Profile avatar
teriradichel.bsky.social
CEO, 2nd Sight Lab. Cloud and App Pentesting. Security Software & Research. Cybersecurity Phone Consulting > IANS Research . GSE . AWS Security Hero . Author on Amazon.
760 posts 1,127 followers 115 following
Prolific Poster
Conversation Starter
Posts 34 Comments 16

I just wrote this long thread on X and not going to copy it all here. It’s on X because that is where some of the people are who need to read it. I’m not sure if they will. @teriradichel

submitted 6 days ago • 0 comments

Weathering the storm: In the midst of a Typhoon [Sounds like the things I was reporting about my own network except not Cisco.] blog.talosintelligence.com/salt-typhoon...

submitted 7 days ago • 0 comments

When I couldn’t get to AWS earlier, aws.amazon.com was resolving as shown. Now I’m getting something in the 18 range again. When I look up that range in the AWS JSON IP list it says GLOBAL snd CloudFront. Some network change and I probably have this blocked. Works now.

submitted 7 days ago • 1 comment

Xfinity just made changes to our network here in Savannah and now I am having issues getting to the AWS console periodically. I don’t know if those things are related but last time Xfinity changed the network ESPN streaming was not working. Something changed.

submitted 7 days ago • 0 comments

GitLab-Cloud-Security-Review · GitLab ~~ Checked out GitLab and added my wishlist here. So far no DevOps solution meets my needs. CodeCommit was the only one but now deprecated. GitLab is close 2nd but lack one basic security feature and costs a lot. gitlab.com/bb1900808/gi...

submitted 8 days ago • 2 comments

Now I remember why I didn’t use GitLab the last time I looked at it. The ultimate plan costs way more than GitHub and it doesn’t have the most basic security feature - an IP AllowList.

submitted 8 days ago • 1 comment

Been looking at GitHub vs GitLab. This solves one of my problems with GitHub. GitLab Flow: instead of merging your feature branches directly into production you first merge into a staging branch where changes can be tested before promoting to production. prismic.io/blog/gitlab-...

submitted 8 days ago • 0 comments

Wow Amazon Chime being deprecated. I know some don’t like it but it worked ok for me. Amazon Chime SDK is still an option.

submitted 9 days ago • 0 comments

Zoom network firewall or proxy server settings ~ Have you ever inspected the traffic during a Zoom call? Which ports are actually required? What are the chances of P2P MITM? Just thinking about that today. Maybe research that later. support.zoom.com/hc/en/articl...

submitted 9 days ago • 0 comments

What I want: run my containers on ec2 as runners. Not AWS Batch (too complicated), lambda (my solution for MFA for batch jobs does not work among other things) or AWS managed containers (cost, etc). My containers on EC2 and lock down network on both sides of the process. #awswishlist #gitlabwishlist

submitted 10 days ago • 0 comments

2FA with SSH for GitLab looks promising. May try it out in a bit.

submitted 10 days ago • 0 comments

I am watching a @GitLab video and it’s looked pretty cool until I got to the IP range settings. “For outgoing connections…Google Cloud us-east1 or us-central1. MacOS runners are hosted on AWS and you must allow [basically all of @awscloud IP ranges and GCP.]” Yeah, no.

submitted 10 days ago • 0 comments

If you copy my content word for word don’t expect me to contact you. First I’ll report it here: Report Content On Google - Legal Help Then, if necessary, I will contact my IP lawyer. support.google.com/legal/troubl...

submitted 10 days ago • 0 comments

Are people still having issues with new AWS signin? I clear cookies and data on exit and wondering why it doesn’t default to new and allow you to revert if having issues. I’m actually having issues with the old sign in page now.

submitted 10 days ago • 0 comments

Wow some of these attacks are just wild. SQL injection at the protocol layer…whew. Surprised that was not number one but number one was wild too and pretty extensive. Very cool. Top 10 web hacking techniques of 2024 | PortSwigger Research portswigger.net/research/top...

submitted 10 days ago • 1 comment

AWS cost and usage widget was using my current region but now I’m getting firewall requests to connect to STS in unauthorized regions again and the dashboard doesn’t work because I block those with my host-based firewall.

submitted 11 days ago • 0 comments

In my Azure class on Day 2 I explain why network security is such a powerful way to prevent and detect attacks. Read those slides. Then read this and figure out all the ways you could spot this attack after the attacker disabled Windows Defender. thedfirreport.com/2025/01/27/c...

submitted 11 days ago • 0 comments

Why I don’t like links for 2FA into cloud environments…in other words, solutions that “rely on a code authentication flow to allow allowing users to sign into an application by typing an authorization code on a separate device like a smartphone or computer.” www.bleepingcomputer.com/news/securit...

submitted 12 days ago • 0 comments

Number 24 One of the best movies I’ve seen in a long time. www.netflix.com/title/81664509

submitted 14 days ago • 0 comments

All 6 days of my Azure class are up. I’ll remove the paywall on the last one in a bit. The general content in these slides is applicable everywhere not just Azure. Azure Security Class: Introduction ~ The ReadMe: Please read this first! medium.com/cloud-securi...

submitted 16 days ago • 0 comments

Ubiquiti UDM — Some videos for your viewing pleasure. Note: I haven’t watched all these yet but I will write more as time allows — these are good and very detailed. Thank you to the person who shared them with me. 😊 medium.com/cloud-securi...

submitted 16 days ago • 0 comments

There are all these fuzzy topics in cybersecurity. And then there’s “check your logs for suspicious and unauthorized activity and ensure your configurations have not been tampered with”.

submitted 16 days ago • 1 comment

Oh great. Google Chrome has a share passwords feature now. Like that’s not going to get attacked and abused.

submitted 16 days ago • 1 comment

Just logged in and checked my Google Worksoace settings. For some reason primary domain did not have Gmail enabled?? Check all your settings everywhere and make sure they are what they are supposed to be. Monitor your configurations.

submitted 17 days ago • 0 comments

Why Do I Have to Reset My Netgear Cable Modem to Connect to Comcast? …Curious… [I was asking myself this a few weeks ago when I wrote this and ironically came up for social media on day Xfinity is upgrading our network. Hope it helps!] medium.com/cloud-securi...

submitted 17 days ago • 0 comments

Today I am told @Xfinity is taking down our network to improve service. I hope that includes improving security.

submitted 17 days ago • 0 comments

Someone changed the default deny all rule in my firewall rule set for the Ubiquiti gateway on pfsense. This all started happening more frequently when I fired up the Ubiquiti behind pfsense. Not saying that is the cause just stating a fact. but I also have actual work to do.

submitted 17 days ago • 1 comment

Logs are so important. Also tracking what settings have changed since the last time you logged in. Investigating another event related to my Ubiquiti-pfsense integration. You likely won’t even see what I’m seeing if you’re not running multiple firewalls from different vendors.

submitted 17 days ago • 0 comments

What Can An Attacker View in TLS Encrypted Traffic? ~~ And what could malware do on a cable modem? medium.com/cloud-securi...

submitted 18 days ago • 0 comments

I get the feeling someone doesn’t like that I’m releasing my class materials. Get them while you can.

submitted 18 days ago • 0 comments

Absolutely wild. The US financial services regulator has had their website suddenly deleted this weekend and according to the NY Times they’ve been told to stop all supervisory activity (ie regulation). It’s supposed to be protected by an act of Congress […] [Original post on cyberplace.social]

submitted 19 days ago • 14 comments

If you follow my blog on Medium you’ve been getting my Azure class slides. Download the pptx files for notes and references. You can also find the slides here as they are released. Please read the post on why I am releasing them and the introduction. Thanks 🩵 www.slideshare.net/TeriRadichel

submitted 18 days ago • 0 comments

Yeah right.

submitted 19 days ago • 0 comments

Turn off UPnP on Netgear Mobile Hotspots and Routers. And everywhere else you don’t need it. medium.com/cloud-securi...

submitted 21 days ago • 0 comments