Daniel's thoughts on infosec

A Shmoo's Guide to DC

While the hotel bar and the restaurants right around it present an easy opportunity to fill up, I feel like I owe it to provide some recommendations of where I think some of the best places to hang out around the hotel are.

Daniel Wyleczuk-Stern

3-Minute Read


Some of these recommendtions work best for Shmoocon in March vs Shmoocon in the cold of January.

Azure Flow Log Analysis

Azure flow logs don't have the same instance ID that AWS flow logs do. So how do you figure out which VM the logs came from?

Daniel Wyleczuk-Stern

7-Minute Read


Disclaimer I currently work at Snowflake and use the product on a daily basis for log analysis and threat detection. At the time of this writing, that probably adds bias to my article.

Regarding SMS 2FA

Responding to Tavis Ormandy's comments on SMS 2FA

Daniel Wyleczuk-Stern

4-Minute Read

Two Factor Authentication

I think an important question that Tavis either explicitly or accidentally omitted is “for whom”. I am not sure why he did not include this as it’s a critical component to his argument. If Tavis is stating that “SMS 2FA is ineffective for an enterprise”, then I would agree. The threat model that he is operating from is that an organization is being explicitly targeted by a motivated (though not necessarily extremely capable) attacker, who only needs minimal access…

Recent Posts



A random collection of thoughts on cybersecurity.