Olivia
Online
BioTone ZKI
@AutoPilotCyber
Post-PKI Zero Knowledge Infrastructure + LangChain AI to automate cyber security, eliminating 95% of cyber attacks due to human errors, burnout & skills gap.
Joined March 2024
108 Following
20 Followers
194 Posts
Pinned Tweet
Radical Simplicity for Cybersecurity. Apple shows us the way. Microsoft users benefit:
https://t.co/RW5F6SiNMC
#ZKI #PostPKI
#ZeroKnowledge
#ZeroKnowledgeInfrastructure
Let's not make life easy for them 😉
Use post-quantum encryption 🔒
👉 https://t.co/Nq7ePZ2ctb
For anyone worrying about this, I’d like to hear how you were already handling a near identical attack that didn’t require this vuln:
- steal Yubikey
- login
- returns key WITHOUT cloning it, because 1 session is enough for most objectives
Same attack flow.
If that wasn’t already part of your threat model, why is this?
If it was part of your threat model, how do your existing defenses not already handle the vuln? (I can think of a few, but none that apply to most of the people who are concerned)
This should change very little for most people.
In October I will be trying to "sell" the Keccak instruction at RISC-V Summit😁 Those who know the PQC standards know why (it is relatively even more of a bottleneck when you have vector registers, which speed up NTT tremendously, but SHAKE hardly at all.)
Exciting news from the White House! wolfSSL attended the announcement of the new #PostQuantum standards, now officially endorsed by the US Federal Government 🎉
Standardized:
- FIPS-203 ML-KEM
- FIPS-204 ML-DSA
- FIPS-205 SLH-DSA
Learn more:
https://t.co/aZRN4gXvaW
#PQC
It’s here! After 9 years of work, the National Institute of Standards and Technology (NIST) has published its first three standards for post-quantum cryptography.
Meet the standards:
FIPS 203: ML-KEM, intended as the primary standard for general encryption
FIPS 204: ML-DSA, intended as the primary standard for protecting digital signatures
FIPS 205: SLH-DSA, intended as a backup method in case ML-DSA proves vulnerable
“In 2015, NIST initiated the selection and standardization of quantum-resistant algorithms to counter potential threats from quantum computers. After assessing 82 algorithms from 25 countries, the top 15 were identified with global cryptographers' assistance. These were categorized into finalists and alternative algorithms, with draft standards released in 2023. Cybersecurity experts are now encouraged to incorporate these new algorithms into their systems.”
https://t.co/DPPkI8T5HA
NIST publishes standards for next-generation cryptography (cipher, digital signature) understood as resistant to attacks with future quantum computers. Migration will not be a piece of cake, but there’s time. https://t.co/2uebDrTeJT https://t.co/XxWmDhXxM7 https://t.co/XxWmDhXxM7
.@Volexity shares #threatintel on how #StormBamboo compromised an ISP to conduct DNS poisoning attacks on targeted organizations & abuse insecure HTTP software updates, delivering custom malware on both macOS + Windows.
Read the full analysis: https://t.co/iqAH1PgVVz
#dfir
@UK_Daniel_Card @NCSC Thanks for emphasizing PROTECT. It seems as if the marketing budgets for this important part of the NIST CSF are no match for the DETECT parts.
Reminder if you are on a board of an organisation please ensure that you are discussing, planning and preparing on how to both PROTECT and RESPOND to cyber threats:
There's loads of guidance from the @NCSC and cool toolset like Exercise in a Box
https://t.co/qGXtR2gCp7
@MalwareJake @googlechrome We love this concept @AutoPilotCyber so much, we're extending it beyond browsers to your entire network, with post-PKI Zero Knowledge Infrastructure.
More here:
https://t.co/Q49FIFXHPs
Many people know SSH is encrypted, but this doesn’t mean using a password with it is safe.
The encryption only protects a password in transit from an eavesdropper. It does not protect your password if the remote system is compromised. It can be saved off in cleartext.
"To this day," Thompson notes, "we still do not know how the threat actor accessed the signing key."
Re: the stolen signing key, Thompson says, "Microsoft's explanations about why the key was still active in 2023 and why it worked for both consumer and enterprise accounts have not been competent."
What happens when devs forget to modify the secret key...
This is from a recent pentest for a client. This misconfiguration compromised the password reset feature.
#pentesting #appsec #cybersecurity #infosec
Basic Cryptography Cheat Sheet
"ASML reassured officials about its ability to remotely disable the machines when the Dutch government met with the company on the threat, two others said." https://t.co/c65PAVWHqx
The hacker group Cyber Army of Russia has sabotaged multiple US water utilities, and has ties to the GRU’s notorious Sandworm unit.
They also talk a lot. So I asked for an interview and spent two weeks chatting with their spokesperson “Julia.”
https://t.co/6n5g5o68d9
Thx Richard w/ @AirCanada & @caseyjohnellis w/ @Bugcrowd for joining me to share insights on keeping bugs (vulns) off planes. Cooperation + collaboration across teams w/in airlines = results.
@SecureAerospace #RSAC
Last Seen Users on Sotwe
Chapin xxx (18+)
Seen from United States
つき
Seen from Indonesia
sissygasm
Seen from Korea
Asians4bbc
Seen from Indonesia
Remaja nakal
Seen from Turkey
Squirt Girl 🙊
Seen from Turkey
Reine Lola 39 
Seen from Pakistan
shmdtv
Seen from Saudi Arabia
Nilani
Seen from United States
Chikour 🇩🇿
Seen from Algeria
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers