* non dental post *

Congratulations to the Maryland Terrapins baseball team for winning both the Big Ten regular season and tournament championships!

#bigten #maryland #Terps #collegepark

#stoned #community #growyourown #love #weedgirls #weedmemes #joint #weedsociety #cannabissociety #bud #marihuana #smokeweed #pot #memes #art #stoners #blunt #vape #terps #photography #ganjagirls #hash #instaweed #edibles #smoking #weedculture #music #dab #stonernation #grow

If #Miami beats #Texas, and #UConn doesn't win it all, this could be the second best NCAA tournament ever.

As a graduate of the University of #Maryland , 2002 obviously gets the nod from me. #MarchMadness #NCAA #Terps

Notre Dame is down by 12 and these announcers are STILL talking about how well they are playing together..
Terps get no respect
#ncaaw #Terps #maryland

Fear the turtle!!! 🐢 #Terps #BeTheBest

As of this moment, my #NCAA bracket is perfect. #TERPS!!!

I'm driving my office nuts. Chief counsel went to #WVU law, and everyone but me picked WVU #MBB to beat #MD MBB in the bracket. #Terps #BeTheBest #NCAABasketball #NCAAMarchMadness

#Terps hire #Sumlin as co-OC. #CFB #ncaafb #B1G #BigTen

https://www.cbssports.com/college-football/news/maryland-hires-kevin-sumlin-as-tight-ends-coach-terrapins-land-former-houston-texas-a-m-and-arizona-coach/

#SportsContent
I wasn’t sure about Kevin Willard as head coach at Maryland, but after this start and having watched a few press conferences.
I’d run through a wall for the guy.
#terps

#SportsContent
I wasn’t sure about Kevin Willard as head coach at Maryland, but after this start and having watched a few press conferences.
I’d run through a wall for the guy.
#terps

@jkamdjou I'm also a #Terps and #MoCo alumni (#WalterJohnson #WJ). Also came to say that's an amazing journey from side-project to business!

#introduction Hello friends, I’m Josh Kamdjou

I’m a red teamer turned defender working on a new open approach to email security at @sublime

I got into #infosec when I was an early teen. My high school (Wootton — where my Marylanders at?) was ahead of its time. We got trained up on Cisco routers, networking, and crimping RJ45s. I started playing around with *nix distros on my own time, and one thing led to another and I started popping VMs in my home lab network and dropping sub7.

This eventually led to my discovery of @metasploit. I started popping things left and right, dropping keyloggers, and taking remote screenshots. I couldn’t get enough of it. It’s an understatement to say that if it weren’t for legends like @mubix, @hdm, @carnal0wnage, @egypt and the tools and content they put out there for the community, I probably wouldn’t be where I am today. I’ll forever be grateful, and it’ll take me a lifetime to pay it forward.

I decided to take up Computer Science at the University of Maryland (#terps) and joined UMD’s Cybersecurity Club circa 2010. We did CCDC (I remember going up against @mubix at the time 🙂), won MDC3, and a group of us were asked to pen-test UMD’s network. I popped a Department through phishing (naturally) and exfil’d the crown jewels. I think my favorite part was control over the stadium’s big screen. RIP #MS08067

After college, I started full-time doing offensive cyber related things in and around the DoD until 2019. There are not enough words to describe how formative, impactful, and meaningful these years were for me — working alongside our nation’s most talented, driven, and mission-oriented humans to make the world a safer place.

I continued to do offensive work in the private industry to stay current, and wrote up one of those engagements back in early 2019 on the techniques used to gain access via #phishing: https://blog.sublimesecurity.com/red-team-techniques-gaining-access-on-an-external-engagement-through-spear-phishing

I started working on @sublime as a side project, nights and weekends, to see if I could build a tool that would stop me as an attacker. Over a year later, the product was inserting warning banners into email clients with digestible information so that users could make more informed decisions when viewing a suspicious message. It was working: click rates were way down and I had early happy customers. I was lucky enough to meet @ianthiel, who joined me on the journey as my co-founder, and we continued to build the product and team out together.

We built and released emailrep.io, a free email reputation API, and I gave a talk on it at Shmoocon back in 2020: Voight-Kampff for Email Addresses: Quantifying Email Address Reputation to Identify Spear-Phishing and Fraud

Talk: https://www.youtube.com/watch?v=awVEYrbvYmQ&t=3s
Slides: https://www.slideshare.net/JoshuaKamdjou/voightkampff-for-email-addresses-quantifying-email-address-reputation-to-identify-spearphishing-and-fraud-226745475

We pivoted Sublime in 2021 after realizing that we, like every other email security product, had become the bottleneck for innovation. When red teamers or attackers came up with a way to slip through, defenders couldn’t close that gap themselves even if they wanted to — they had to wait days, sometimes months, for their vendor to close the gap. Rumor has it some are still waiting to this day.

Defenders had tools to close attack surface, collaborate, and hunt in nearly every aspect of security: YARA for binaries, Snort for IDS, Sigma+EQL for logs, but nothing for email.

So that’s what we built. Sublime is free to use via Docker/CF, has an email provider agnostic DSL that lets you collaborate with the community, build custom detection rules, hunt, etc. The team is now 12 strong, and we’ve been quietly refining the product in private beta over the past year with a group of incredible design partners. Stay tuned, because we have some exciting news to share with the world in 2023.

In my free time, I love weight lifting, spending time with family, and venturing out into nature and disconnecting. I recently hiked the Tour du Mont Blanc and witnessed the most beautiful sight I’ve ever seen camped out at the top of the mountains. Growing up, Martial Arts and soccer were a big part of my life. I’m a 3rd dan in Taekwondo, spent some time training and competing in Seoul, and played soccer competitively until college. I haven’t done either in years, but would love to get back into it at some point.

This is probably the most I’ve ever shared about my life online, feels like I should have stopped awhile ago. But here we are. HMU if you ever wanna nerd out about email security, offensive cyber, martial arts, or literally anything else really. Happy to be here with ya’ll.

I’ll leave you with a quote from someone that was close to me that’s guided so much of my life: “Do what you will, make the world a better place.”

Watching #Terps basketball since I can’t get #Ravens or #NOSaints on my TV

Was expecting the lull .. not a great time for it
Still a 10-point lead but not feeling quite as confident

Hey #Terps fans

How are we feeling about Kevin Willard?

#MarylandBasketball

huh, are the Buckeyes gonna blow this game in the 4th quarter?

#NCAAF #OhioState #BigTen #Terps

@groggu would love to see the 🐢 #terps win!!! M-A-R-Y-L-A-N-D, #Maryland , please winnnnn!

@AdamKorengold
That was fun!!
same re:
Undergrad .. we tailgated for D-1 tennis [although my daughter tells me this is embarrassing] but have been a since I have lived here (30+ years) and now I’m a #terps Mom

Nous cherchons des participant-es pour la nouvelle formation pilote en Interprétariat Communautaire (Fribourg, février à mai 2023). La formation est gratuite pour les participant-es car il s'agit de tester un nouveau concept de formation! #Terps

https://www.inter-pret.ch/fr/home-1.html

Just want to highlight this excellent set of videos for community interpreter training. I use many of them in workshops not involving German speakers and the videos are useful even when participants don't understand the languages. #terps #interpreting

http://www.zwischensprachen.de/fachpersonen/lehrfilme

@rossabaker Huge #MLB, #Orioles, #NBA #TrailBlazers, #NCAA #Terps #Beavs, and so many other teams and sports! I'm also missing #SportsBanter. Trying to find that corner of #Mastodon.