Aug 10, 2020
WISP.org donation page: https://wisporg.z2systems.com/np/clients/wisporg/donation.jsp
Mick Douglas (@bettersafetynet on Twitter)
Netcat in a powershell environment
Defenses against powercat?
ElasticSearch bought Endgame; https://www.elastic.co/about/press/elastic-announces-intent-to-acquire-endgame
Twitter DM to
Hey... I wanna talk about @hrbrmstr's tweet on the show tonight as well...
My thinking is if Cisco and others didn't try to intentionally downplay vulnerabilities by announcing them on a Friday, would we be more likely to patch sooner? Also, greater need for testing of patches to ensure that 80% of your workforce rely on that technology now. What's worse? Patching on a Friday evening (after several hours explaining the vuln to a manager), and then having it fuck something up so you're up at crack of dawn Monday troubleshooting something missed Friday night because testing was rushed/not conducted because the CEO can't access email?
I have thoughts, I've added this to the show note google doc.
https://www.reddit.com/r/netsec/comments/hwaj6f/nmap_script_fot_cve20203452/ -- nmap PoC script?
Getting management buy-in to patch