Olivia
Online
BlackArrow
@BlackArrowSec
Joined June 2019
14 Following
1.8K Followers
74 Posts
All materials from BlackArrow’s talks are now available in our GitHub repository.
➡️ https://t.co/tf82hls411
Microsoft has addressed a one-click NTLM leak vulnerability affecting Windows Snipping Tool (CVE-2026-33829), discovered by our researcher Marcos Díaz (@Calvaruga).
➡️ Read the write-up: https://t.co/JvMGad5NuI
➡️ Microsoft bulletin: https://t.co/0IbpRxxUY7
On our way to Switzerland 🇨🇭, where tomorrow @ineesdv will present our research at @1ns0mn1h4ck on abusing calendar invite processing in modern email clients.
➡️ Read more: https://t.co/QZshm6dj9t
Phishing now happens in meetings as well? @ineesdv say yes! Understand how attackers exploit collaboration tools with this new #Insomnihack talk.
Buy your ticket now: https://t.co/bbqXz3yzmO
#InsomniHack #Cybersecurity #INSO26
Who to follow
X-C3LL
@TheXC3LL
Just a biologist that loves to break cyber-stuff. Ka0labs / @AdeptsOf0xcc / ID-10-Ts member. 🦉
Kleiton Kurti
@kleiton0x7e
A web security guy, Red Team Enthusiast and wannabe Malware Developer. Opinions and views are my own.
Bad Sector Labs
@badsectorlabs
Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Just over 24 hours until @_kripteria takes the stage at @h_c0n to revisit the design and methodology of attack graphs in Active Directory, showcasing new approaches with Neo4LDAP.
Meetings You Didn’t Plan, But We Did
In this post, @ineesdv breaks down how calendar event processing in Outlook and Gmail can be abused to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction
➡️Read more: https://t.co/7RApljHair
Kudos to our colleague @_Kudaes_ , who yesterday delighted us at @NavajaNegra_AB with his talk 'Activation Context Hijack,' which can be rewatched here: https://t.co/oP6F2U46CJ
This Thursday, our colleague @_Kudaes_ will be at @NavajaNegra_AB presenting Activation Context Hijack: a new code execution technique for Windows environments.
➡️ More info: https://t.co/KLCb6lWNDw
Are you aware that even with App-Bound Encryption, attackers can still attempt to steal browser cookies?
Our #ThreatHunting team explains how the technique works and how to detect it.
➡️ https://t.co/kqLpt1hJDv
AvePoint has fixed a vulnerability in DocAve, Perimeter and Compliance Guardian discovered by our researchers @m1ntko and @Calvaruga.
This vulnerability can be used to achieve Remote Code Execution (RCE) in affected systems.
➡️ Advisory: https://t.co/bD9hLomlG1
Are you aware that WebDAV and search-ms can trick users into executing remote files as if they were local?
Our #ThreatHunting team breaks down how the technique works and how to detect it.
➡️ https://t.co/3pNhCwpgWz
¡No parpadees si no te lo quieres perder! Kurosh Dabbagh nos habla de "Call Stack Spoofing para ocultar la ejecución de implantes desde memoria" #WindowsInternals #Malware #EDR @_Kudaes_
In a few hours, our colleague @_Kudaes_ will talk at @EuskalHack about call stack spoofing to hide the execution of implants from memory. #ESCVII
➡️ Read more: https://t.co/oC13XL8qAF
Are you aware of this technique for achieving fileless persistence?
Find out how it works and how to detect it.
➡️ https://t.co/ku1bzDg8fN
Although it's nothing new, @ineesdv and I are pleased to publish our own ROP-based implementation of the code fluctuation technique. We've tried to keep it simple and functional, avoiding to use common features like Timers, HWBP or APCs. https://t.co/sm2O310XNg
Our colleagues @_Kudaes_ & @ineesdv will be at #HackOn2024 presenting an alternative approach to ROP-based sleep obfuscation technique to evade memory scanners.
➡️ Read more: https://t.co/stknNHL5Zd
Enhanced version of secretsdump from #Impacket to dump credentials without touching disk.
This feature takes advantage of the WriteDACL privileges held by local administrators to provide temporary read permissions on registry hives.
https://t.co/gRtlOdNejE
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers