Dave Luber @NSA_CSDirector Twitter profile

Last Seen Profiles

@39_miku39

@bokeplokalmalam

@calvi_leon

@evaquaria

@Lub_De00

@Amazon_Nengi

@TedDansonBDay

@tasmeigh23690

@UltimateMotoMag

@linkiekas

@alasmr_nas6038

@HARCOS_beauty

@ZeitRain

@jamessheppard14

@snoopblues

@KgVtu

@_Mr_Tryer_

@Kamaya_Knox_

@aysguuulll

@GrAltx

@kart_korge

@chrishughes79

@BinorRaja

@lex_dominik

@RaccoonDrew

@joshelgar

@we_are_inbound

@EllenOchs

@LalaLaitera69

@saifdhanyal

@youhatexscamron

@JL90852

@seek197811

@ibubohay2

@zakouu_91

@kyou_3ne

Dave Luber

@NSA_CSDirector

3 years

Who feels me?

94

354

3K

Dave Luber

@NSA_CSDirector

2 years

HOW CAN NSA REALLY BE SURE OF THE ATTRIBUTION? I MEAN ANYONE CAN THROW RUSSIAN MALWARE!

50

258

2K

Dave Luber

@NSA_CSDirector

3 years

I appreciate the #infosec community’s ability to find moments of levity during tough times. 😁 PS. It’s log-for-Jay.

46

248

2K

Dave Luber

@NSA_CSDirector

2 years

Decisions….

37

263

1K

Dave Luber

@NSA_CSDirector

2 years

37

225

1K

Dave Luber

@NSA_CSDirector

9 months

Holiday gift for you. Ghidra 11.0 released! New BSim feature can find structurally similar functions in (potentially large) collections of binaries or object files. Initial support for Rust compiled binaries. Golang improved. +more

Releases · NationalSecurityAgency/ghidra

Ghidra is a software reverse engineering (SRE) framework - NationalSecurityAgency/ghidra

github.com

35

338

1K

Dave Luber

@NSA_CSDirector

3 years

Today I am especially #grateful for everyone working 24/7 to keep us safe from cyber threats. Your dedication might mean missing the holiday with your family so we can spend #Thanksgiving with ours. Your sacrifice is appreciated!

35

162

1K

Dave Luber

@NSA_CSDirector

3 years

Cybersecurity month is time to get educated!

18

196

1K

Dave Luber

@NSA_CSDirector

2 years

47

182

1K

Dave Luber

@NSA_CSDirector

3 years

@GossiTheDog @NSAGov ¯\_(ツ)_/¯ You missed your chance.

30

171

1K

Dave Luber

@NSA_CSDirector

2 years

Ever tried real, working enigma? Stop by booth 1843 at #RSAC2022 . Did I mention we are hiring too? @NSACyber

50

146

1K

Dave Luber

@NSA_CSDirector

2 years

Former NSA or Intel community? Come on back! We now have a vacancy listing to fast track former employees back in. Check it out.

416

230

1K

Dave Luber

@NSA_CSDirector

2 years

Only 9% of the #cybersecurity workforce consists of Black Americans. As a result, there is a strong need to recruit and hire Black cybersecurity talent. Many organizations are willing to pay for training and certifications. @TyranceIi #ShareTheMicInCyber (11/19)

46

322

1K

Dave Luber

@NSA_CSDirector

1 year

Ghidra 10.3 released. Come to the dark side! Dark themes officially supported. New training course materials for the Debugger. Initial Golang binary analysis for Go 1.18. Many more bugfixes and improvements.

Release Ghidra 10.3 · NationalSecurityAgency/ghidra

What's New Change History Installation Guide SHA-256: 4e990af9b22be562769bb6ce5d4d609fbb45455a7a2f756167b8cdcdb75887fc

github.com

22

273

959

Dave Luber

@NSA_CSDirector

11 months

I really believe that if your infrastructure can’t survive a user clicking a link, you are doomed. I’m the director of cybersecurity at NSA and you can definitely craft and email link I will click…

47

206

946

Dave Luber

@NSA_CSDirector

10 months

Super awkward. Got confronted by @birdsarentreal to stop the @NSAgov avian spying programs. Luckily Chris Krebs @C_C_Krebs was around to help.

