-
Tweets97
-
Followers378
-
Following809
-
Likes9K
I love these little pr*cks. Support @sickkids today.
Being that we're now 220 days from the U.S. Open, it only seems right we would do this giveaway...twice. And so it stays open another day. Happy reposting.
Being that we're now 220 days from the U.S. Open, it only seems right we would do this giveaway...twice. And so it stays open another day. Happy reposting.
Red teams really nailed the SMS phishing angle it’s been abused for several years prior to recent large breaches by TAs using it mandiant.com/resources/blog…
I'm going to speak in generalizations here... because... well yeah. Casino's consider themselves hospitality services - not security although physical security is a huge component as we know - logical/cyber not at all. Flat networks, lack of patch management, shared passwords,…
Every year as we move away from the events of 9/11, I find the images of the towers falling don’t impact the way they use to. I now try to focus on individual stories from that day to help remind me of the emotions I felt. This year I want to focus on the dogs of 9/11
Greatest tweet of all time.
👀 Wiz Research's deep dive into the recent security incident reveals a twist - the compromised Microsoft key is a skeleton key — opening up not just Outlook and Exchange Online, but a Pandora's box of Azure applications.
Dana White, President of the UFC, has been working day and night to arrange an Elon Musk vs. Mark Zuckerberg fight. He believes the fight could make billions of dollars. He doesn't seem to understand that you can watch nerds fight for free on Infosec Twitter.
NYC looks straight out of an apocalyptic movie right now
Tired by EDRs and AVs continuously flagging your executables? This program terminates protected anti-malware processes by exploiting the GMER driver github.com/ZeroMemoryEx/B…
We took a Cobalt Strike profile, modified it, and bypassed Crowdstrike & Sophos without encrypting the shellcode. Also bypassed all published YARA rules, sleep detections, and string detections around a CS beacon. Blog: whiteknightlabs.com/2023/05/23/unl… #CyberSecurity #redteam #infosec
"I'm the cybersecurity director at NSA and you could absolutely craft a phishing message that would get me to click a link. You’ve got to design your architecture to assume the humans are humans and bad things will happen." @RGB_Lights AMEN
Introducing the Living Off The Land Drivers (LOLDrivers) project, a crucial resource that consolidates vulnerable and malicious drivers in one place to streamline research and analysis. loldrivers.io LOLDrivers enhances awareness of driver-related security risks and…
Today we're excited to announce Counter-Strike 2. Counter-Strike 2 is an overhaul to every system, every piece of content, and every part of the C-S experience. First, let's talk about smoke grenades:
Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard. These techniques also work on victims logged on before the server was compromised. research.ifcr.dk/pass-the-chall…
Here it is! The first ever Comcast bill negotiated 100% with A.I and LLMs. Our @donotpay ChatGPT bot talks to Comcast Chat to save one of our engineers $120 a year on their Internet bill. Will be publicly available soon and work on online forms, chat and email.
Far from perfect, but Copilot is seriously impressive. Building BOFs just got a whole lot easier. #RedTeam #CobaltStrike
RT this and ruin your friends' day
🔑How does a FIDO security key limit the hacks we're seeing in the news now?🔑 Beyond fun to work with @Yubico & partner with @twitter to answer that question + demo how social engineering is used to steal passwords & siphon out MFA codes to gain admin access with @evantobac.
Cobalt Strike 4.7 is now available. This release sees support for SOCKS5, improvements to how BOFs live in memory, improvements to how Beacon sleeps, plus dark mode and a lot more. See the blog post for more information: cobaltstrike.com/blog/cobalt-st…