
10
52
180
Why one of your favorite pen testing techniques doesn’t work on AWS
6
71
180
Microsoft is going to enforce number matching for MFA notifications starting February 27, 2023. Related to the Oktapus blog I just published and issues with MFA notifications.
3
54
154
What nerds do on Friday night:
The paperback version of my book will be online in 72 hours.
Some corrections pushed out for ebook.
I can’t look at it anymore. If you find errors please DM.
Thanks ❤️
6
18
131
Passed. GPEN.
SEC560: Network Penetration Testing and Ethical Hacking
22
5
132
My book is now for sale on Amazon. 350 pages and a year’s worth of effort. I sincerely hope it helps. Additional chapters, more content than my blog, and lots of edits. Printed book to follow. Please DM any issues or questions. Or come to my
#RSAC
talk tomorrow. Thank you!
Cybersecurity for Executives in the Age of Cloud ~ by Teri Radichel ~ available now on Amazon
#cybersecurity
#cloudsecurity
~
1
6
11
14
39
117
@samuel_colvin
Rust was essentially created by one guy at Mozilla also who now works on Swift at Apple.
1
0
112
Azure won’t let me create a resource group name with the word Windows in it - because it’s trademarked.
12
15
114
If you use Confluence, exposed to the Internet, read this: How I hacked 50+ Companies in 6 hrs.
2
51
102
@ThisIsNoahEvans
@rodtrent
I think some people are confused because Azure was down for a large portion of the day yesterday as well.
8
4
100
Still seeking a lady that wants to take my cloud security class in Melbourne, Australia for FREE Nov 11-15 at the Sheraton Four Points. It’s a 5 day class $2500 US. Please contact me on LinkedIn for more information.
15
107
97
A friend posted this about airport security but it applies to some
#cybersecurity
architectures as well. 😆 Think holistically about cybersecurity architecture and design.
7
19
92
@thehill
Bogus. I get way more exercise at home. I take my dog on walks for one thing. Have more time for such things since no commute.
0
2
80
Just found that periodic screen shots of my Windows desktop on an Azure VM showing what I have open and am working on is going into some folder called FeedbackHubLog on Azure. What.
11
30
76
There is NO excuse for not encrypting anymore. In transit, at rest, everywhere. Werner Vogels
#reInvent
2
48
75
GitHub is about to release a security scanner for your code to find SQL Injection, etc.
0
15
73
Azure has been down over 5 hours. Apparently storage in the central US affects Entra ID (Azure AD) and MFA. GitHub Actions is also affected.
1
33
71
Microsoft says they seized this domain. Security Trails reports it's been hosted on Microsoft IP addresses for a while. Some of the subdomains were running on AWS infrastructure according to this site.
Microsoft and industry partners seize key domain used in SolarWinds hack
0
8
24
2
21
73
Russia is jamming GPS satellite signals in Ukraine, US Space Force says | Space
9
60
66
A post I should have written a long time ago. Written quickly as I’m busy.
How to Inspect Network Traffic. A few tips on finding what matters on your home network | by Teri Radichel | August 26, 2021 |
#cybersecurity
#networksecurity
#networkmonitoring
3
11
70
What's in your cloud? Thoughts on the Capital One breach by a former Capital One software engineer, team lead, cloud engineer, and security employee
#capitalone
#databreach
#cloudsecurity
8
24
65
Vulnerabilities as art.
A picture is worth 1000 words.
1
32
67
Designing a modern serverless application with AWS Lambda and AWS Fargate [TR: On top of being cool from a serverless perspective, watching for changes in source code used by your company is cool from a security perspective]
2
19
66
Stuck at home? Why not learn something. Cybersecurity fundamentals and risk management to reduce the chance of an attack in your organization. A new way of looking at old problems. 2019 was the worst year on record for data breaches. Let’s change that.
0
14
66
Can't blame any w/o facts. I worked @ Capital One. Sys admins can't just run in prod. Sec people not always heeded. Execs set priorities.
4
12
60
You can now create, manage, and deploy AWS CloudTrail trails across an organization from a single account.
1
27
65
Traffic mirroring. Send copies of VPC traffic to tools of your choice.
5
13
63
@vaidehijoshi
@thedavedev
I consistently upped my salary over my career by being strategic. Research the going rate. Read books on negotiation. Obtain hard to find skills. Specialize in something. Be the best. Change companies if you feel undervalued. Don’t be afraid to walk. But money isn’t everything.
4
3
64
I’m about to tell you how I’m going to break into your AWS account and steal all your data! Mwahaha. Then
@kolbyallen
is going to tell you how to stop me. DVC304 Venetian 1 pm.
#reInvent
2
13
62
Prolonged AWS outage takes down a big chunk of the internet [TR: If your website is that important, consider multi-region failover, as I discuss in class. First thing we built out when I moved a security vehicle for to cloud.]
5
7
58
0
17
56
I’m writing a modern book ~ one blog post at a time ~
#cybersecurity
for executives. It will cover cloud security too. If you’d like to read it follow me here and please clap if you like it!
5
12
59
CloudFormation Linter from AWS Labs
0
18
54
Real code for kids. I like it.
Been teaching my 8-year old son to code with
@CodeCombat
. This is *highly* recommended folks! I did this with him, went and did an hour of work and he was still loving it when I came back.
19
163
783
0
9
56
My tweet about the AWS pentesting change made the news – Check out the article in GeekWire
5
8
54
LastPass Data Breach: It’s Time to Ditch This Password Manager | WIRED
0
23
51
Easy DNS Change To Prevent Attacks: 1.1.1.2 and 1.1.1.3 for safer home and small business networks | by Teri Radichel | October 28, 2020 |
#cybersecurity
#cloudsecurity
#homenetwork
#smallbusiness
1
22
51
Logs...AppSec...Log any failures, crashes, strange logins, anything related to security controls... all this
@shehackspurple
4
22
51
Even after breach, Capital One is 'all in' on the cloud | American Banker [Yes! Because it’s not the cloud’s fault. Capital One will be even more secure after this breach due to lessons learned. It’s one of the best places I worked due to smart coworkers.]
3
16
50
How network traffic got me into cybersecurity.
[Also — being paid by a large hosting company to go away after reporting a security incident, and other strange events.]
1
12
48
Add two hardware mfa devices (like yubikey) on an AWS user or root account - one as backup to be stored separately.
#awswishlist
6
7
48
The Internet is Held Together With Spit & Baling Wire – Krebs on Security
0
19
47
Google Cloud API bug leaks private project information [From Sept. Not sure I saw this.]
3
16
46
Another database exposed in the cloud ~ this time on Google
0
18
45
2
9
43
For anyone in an underrepresented group who wants to learn more about cloud, DevOps, or AWS check out this grant to attend AWS re:Invent 2019. Pretty sweet! I had to take vacation time and pay my own way the first time I went!
0
32
46
Ubiquiti all the things: how I finally fixed my dodgy wifi [TR: per all the recommendations from my WiFi query reading this post by
@troyhunt
]
0
4
43
This is awesome. I wrote a white paper about automated detection and response on AWS in 2016 when no one I asked was doing it. Love the improvements in this space.
Good article by Netflix - these are things you need to establish when moving with large parts of your env to
#Cloud
[Article] Snaring the Bad Folks
#CyberSecurity
#CloudSecurity
0
17
52
0
8
44
A number of people asked me how to get started with CloudFormation this week at re:Invent and if they should use the CDK. Here are some tips for getting started.
#reinvent
#cloudformation
#aws
1
11
42
I see a lot of AWS pentest blogs relying on very poor credential configurations or making a leap to assume they will have permission to do something they won’t. Come learn about preparing for an AWS pentest at my talk at re:Inforce. Not online yet but hope soon.
2
6
42
Severe ‘Perfect 10.0’ Microsoft Flaw Confirmed: ‘This Is A Cloud Security Nightmare’ [TR: Well, this is big. It is every security person’s worst fear when using cloud. Note speed to fix (talked about that at RSA) and tiers - upcoming blog post on that.]
1
24
39
As I’m updating my class, the cloud vendors are announcing new features daily. Although I try, it’s impossible to cover every detail in 5 days. That’s why I teach not just technology, but how to think about security - to evaluate new things and design secure cloud architectures.
1
3
42
When we deliver a pentest report it includes not only the findings but information to replicate and fix them. I’m helping a couple of customers with that right now. Make sure your report doesn’t just tell you what the problems are but also tells you how to fix and validate.
3
3
40
Really not cool when people steal your book and post it online for free. Took a year to write it and only costs $9.95 for Kindle format. Thanks a lot. Please buy books and support authors. I give a lot of other content out for free on my blog.
2
13
40
If you were looking for the cost of MFA on Azure it's here. Although support folks just stated I need the P2 license which is $9/month and this page says the P1 license works which is $6/user per month. PS Virtual MFA is free on AWS.
4
10
41
This is awesome. Can specify only users in an org can access a bucket.
2
9
39
Machine learning-based detection of malicious PDF files used for phishing
1
5
38
Cybersecurity researchers face real-life threats [TR: I know stories about the owners of Blue Frog and
@briankrebs
in his book Spam Nation. Any other stories and sources to back them up?]
1
11
37
AWS VPC Flow Logs do not capture AWS DNS traffic. I was told this is because that traffic never leaves the hypervisor so presumably AWS Flow Logs are generated at Layer 2 and 3 using actual NetFlow protocol
4
17
37
Do you watch what your TV does on your network? Ours randomly turns on and tries to connect to things denied by firewall. Inherited it from housemate. Not a fan. Now reading the brand, Hisense, is connected to the CCP. Hmm. Monitor your tv traffic and let me know what you see.
17
12
39
GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens. An attacker abused stolen OAuth tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM.
0
32
36
I like the new jacket! Thanks
@awscloud
! ❤️ Been wearing it since Seattle is colder than Savannah and wasn’t really prepared for six extra days. 😆
4
0
36
3
3
35
I just realized, while applying for an Australian visa, that I never received a hard copy of my
#GSE
and a couple other certs - so I contacted SANS and I just got it - in a frame even. Nice!
#cybersecurity
GSE # 240
5
1
35
I created a new AWS user in a new AWS account. There are events in CloudTrail showing that user contacted Amazon Q, which I did not do. These events are in us-east-1 which is not the region in which I was working. I just changed to us-east-1 to check the CloudTrail logs from the
1
5
36
If you missed my talk about pentesting on AWS at re:Inforce will be giving it at re:Invent.
0
4
35
Got a message from a gentleman who read my book before taking a new C-level job at a startup. Now wants to give it away to customers. He has worked at large tech companies and successful startups ~ now working on a new data security product. Very cool.
0
3
34
Great interview with
@hackingdave
~ fellow
@IANS_Security
faculty member. Aligns with why I say executives need to care more about cybersecurity in the first chapter of my book. Also check your insurance policy for exclusion of “acts of war.”
2
10
35
Never allow traffic on port 4444 on your network. This is the default port used by Metasploit. It won’t stop advanced attacks but at least make the attacker go to the trouble of changing the port! If you see an active connection on that port in your network logs now, investigate.
4
12
35
Master Sgt. Amanda Draeger completed her GIAC Security Expert (GSE) certification, making the her one of only four women out of approximately 250 people worldwide who are GSE certified. [2018. I wonder what the stats are now.]
0
5
33
Top Priorities for Cloud Application Security ~ slides from my recent presentation at Countermeasure in Ottawa. I hope to be giving this talk again at future events and will be expanding on the topic.
#cloudsecurity
3
12
33
At BSides Seattle! Talking about cloud application security this afternoon.
1
12
33
In depth analysis of SSH attacks on EC2 instances
2
42
33
Lessons learned from an actual cloud breach. 1. Security awareness and MFA 2. Alert on new admin accounts 3. Monitor for scans 4. Monitor for data duplication and movement internally 4. Open ports, DLP, and excessive network traffic.
1
16
33
Especially honored to be presented with this beautiful invitation to speak in India. I will try!
#reinvent
3
1
33
Love this thread.
Methodical Troubleshooting.
Troubleshooting Windows
#100
: "Do I own this?"
Across the org, users of a business app are told they can't get a license for their critical tool. Hanging on contacting the license server. A problem call is spun up and application owners engaged. Server is running. Call vendor.🧵
3
41
286
2
3
32
Thanks to everyone who attended my talk at
@bsidesseattle
~ saw some great presentations! Thanks so much to the organizers. Here are my slides.
#cloudsecurity
#bsides
#seattle
2
7
32
I love
#awswishlist
!!
For those who wonder if it works...
@TeriRadichel
This wish has been fulfilled, Teri! 🙌🎉 Our service team has implemented a change based on your input; thanks again for the suggestion! ^RH
0
0
6
1
7
32
I found
@TroyHunt
years ago watching authentication videos on
@pluralsight
and started following on Twitter. Love some of his points of view here. Also love
@shehackspurple
calling out everything Canadian 😆
1
5
32
I guess imitation is supposed to be flattering. I already see people copying what I wrote in my blog post, but I hope you will read it here first.
1
6
31
AWS, Azure, and Google Cloud Security ~ 2nd Sight Lab ~ Follow me for updates
1
14
30
I did it. Fit my SANS books in my carry on.
Now the question is: can I lift my carry on to get it into the overhead bin.
4
0
29