D Milroy's Avatar

D Milroy

@dpmilroy.bsky.social

Corporate IT Security _____. Comments are mine and do not reflect the opinion of my employer. Stupid comments are the result of being hacked by an APT.

136 Followers  |  617 Following  |  5 Posts  |  Joined: 21.11.2024  |  2.124

Latest posts by dpmilroy.bsky.social on Bluesky

Post image

BACKDOORS & BREACHES - CARD OF THE DAY
Have you experienced this?
Deck: Core Deck 2.2
Attack/Procedure Type: C2 and Exfil
Attack/Procedure: DNS as C2

Tools:
dnscat2 - github.com/iagox86/dnsc...

Learn more:
www.blackhillsinfosec.com/bypassing-cy...

13.06.2025 17:50 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

BACKDOORS & BREACHES - CARD OF THE DAY
Have you experienced this?
Deck: Core Deck 2.2
Attack/Procedure Type: Procedure
Attack/Procedure: Server Analysis

Tools:
DeepBlueCLI - github.com/sans-blue-te...

Get Backdoors & Breaches: spearphish-general-store.myshopify.com/collections/...

20.06.2025 18:22 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

BACKDOORS & BREACHES - CARD OF THE DAY
Deck: Cloud Deck
Attack/Procedure Type: Initial Compromise
Attack/Procedure: Credentials Posted Publicly in a Code Repository

Tools:
Gitleaks - github.com/gitleaks/git...
TruffleHog - github.com/trufflesecur...
Gitrob - github.com/michenriksen...

27.06.2025 17:46 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

BACKDOORS & BREACHES - CARD OF THE DAY
Have you experienced this?
Deck: Cloud Deck
Attack/Procedure Type: Initial Compromise
Attack/Procedure: Malicious OAuth Application

Tools:
O365 Attack Toolkit - github.com/mdsecactiveb...

Learn more:
threatpost.com/oauth-phishi...

04.07.2025 15:34 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

CARD OF THE DAY
Deck: Core Deck 2.2
Attack/Procedure Type: Pivot and Escalate
Attack/Procedure: New Service Creation/Modification

Tools:
Impacket - github.com/SecureAuthCo...
Metasploit - www.metasploit.com

Get decks: spearphish-general-store.myshopify.com/collections/...

11.07.2025 18:12 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

BACKDOORS & BREACHES - CARD OF THE DAY
Have you experienced this?
Deck: Core Deck 2.2
Attack/Procedure Type: Persistence
Attack/Procedure Evil Firmware

Play for free play.backdoorsandbreaches.com

Get physical card decks spearphish-general-store.myshopify.com/collections/...

04.04.2025 18:42 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Your First Three Linux IR Commands If You're Compromised! | John Strand | BHIS Nuggets
YouTube video by Black Hills Information Security Your First Three Linux IR Commands If You're Compromised! | John Strand | BHIS Nuggets

1st 3 Linux IR Commands youtu.be/_VullFykaP0?...

1st 3 Windows IR Commands
youtu.be/ilhzt-Hw_sY?...

Compromised? What Do We Do Next?
youtu.be/DuIXbz30mqk?...

How to Prepare Before the Compromise
youtu.be/V-3-RGsdqpM?...

Demystifying Windows Malware Investigations
www.youtube.com/live/TsTBnAo...

11.03.2025 17:25 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Microsoft shows off novel quantum chip that can scale to 'a million qubits'. So far: Eight Not just a matter of time but a matter of Majorana fermions, too Microsoft says it has developed a quantum-computing chip made with novel materials that is expected to enable the development of quantum computers for meaningful, real-world applications…

Microsoft shows off novel quantum chip that can scale to 'a million qubits'. So far: Eight

19.02.2025 20:59 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0
Nihilism
YouTube video by Rancid - Topic Nihilism

But it’s a kick ass song so there’s that.

youtu.be/f8GQ-nafTgY

06.02.2025 15:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Ozzy Osbourne and Black Sabbath will reunite for the final time this summer Ozzy Osbourne and the original Black Sabbath lineup will reunite this summer for the first time in 20 years. It's expected to be Osbourne's final live show.

Ozzy Osbourne and the original Black Sabbath lineup will reunite this summer for the first time in 20 years. It's expected to be Osbourne's final live show.

06.02.2025 15:01 β€” πŸ‘ 507    πŸ” 55    πŸ’¬ 47    πŸ“Œ 26
RTO Mandates: Hard Truths for Leaders
After Amazon imposed a strict return-to-office policy that takes effect in January 2025, other companies followed suit. But are RTO mandates a way to boost productivity and charm Wall Street - or just a way to lose your best performers? In this short video, Brian Elliott, who has studied RTO mandate RTO Mandates: Hard Truths for Leaders

Folks at MIT Sloan looked at multiple studies of return to office (RTO) mandates & found they are lose-lose-lose. No reward from Wall Street for β€œgetting tough,” an actual decrease in productivity & revenue, and loss of top talent. youtu.be/4ec_yZCWOCY...

12.01.2025 23:53 β€” πŸ‘ 968    πŸ” 434    πŸ’¬ 40    πŸ“Œ 78

I do not want to sign in with Google.
I do not consent to cookies.
I object to "Legitimate" Interests.
I do not want your newsletter.
I will not switch off my ad blocker.
I do not want notifications.
I don't care about your special offer.
I do not want to subscribe.
I do not want to use your app.

12.01.2025 17:02 β€” πŸ‘ 1140    πŸ” 206    πŸ’¬ 19    πŸ“Œ 14

Let's just get the myths out of the way.

1. Lost luggage is rare. (Less than 1 percent.)
2. Carousel waits are shorter than the scrum to get off the plane.
3. Even when airlines don't charge (like Southwest) people are asshats about carry-ons

American travelers are spoiled children.

27.12.2024 06:13 β€” πŸ‘ 1575    πŸ” 81    πŸ’¬ 171    πŸ“Œ 15
Preview
CISA Issues Binding Operational Directive for Improved Cloud Security CISA’s Binding Operational Directive 25-01 requires federal agencies to align cloud environments with SCuBA secure configuration baselines.

CISA Issues Binding Operational Directive for Improved Cloud Security

22.12.2024 13:12 β€” πŸ‘ 6    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Preview
Russian hackers use RDP proxies to steal data in MiTM attacks The Russian hacking group tracked as APT29 (aka "Midnight Blizzard") is using a network of 193Β remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and…

Russian hackers use RDP proxies to steal data in MiTM attacks

21.12.2024 18:42 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
A MAJOR ANNOUNCEMENT CONCERNING THE HOPE CONFERENCE | 2600

Major Announcement Regarding the HOPE Conference:

Effective immediately, HOPE will happen EVERY summer, not every two years. HOPE_16 will be August 15-17, 2025!

www.2600.com/content/majo...

18.12.2024 20:01 β€” πŸ‘ 104    πŸ” 30    πŸ’¬ 7    πŸ“Œ 12
Post image Post image

Blue teamers β€” sometimes we can lose sight of Active Directory. I mean, it just works in the background, right? Active Directory is crucial to Windows networks & a perfect target for bad actors. Dive into this article to learn common active directory pitfalls 7 how to avoid getting your day ruined.

17.12.2024 21:50 β€” πŸ‘ 12    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Post image

I can't spend more than a few minutes on my LinkedIn timeline before I suffer brain melt. Saw this meme recently and finally understood why...

17.12.2024 21:09 β€” πŸ‘ 31    πŸ” 9    πŸ’¬ 1    πŸ“Œ 2
Preview
Student kills 4 at Madison Christian school, police chief says The juvenile shooter was also dead at Abundant Life Christian School on Monday, Madison Police Chief Shon F. Barnes told reporters Monday.

Breaking news: A juvenile killed four people and injured five at a Christian school in Madison, Wisconsin, Madison Police Chief Shon F. Barnes said Monday. The shooter is also dead.

16.12.2024 18:41 β€” πŸ‘ 260    πŸ” 113    πŸ’¬ 67    πŸ“Œ 52
Post image Post image

β€œUnitedHealthcare shooting: The person of interest had a 3D-printed Glock, which might have been involved in the first assassination using a 3D-printed weapon

πŸ”— www.404media.co/unitedhealth...

10.12.2024 16:21 β€” πŸ‘ 156    πŸ” 15    πŸ’¬ 8    πŸ“Œ 30
Preview
pgMail 1.5 Released! Well, it's pretty rare that I get anyone talking about my old PostgreSQL email stored procedure, but here we are. I wrote this thing almost 25 years ago to essentially replicate the functionality of xp_sendmail into PostgreSQL. I released it to the world, because I knew other people would have this issue. And as it turned out, they absolutely do.

pgMail 1.5 Released!

Well, it's pretty rare that I get anyone talking about my old PostgreSQL email stored procedure, but here we are. I wrote this thing almost 25 years ago to essentially replicate the functionality of xp_sendmail into PostgreSQL. I released it to the world, because I knew other…

10.12.2024 16:26 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

I should hope so. When I'm gone from this earth, all that will be left of me is what I contributed to the AI consciousness.

03.12.2024 18:20 β€” πŸ‘ 7    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0
Preview
Vodka maker Stoli files for bankruptcy in US after ransomware attack Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country.

www.bleepingcomputer.com/news/securit...

03.12.2024 22:24 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I have created a starter pack to shine light on organizations that make notable contributions back to the #infosec community in the form of generous free tiers, valuable webinars, trainings, resources, etc.

I am sure there are others, just DM or reply with any suggestions!

go.bsky.app/NMbiTUL

27.11.2024 16:39 β€” πŸ‘ 106    πŸ” 27    πŸ’¬ 13    πŸ“Œ 1
Stone Dead Forever (Live)
YouTube video by MotΓΆrhead - Topic Stone Dead Forever (Live)

m.youtube.com/watch?v=AjWa...

02.12.2024 01:12 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Modern Work FuckingΒ Sucks. It’s Monday morning. The first thing you see (yes, before you see your kids, your partner, even your coffee) is a Slack notification. That Slack notification leads you to a Confluence document, which...

So I’m not the most jaded and cynical person in the world. lol

www.joanwestenberg.com/modern-work-...

02.12.2024 00:03 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
How steam from a Wisconsin factory fueled a 100-mile band of snow The conditions were perfectly set up for this rare phenomenon.

An isolated band of snow whipped up Thanksgiving mischief for travelers in Wisconsin on Thursday.

Over a several-hour period, a localized zone of occasionally heavy snow dropped a couple inches on places not far from Eau Claire β€” and the primary culprit was exhaust from a nearby glass factory.

29.11.2024 18:54 β€” πŸ‘ 223    πŸ” 41    πŸ’¬ 12    πŸ“Œ 10
Post image 24.11.2024 03:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

A bit early.

22.11.2024 11:49 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

The meaning of the life

22.11.2024 02:37 β€” πŸ‘ 60    πŸ” 18    πŸ’¬ 4    πŸ“Œ 1

@dpmilroy is following 20 prominent accounts