Olivia
Online
All the Cybers
@CUsserman
Joined January 2021
509 Following
84 Followers
1K Posts
@ZackKorman For what it's worth, if you're going up against the likes ______, ______, and _______ then the name fits. If you can anything close to them at half the price, you may just have a winner. Just don't forget about your own compliance mandates like FedRAMP, GDPR, etc., if apropos.
A marketing director discovered that P1 Critical tickets have a 15-minute response SLA.
He started logging all his routine tickets as P1.
Yesterday he submitted a P1 because his wireless keyboard needed new batteries.
According to our enterprise SLA, P1 incidents require an immediate, continuous all-hands bridge call until resolution.
He submitted the ticket at 11 PM.
I initiated the emergency bridge.
Our automated system dialed his cell phone, his desk phone, and his emergency contact.
It woke up his wife.
He joined the call in a panic, asking what was on fire.
I told him we were assembled to resolve his critical keyboard outage.
I asked him to describe the battery compartment.
He hung up.
Our SLA policy states that if the user disconnects from a P1 bridge, we must call them back immediately.
I called him back.
He asked me to downgrade the ticket.
I told him P1s can only be downgraded after a post-incident root cause analysis.
He buys his own batteries now.
Howdy folks! Taking a break from my twitter break to let yall know that we released a new @GreyNoiseIO product yesterday. It's called Project Swarm. We've been quietly not-so-quietly working on it for a few years. You can buy it now. It costs $1.
There are lots of vulnerabilities on edge-facing apps. To catch in-the-wild exploitation of them, we @ GreyNoise run sensors on the internet. New AI models means more vulnerabilities being identified and exploited, and FASTER. Long term, software and hardware will probably get better, but in the meantime we're gonna have to deal with A LOT of vulnerabilities.
At GreyNoise, the sensors we run are basically honeypots- we bait attackers to scan and exploit them which enables us to learn where the attackers are, which vulnerabilities they are exploiting, what it drops, and what it looks like on the wire. From ~2020-now it took us years to build up our fleet. Now anyone can use our new product to deploy their own sensors on their own networks, or an entire fleet of any size, in a day. You can rip back the data and do whatever you want with it. You can resell it, put it into your product, or just stare at it- whatever you want! On our side, we aggregate the data and pour it into a community dataset that everyone shares. As more people join, the data gets bigger and better.
Couple neat features:
- Sensor deployment is a single bash command on any modern linux distro that supports iptables and wireguard.
- Sensors and vulnerable software (profiles) are abstracted into different logical concepts, which means the "what" and "where" are different things, and the sensor is not constrained by the compute required to run the vulnerable software. Also, no matter how hacked the profile (honeypot) gets, it can't touch your host sensor or the rest of your network.
- Sensors can run fake honeypots, real software, or even real hardware (bridged with a raspberry pi) like old crappy routers and modems (or expensive firewalls and VPN gateways 👀)
- You can create dynamic blocklists that block IPs sourced from your own sensors in real time, so if a remote IP address *looks at your network* the wrong way, you block them instantly.
- All the PCAP data is available to you in a gorgeous and intuitive interface at near real time and fully enriched against all of our (thousands of) rules. We're working on the host metadata (malware, syscalls, host behaviors) as well, but this will come later.
- If we don't tag a CVE that's interesting to you, you can write a Suricata rule to tag it yourself once and your data gets tagged with it in real time forever.
- You can instantly download PCAPs of any exploits that hit your sensors.
- If you don't want your data shared with the community dataset, you can talk to our team and we'll work out rights to make it private.
Check it out! There's a lot of moving pieces to make this work and we expect bugs, but it's available right now. Join the fight!
https://t.co/erAWtX1l7B
@HhmiraM @TansuYegen I saw the '1' and '3', choosing the middle (2), and then the pattern of '9' and then '8' leading me to (7).
Hence 27. Simple manipulation via pattern recognition.
CLAUDE CODE but for HACKING
its called shannon, you point it at website and it just... tries to break in... fully autonomous with no human needed
i pointed it at a test app and it stole the entire user database, created admin accounts, and bypassed login, all by itself, in 90 minutes
https://t.co/vIvA5L97fi
@TheImmortal007 @curiosityonx So, when I look at this with my eyes focused like one of those 3D pics, the opening seconds appears to show large spirals along a 290 to 110 plane. The clusters of stars along those spirals appear to show structured/clustered movement. Am I seeing that correctly?
@AusAmbCyberTech @DICTgovph @DOEgovph It's great to see you and the Commonwealth continuing to partner with the entire region! Two of my favorite destinations: Australia and the Philippines!!!
@vxunderground All I have are these measly digital folders I picked up from the internet that are full of stuff from some knock-off Korean boy band called BTC. Would you take those for trade?
https://t.co/JRVsEuHZyX
@darth_devo @TallDave7 @MarthaHusain You gotta lead it off with an attention-getter that a closing declaration is about to follow:
"Welp... that's not going anywhere. "
Only highly qualified, self-taught craftsman may use such a word as "welp."
Your statement is still quite valid.
@LangmanVince You also forgot to apologize for trying to fix things, or offer suggestions.
@VigilantFox So by funding activities that only happen in the US, they can apply greater security requirements to all GoF activities. People generally assume we only did this research overseas, and that's a naive assumption.
@VigilantFox The US already has GoF frameworks from the CDC, NIH, and the WH that dramatically restrict GoF research and apply stringent oversight. Some might suggest overseas research activities didn't have to comply with these restrictions, which could be what led to the pandemic.
Cozy Bear’s Wine Lure Drops WineLoader Malware on EU Diplomats https://t.co/RLkLfXVSMu
@I_Am_Jakoby Not today, fed! /s
@RobertKennedyJc Agree, but the aviation industry cited a two year run-up to implementation. The global air schedule is choreographed to accommodate DST. I'm all for it, tho.
@TheBlindHacker ... or "just Google it." Nobody says to "Bing" something. I start with a baseline of ChatGPT because that's what people recognize and then build from there.
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers