We're starting to see the results of Microsoft extending 365 audit logging to everyone with increased retention. This morning we started receiving events that were created in March
#Microsoft365
#Security
Why do we push so hard for small incremental improvements when it comes to code, but small improvements to other things are seen as “less than nothing”? Nothing transforms overnight. It’s always the small changes over time that finally result in real change
"Changing master to main changed less than nothing. Because nothing was or is ever enough in this arena. As soon as this word battle was won, it was just on to the next and the next (and the next)."
I like Scrum and the idea of breaking down large complex problems into smaller pieces, but it’s funny to think of that process like this. I think this can result in engineers not being able to see the big picture. Credit
@rjs
This. Workaholics are not heroes! Burnout is real and will be more devastating to your performance than stopping working at a reasonable time
#startups
#burnout
Every day I’m impressed at what
@ClickHouseDB
can do, especially ClickHouse Cloud with its ability to auto-scale. This is going to be a game changer for many use cases
I can’t begin to express how proud I am of the team at
@HuntressLabs
for putting together this report.
@KyleHanslovan
@jdferrell3
and I have been talking about how awesome it would be to be in a position to post research like this for literal years
Welcome to the first Huntress Threat Report 🚨🦸♀️
An in-depth review of real world intrusions @ small & mid-sized businesses. Follow
@HuntressLabs
for more.
As a founder, when your team crushes it, it’s your job to reward and motivate them.
Our team crushed it and for that, I’m rocking the ShadyCorn onesie.
@ErrataRob
@simulator5g
@su_andrewk
The benefits to their bottom line. I’m not sure if it’s still the same price but a few years ago when they made a big push for new TLDs, the cost to become the registrar for a new TLD was something like $800k
Why are developers still blocking users from pasting into the confirm password field? This breaks many password managers, especially on mobile, and impacts security negatively because users use shorter, easier to type passwords. Please don’t do this
We’ve seen the same behavior at
@HuntressLabs
. One of the hardest parts for most orgs is getting ALL of it. Even one machine that’s infected and powered off can restart the infection days or weeks later when powered on
.
@HuntressLabs
is all over X and the news and I can’t be more proud of the work this team has put in. It’s really be a big effort by a lot of folks behind the scenes. We’ve got more stuff cooking so watch out for what’s next!
Last week tragedy struck a Huntress team member. Katie is an amazing person and a friend and she can really use our help right now. Please consider donating to support this family
Honoring Kyle's Legacy
Take a look at a new
@postgresql
extension called "pg_badplan" by Claes Jakobsson and see if it helps you determine if using multicolumn statistics will help improve your query plans.
I’ve been conscious of my habit of saying “you guys” to mixed company for a while (it’s a tough habit to break). I often resort to “you all” or “folks”, but today I heard someone say “yoos”
The biggest losers of the Uber hack: the nation state actors who have been in the infrastructure for years and will now lose their footholds.
If it was this easy for the hacker to own everything, it was already owned by multiple parties
I’ll probably take some flak for this, but my idea of a vacation is one where I don’t have meeting or a schedule and can relax, BUT can still write code and make progress on the product. It’s more like a period of relaxation with better work life balance. It’s not that I feel I
This reminds me of the quote “if you’re the smartest person in the room, you’re in the wrong room.” If you really want to grow and get better at something you need to find folks better than you to help you push yourself. Putting in the work is the only way to get better
Just chatted w/ someone who, a few years ago, started regularly playing foosball w/ a random group of guys at a nearby bar. He started off playing poorly but over time became decent. One day they told him he should play tournaments...
Continuing to make progress on supporting ES|QL queries in the upcoming
@HuntressLabs
Managed SIEM product. This is going to be quite amazing when combined with the storage and searching of data. I can’t wait to show this off!
When raising the first two rounds of funding for
@HuntressLabs
(2020-2022), I got a number of questions around Rails and PostgreSQL and whether they would be able to scale. I told everyone “it seems to work for
@Shopify
” and that was that
it's wild that people see and acknowledge the incredible success of
@Shopify
, but actively shun the tech stack that has allowed them to scale, while shipping constantly.
I’m so tired of having to pay a security tax every time we want to setup single sign-on. We’re only 300 employees and for many services we don’t need the other functionality that comes with the “Enterprise” plan. So we’re paying significantly more just for SSO. 😩
Occasionally I see comments about how
#rails
doesn’t scale and I wanted to add some perspective from my experience at
@HuntressLabs
. We switched to Sidekiq 17 months ago and have already run over 100 billion jobs. This is how we protect 2.3M endpoints and identities
@NathanMcNulty
The fact that Dmitri was the deputy chair on this and the co-founder of their arch rival CrowdStrike must have really pissed off some folks in the security organization, especially with recommendations like this
EDR: Using feedback from the community, we're now reporting where users are actively using/accessing password files. Lots of epic feedback received here today and can't wait to roll out today's suggestions.
Being a parent means dragging your kids out of bed in the morning because they are so tired and also forcing them to go to bed because they aren’t tired
@Infosec_Taylor
We’re working on this at
@HuntressLabs
to make this more of an educational experience for folks rather than a negative one. This is the training you get if you click the phishing link. What do you think?
Lots of people pointing out the SQL injection. It’s even easier than that. Just open developer tools and add a cookie named “login” with the value “1” and you’re money
He’s not wrong here. Understanding how the technology works and how to build to its strengths requires care. In this age of unlimited cloud resources I see folks reach for the scale lever too quickly and that results in excess cost
The more experienced I get, the less I think that the specific tech matters for performance, and the more I think just … the developer *caring* about performance matters.
We actually built in some additional visibility for this after the last ScreenConnect incident. We should probably look at sending new ScreenConnect callback domains to the SOC for review
🚨 Mass exploitation of FortiClient Enterprise Management Server (EMS) is being observed by
@HuntressLabs
Post Compromise activity appears to download and execute ScreenConnect on the system.
Thank you to Huntress SOC Analyst
@bumbucha
for raising the flag internally.
@JasonSwett
360/12 = 30 degrees between each number. At 15 after the minute hand should be on the three and the hour hand should be 1/4 of the way between the three and the 4. So 30/4 = 7.5 degrees.
Is that the answer?
@nateberkopec
Totally agree. The productivity one person can have is immense.
One thing I’ve noticed though is that there seems to be junior Rails devs and very senior Rails devs, but a lack of folks in the middle. Any idea why?
@dhh
I’m not suggesting where we draw the line on these kinds of things is easy or obvious, but I am suggesting that many small changes have big results over time. Does the name of the default branch really matter that much? I get it that it can become a death by 1000 cuts, but 🤷♂️
Why does anyone care? I get this is Elon and there are some extra feelings involved, but a degree is a means to an end. If you can learn without needing to go through school that’s fine
** Hot Take (mildly hyperbolic) **
Can we get a software engineering version of the bar exam / medical board? So many products are so terribly engineered. Demand has outstripped supply and caused the overall quality of engineers to tank.
I’m a big advocate of the Always Be Shipping mentality that
@denk_tweets
wrote about in his essay and
@businessbarista
discusses in a recent podcast on Founders Journal. Consistently shipping is a huge part of the answer of how you compete in a crowded marketplace
This was my life for several years working for the government. I’m sure this influenced our decision to make
@HuntressLabs
a very open and transparent culture
Scaling a startup sucks because you’re not solving technical or customer problems, you’re solving internal people and process problems and that doesn’t feel like real progress and is not why you started the company 😩
A few years ago I was looking for a change in my career and thought about applying to Facebook to see what it was like to engineer massive systems and process lots of data. Boy am I glad I procrastinated on that thought
This is awesome! I’ve been thinking about doing something similar for those long tail bugs that aren’t showstoppers and so get left at the bottom of the pile
Shoutout to our Product & Engineering Teams for squashing 176 bugs/paper cuts in our Bug Bash!
Awards went out today for:
🐞 Most Bugs Squashed
👏 Customer Team Choice
🗑️ Most Lines of Code Deleted
🧪 Most Tests Added
👀 our Release Notes to view the full list of improvements:
We’ve been waiting a long time to talk about the Qakbot mitigation we deployed to all Huntress endpoints on Dec 14, 2022. We stopped seeing new Qakbot infections on the hosts we protect and could actively track processes checking for the vaccine with our EDR telemetry. Huge win!
Quick banter on the FBI Qakbot disruption-- and some behind-the-scenes deets on how we handled Qakbot when it was running rampant. Seriously, huge congratulations to law enforcement and all parties involved!
We’re looking for a Senior Rails Engineer at
@HuntressLabs
to help us accelerate our mission to eradicate malware. AWS, PostgreSQL, Redis stack. Competitive salary - not intern level ;), benefits, equity. Remote or local. careers
@huntresslabs
.com. Please RT
✅ Junior Engineer: I don’t know what tool we should use. I’ll go with whatever gets the job done.
❌ Senior Engineer: We absolutely must use THIS tool because big successful companies use it!
✅ Staff+ Engineer: I don’t care what tool we use as long as it will get the job done
I had a great time talking with other Product and Engineering leaders at the
@SapphireVC
Hypergrowth Engineering Summit today! Thanks to all who gave talks
Just booked my ticket to
#RailsConf
2018 I've never been, so I'm excited to see and meet new people. If you're a Rails dev and looking for something new, DM me and we can meetup and talk about what we're doing at
@HuntressLabs
#rails
#ruby