62

123

929

Dave Luber

@NSA_CSDirector

3 years

Ghidra Version 10.1 released! *Remediates the Log4J vulnerability* Includes many new features/capabilities, performance improvements, bug fixes, and many pull-request contributions. Full what's new: Release is here:

Releases · NationalSecurityAgency/ghidra

Ghidra is a software reverse engineering (SRE) framework - NationalSecurityAgency/ghidra

github.com

11

317

889

Dave Luber

@NSA_CSDirector

3 years

I'm excited to announce the new official account for @NSAGov 's Cybersecurity Director! I'll share insights and information about what we are up to. Look forward to engaging with you.

42

128

872

Dave Luber

@NSA_CSDirector

2 years

24

104

845

Dave Luber

@NSA_CSDirector

2 years

Find it here:

11

129

784

Dave Luber

@NSA_CSDirector

3 years

One of my top priorities is hiring diverse talent in cybersecurity. Here are our top five openings - including entry-level jobs. Come join our amazing team!

34

211

743

Dave Luber

@NSA_CSDirector

3 years

@tarah Use of signal is NOT a question nor a consideration for a clearance. Your mentee, like many in this thread, is over imagining the process. As has been stated, a lot of cleared folks use signal. We even recruit for people that understand why this is a good practice!

13

85

747

Dave Luber

@NSA_CSDirector

2 years

New minor release for Ghidra. Debugger improvements as well as bug fixes to the analyzer, C parsing, the decomplier, the gui and more.

Releases · NationalSecurityAgency/ghidra

Ghidra is a software reverse engineering (SRE) framework - NationalSecurityAgency/ghidra

github.com

12

174

716

Dave Luber

@NSA_CSDirector

3 years

Curious about post-quantum cybersecurity? We recently updated NSA’s FAQ on the subject.

21

244

664

Dave Luber

@NSA_CSDirector

10 months

Cybersecurity is a timeless game of cat and mouse. Attackers advance, defenders respond, and the chase continues. Stay agile, stay secure!

25

99

656

Dave Luber

@NSA_CSDirector

2 years

She’s a 10 **because** she uses Ghidra!

chompie

@chompie1337

2 years

she’s a 10 but she uses Ghidra

39

28

475

12

57

663

Dave Luber

@NSA_CSDirector

8 months

Shmoocon swag!

38

66

635

Dave Luber

@NSA_CSDirector

2 years

@IanColdwater @likethecoins NSA is hiring. Wide array of opportunities across cybersecuiry, capability development and SIGINT. Must get a clearance. This is an amazing stable opportunity if that is now a priority. Hit me up and I’ll get someone in touch to discuss and navigate the process.

54

111

631

Dave Luber

@NSA_CSDirector

3 years

NSA cybersecurity best practices do indeed recommend utilizing ad blocking. Read more from NSA on blocking unnecessary advertising here:

Joseph Cox

@josephfcox

3 years

New: the online advertising ecosystem is so bad—with risk of hackers and harvesting data on people—that U.S. intelligence community has deployed network-based ad blockers, according to letter sent by Congress. Shows just how malicious online advertising is

15

367

666

8

277

611

Dave Luber

@NSA_CSDirector

2 years

We are getting better at sanitizing sensitive intelligence to enable cybersecurity. What we know is only useful if someone can use it.

25

100

583

Dave Luber

@NSA_CSDirector

11 months

It’s on!

21

102

571

Dave Luber

@NSA_CSDirector

2 years

Ok internet help me caption this photo with legendary status amongst my friends....

238

40

563

Dave Luber

@NSA_CSDirector

11 months

I’ll leave this here.

41

105

531

Dave Luber

@NSA_CSDirector

1 year

Got a naked laptop? Get a big NSA sticker for it. Guaranteed conversation starter! Pick them up at the @NSAGov @NSACyber booth on the RSA floor. #WeAreHiring

61

40

508

Dave Luber

@NSA_CSDirector

3 years

Reflecting on the last day of cyber security awareness month. #CSAM

10

76

494

Dave Luber

@NSA_CSDirector

2 years

Sometimes incident response feels like:

24

69

486

Dave Luber

@NSA_CSDirector

2 years

@jabreity @IanColdwater @likethecoins NSA is actually a place that embraces diversity. I’m definitely down with pink teddy bears. Basically, you do you.

13

26

486

Dave Luber

@NSA_CSDirector

11 months

The average CISO tenure is 18 to 24 months. It’s a hard job. Much of the stress is knowing what to do but not being given the resources to do it. Advocate for security.

39

133

477

Dave Luber

@NSA_CSDirector

2 years

Active exploitation Citrix devices underway by APT5. @NSACyber threat hunting guidance linked below to identify and remediate this activity. Update to the latest Citrix release, check for compromise, and let us know if you find anything.

10

236

468

Dave Luber

@NSA_CSDirector

3 years

Bravo! Apply here:

11

68

467

Dave Luber

@NSA_CSDirector

11 months

Our ‘Living off the Land’ advisory provides important context on Chinese intrusions into critical infrastructure. You can’t rely on IOCs and malware detection. You need to focus on tradecraft.

18

141

455

Dave Luber

@NSA_CSDirector

11 months

For NSA there has been, and will be only one definition!

21

55

442

Dave Luber

@NSA_CSDirector

11 months

Releasing an exploit proof of concept is a hot debate. Some argue it’s educational, but it can also empower malicious actors. We see bulk exploitation rates explode after, but advanced compromises against key victims don’t change a lot. What’s your take?

98

66

433

Dave Luber

@NSA_CSDirector

3 years

Ghidra release anniversary!

15

49

427

Dave Luber

@NSA_CSDirector

1 year

#Ghidra 13.1 is out, including the addition of new training course materials for the Debugger. More contributions for the community!

Release Ghidra 10.3.1 · NationalSecurityAgency/ghidra

What's New Change History Installation Guide SHA-256: 0413b679436039cc136b950a6d8c24e80ce79da0a0a48993dfacee671b1c7974

github.com

6

129

425

Dave Luber

@NSA_CSDirector

3 years

#CVE -2021-4034 in a system tool called Polkit has me concerned. Easy and reliable privilege escalation preinstalled on every major Linux distribution. Patch ASAP or use the simple chmod 0755 /usr/bin/pkexec mitigation. There are working POCs in the wild.

A bug lurking for 12 years gives attackers root on most major Linux distros

It's likely only a matter of time before PwnKit is exploited in the wild.

arstechnica.com

15

187

426

Dave Luber

@NSA_CSDirector

3 years

The log4j vulnerability is a significant threat for exploitation due to the widespread inclusion in software frameworks, even NSA’s GHIDRA. This is a case study in why the software bill of material (SBOM) concepts are so important to understand exposure.

Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet

Minecraft is the first, but certainly not the last, app known to be affected.

arstechnica.com

33

214

415

Dave Luber

@NSA_CSDirector

5 months

Thanks to Rob Joyce for his exceptional leadership of @NSACyber over the last few years! I’m honored to take on this role as the new Director of Cybersecurity at NSA. Cyber is a team sport – I’m looking forward to working with partners across the community. - DPL

47

56

408

Dave Luber

@NSA_CSDirector

11 months

I really could begin and end the whole month with this post. Come on people. We know what we need to do…

18

96

390

Dave Luber

@NSA_CSDirector

10 months

In case you want to follow the CSD Director’s account:

22

26

365

Dave Luber

@NSA_CSDirector

11 months

Attackers will work to know your network better than you do. They will find shadow IT, misconfigurations, weak authentication and unpatched devices containing n-days. Discover and fix it before them. #KnowledgeIsPower #KnowledgeIsSecurity

18

102

359

Dave Luber

@NSA_CSDirector

3 years

Important @CISAgov alert: Malware inserted into widely used JavaScript library (npm package) AParser.js which reads information stored inside user-agent strings. Developers must update to patched versions: 0.7.30, 0.8.1, 1.0.1

Malware found in npm package with millions of weekly downloads

-

therecord.media

5

255

345

Dave Luber

@NSA_CSDirector

2 years

Cybersecurity awards month. The struggle is real.

13

45

352

Dave Luber

@NSA_CSDirector

11 months

Admit it. You know stuff you should be fixing.

15

77

342

Dave Luber

@NSA_CSDirector

2 years

Have you prepared for a DDOS attack? Consider the impact of outages and keep critical sites up using a deliberate mitigation plan.

11

61

345

Dave Luber

@NSA_CSDirector

6 months

Safe havens for cyber criminals creates disproportionate risk for all of us. Russian tolerance of ransomware actors is a scourge on of the victims. 74% of ransomware revenue goes to Russia-linked hackers:

74% of ransomware revenue goes to Russia-linked hackers

Crypto-currency researchers say more than $400m of cyber-crime funds go to Russian gangs.

www.bbc.co.uk

20

196

338

Dave Luber

@NSA_CSDirector

8 months

We continue to remember the sacrifice of Navy CTIS Shannon M. Kent, five years ago today. She gave her life "serving in silence," while supporting Combined Joint Task Force - Operation Inherent Resolve in Syria Jan. 16, 2019. She was in an elite military intelligence unit. 1/2

14

55

321

Dave Luber

@NSA_CSDirector

3 years

We are seeing Chinese targeting of political, economic, military, educational orgs and more to access sensitive data. Our advisory provides mitigations for 50 common Chinese state-sponsored #cyber techniques. Review and take action!

NSA Cyber

@NSACyber

3 years

We collaborated with @CISAgov & @FBI on our #cybersecurity advisory, detailing Chinese state-sponsored actor #TTPs used against U.S. and allied networks. For a thorough understanding of this cyberthreat, read our overview, observed TTPs & mitigations.

39

434

755

9

156

310

Dave Luber

@NSA_CSDirector

3 years

Proud to announce the launch of our first-ever NSA Cybersecurity Directorate (CSD) Summer Intern Program! Undergrad, grad, and doctoral students can apply today to experience our mission first-hand:

18

96

318

Dave Luber

@NSA_CSDirector

3 years

@RayRedacted Attackers put in the time to know the network and the devices better than the defenders. That’s how they win.

14

110

315

Dave Luber

@NSA_CSDirector

11 months

Shipping insecure software and relying solely on patching is like launching a leaky ship and hoping to fix it at sea. Secure foundations save you from sinking. #SecureByDesign listen to @CISAgov

29

64

312

Dave Luber

@NSA_CSDirector

2 years

Mandiant working with VMware to release info on Novel Malware Persistence Within ESXi Hypervisors. Active exploitation found. This is one to watch for the Defense Industrial Base and others with sensitive information targeted by nation states.

Malware Persistence Within ESXi Hypervisors | Malicious VIBs | Google Cloud Blog

Malware Persistence within ESXi Hypervisors. Learn how attackers use vSphere Installation Bundles ('VIBs") to install backdoors across ESXi hypervisors.

cloud.google.com

5

135

311

Dave Luber

@NSA_CSDirector

11 months

This is what my inbox looks like around the major cybersecurity conferences.

27

36

301

Dave Luber

@NSA_CSDirector

5 months

Ghidra 11.0.2 released. Bug fixes and minor improvements. Check out the "What's New" link for details.

Release Ghidra 11.0.2 · NationalSecurityAgency/ghidra

What's New Change History Installation Guide SHA-256: 4f16ae3f288f8c01fd1872e8e55b25c79744e7b1e8a9383c5e576668ca7d1906

github.com

8

91

290

Dave Luber

@NSA_CSDirector

11 months

In pursuit of free software through cracks and keygens? Beware, the price may be higher than anticipated. Warez are teeming with malware, ready to infiltrate your system. Be warned. #MalwareMenace

36

57

290

Dave Luber

@NSA_CSDirector

11 months

I have a theory why industry collaboration has gotten easy over the years…

23

35

287

Dave Luber

@NSA_CSDirector

11 months

You can learn from NSA’s experience working Red and Blue team engagements. Bad actors will look for easy opportunities to exploit vulnerabilities and compromise networks. Here are the top 10 cybersecurity misconfigurations we see:l along with @CISAgov

16

87

279

Dave Luber

@NSA_CSDirector

1 year

Russian government actors have used the Snake malware tool for years for intelligence collection. These technical details will help industry governments find and shut down the malware globally. Help us act!

36

97

283

Dave Luber

@NSA_CSDirector

5 months

Thrilled that Dave Luber takes the reins today as the new CSD Director! (this is the last NSA post from Rob J, so when the picture changes, don't think he's tweeting about himself. 😄)

38

29

282

Dave Luber

@NSA_CSDirector

10 months

Happy 5th birthday to our partners at @CISAgov ! The nation is more secure through your great work!

17

39

268

Dave Luber

@NSA_CSDirector

2 years

Incident response toolkits can, and should, vary: IT response vs OT, endpoint vs network, cloud vs on-prem. What’s your must-have and go to capabilities?

14

47

274

Dave Luber

@NSA_CSDirector

11 months

@vxunderground @NSAGov @ThomasJFlounder Wasn’t going to use meme this b/c some on my team didn’t get it, but clearly you will appreciate! Ironic that it is the same base picture I chose for this thread.

13

24

277

Dave Luber

@NSA_CSDirector

3 years

Huge thanks to @PwnieAwards for going out of the way to get @NSAGov our Pwnie! What an awesome honor!

11

38

264

Dave Luber

@NSA_CSDirector

3 years

@SwiftOnSecurity Got one! @NatCryptoMuseum

15

21

262

Dave Luber

@NSA_CSDirector

2 years

Meme advisor @Andrew___Morris stops by to help understand the dark and dangerous corners of the internet.

9

18

260

Dave Luber

@NSA_CSDirector

10 months

Did you know? The @birdsarentreal movement isn’t just a quirky conspiracy theory. It’s a brilliant lesson in disinformation. Watch the TED Talk to see how it teaches us to question what we read online. Before you believe and share, apply critical thinking.

Birds Aren’t Real? How a Conspiracy Takes Flight | Peter McIndoe | TED

Peter McIndoe isn't a fan of birds. In fact, he has a theory about them that might shock you. Listen along to this eye-opening talk as it takes a turn and ma...

www.youtube.com

Dave Luber

@NSA_CSDirector

10 months

Super awkward. Got confronted by @birdsarentreal to stop the @NSAgov avian spying programs. Luckily Chris Krebs @C_C_Krebs was around to help.

62

123

929

39

65

263

Dave Luber

@NSA_CSDirector

3 years

@tarah PS- wanted to be explicit and authoritative on the process. I totally agree with your point that use of encryption does not mean you have something to hide !

3

42

261

Dave Luber

@NSA_CSDirector

2 years

I’m at Shmoocon- my happy place. Feel free to grab me for a chat! Anything from geeky topics to how to navigate NSA hiring are all fair game.

29

24

253

Dave Luber

@NSA_CSDirector

2 years

Take this seriously. The small details make all the difference. Don’t write your own crypto…

35

45

247

Dave Luber

@NSA_CSDirector

3 years

New surge in Microsoft Exchange server exploitation underway. You Must ensure you are patched and monitoring if you are hosting an instance.

Kyle Hanslovan

@KyleHanslovan

3 years

Keep your Exchange servers safe this weekend. @HuntressLabs has seen 140+ webshells across 1900+ unpatched boxes in 48hrs. Impacted orgs thus far include building mfgs, seafood processors, industrial machinery, auto repair shops, a small residential airport and more. #ProxyShell

5

145

282

8

142

247

Dave Luber

@NSA_CSDirector

10 months

With AI becoming increasingly entwined in advanced systems, the NSA’s new AI Security Center is a crucial step toward ensuring protection. NSA will uncover threats and guide trusted use in national security systems

26

56

237

Dave Luber

@NSA_CSDirector

11 months

Me checking messages after posting about phishing.

10

31

240

Dave Luber

@NSA_CSDirector

3 years

Lots of good recommendations from @CISAgov and @FBI on how to defend networks from ransomware. Check your back ups and make sure contacts are current in your incident response plan before you head into the long weekend.

3

80

235

Dave Luber

@NSA_CSDirector

11 months

31

24

233

Dave Luber

@NSA_CSDirector

1 year

This Memorial Day, reflecting on the soberness of our mission and those we support. In cyber, our job is to keep our warfighters, cryptologists, allies, and nation secure. May we never fall short and may we always remember and honor those who have made the ultimate sacrifice.

4

40

231

Dave Luber

@NSA_CSDirector

8 months

Hey @SwiftOnSecurity we need to convince @taylorswift13 to swing by @NSAGov and @NatCryptoMuseum to see some cool cyber stuff! #TaylorSwift

Vince Houghton

@intelhistorian

8 months

Ohhhhhh. You know what this means? @taylorswift13 will be 20 mins away from the @NatCryptoMuseum in a week…

1

3

24

50

35

232

Dave Luber

@NSA_CSDirector

2 years

@Xswanke_Xian Rob manages Rob's tweets!

15

2

227

Dave Luber

@NSA_CSDirector

6 months

Look who is in London! Thanks for the hospitality @NCSC and @GCHQ !

20

11

231

Dave Luber

@NSA_CSDirector

3 years

Just another day scaring APT teams and ransomware crews.

9

24

225

Dave Luber

@NSA_CSDirector

2 years

Good luck out there!

6

30

222

Dave Luber

@NSA_CSDirector

11 months

The struggle is real.

16

22

228

Dave Luber

@NSA_CSDirector

2 years

It is worth your time to learn about this tool that GCHQ gave to the community. It is powerful and flexible for a range of activities including data manipulation and analysis.

BSidesCharm

@BSidesCharm

2 years

Let’s Get Cooking with CyberChef A very advanced malware analysis and data manipulation tool is made easy to understand by @marcellelee at @BSidesCharm 2022

1

37

160

7

60

215

Dave Luber

@NSA_CSDirector

1 year

Who remembers the rainbow books? Cybersecurity information before there was infosec twitter!

NSA Cyber

@NSACyber

1 year

Since the earliest days of computers, NSA has been focused on ensuring security for all. The Rainbow Series was the start of cybersecurity as we know it today. Read the original guidance here:

24

71

245

32

30

220

Dave Luber

@NSA_CSDirector

10 months

It’s been fun!

17

29

219

Dave Luber

@NSA_CSDirector

2 years

Start your zero trust journey. Here’s the NSA guide to embracing a zero trust security model.

8

45

213

Dave Luber

@NSA_CSDirector

2 years

Crypto trending?!!?

6

19

217

Dave Luber

@NSA_CSDirector

1 year

This year we have two working enigmas at RSA. Secret message a friend! Just for kicks we also brought a rare Hebern device. Is it a flex? Yeah. 💪 Stop by and play with a real enigma. 🔥 #WeAreHiring Booth 549. @NSACyber