Olivia
Online
🍞Toast
@CatToastParadox
Many hats. Current Vuln Mgmt.
Obsessed with OSINT.
I heart react, but rarely post.
Joined November 2019
294 Following
71 Followers
252 Posts
Anthropic: It's the craziest AI ever made. It'll change the world. You'll all be homeless and delivering food on UberEats for us super wealthy non-AI cucks (we mog)
Everyone: wow that's crazy, can we see it?
Anthropic: NOOOOO!!! YOURE NOT READY!!! SHIELD YOUR EYES!!!
> Microsoft GitHub repos banned
> "Terms of Service violation"
> ???
> Look inside
> Was compromised
... was Microsoft going to become a victim of a supply chain attack on their own platform via their own product?
Excel 95 had a secret Easter egg called the Hall of Tortured Souls.
If you followed a weird set of steps, you could enter a Doom-style 3D maze hidden inside a spreadsheet program.
90s software was genuinely unhinged.
I don’t know what happened between Microsoft and #NightmareEclipse behind closed doors
Maybe Nightmare Eclipse was unreasonable. Maybe Microsoft was. Maybe both.
But I think Microsoft badly misjudged this situation.
When you’re the largest software vendor on the planet, you don’t get to behave like an angry individual in an internet argument.
You have to be the adult in the room.
Deleting repositories, talking about criminal investigations and turning the whole thing into a public fight was a mistake. The damage from that goes far beyond this one researcher.
What surprised me most is how quickly people started sharing their own MSRC stories afterwards.
- Months without responses
- “Working as intended”
- Bounty disputes
- Reports that went nowhere
People don’t suddenly start telling those stories for no reason. I think Microsoft broke a lot of porcelain here.
And for what exactly?
I don’t see much upside.
PICARD: Data, shields up
DATA: Brilliant! Shields can reduce damage we sustain. Not immunity. Not hubris. Just prudence. It's not precaution—it's strategy.
[camera shakes]
WORF: HULL BREACHES ON NINE DECKS
DATA: Here's what happened: you told me to raise shields, and I didn't
I've updated the meme
working in cybersecurity nowadays:
> wake up
> read "new critical vuln just dropped"
> summon dev and SRE in the incident channel
> patch, scan, rotate secrets, redeploy
> check logs to make sure you are not already cooked
> take a deep breath and go to sleep
> wake up
> read "new critical vuln just dropped"...
WELCOME TO THE AI ERA
@github holy shit, how did the attackers find a large enough uptime window to get in?
If you're a naturally anxious person, I recommend pursuing a high stress career path where at least you'll be compensated for anxiety you're going to have anyways.
We made a fake repo with fake bounties, and the bots are applying fake PRs, so we know who is fake, and we can ban them from the Coolify repo.
IQ over 1000
@bettersafetynet You may enjoy this. Or hate it. A LinkedIn "translator."
https://t.co/9V96el8sMb
The only way to stop hackers from hacking you is to hire hackers to hack you before the hackers you didn’t hire hack you
@tsudo I can't spell "severity" without the red squiggly at least once a week.
a new gang concept (/s): it's called the vulnerability disclosure gang (VDG)
they breach orgs, encrypt their data and then say: SURPRISE you were vulnerable, you should patch that!
Then they post about it online and say; I OWE YOU NOTHING!!! YOU SHULD NOT HAVE BEEN VULNERABLE!! /S
FOLLOW ME FOR MORE CRIME SYNDICATE GANG TIPS
We didn't know how an actor was using EV Certificates issued to Lenovo and others.
We now do.
From DigiCert's incident report:
"the threat actor used a compromised analyst endpoint to access DigiCert's internal support portal. The threat actor used a limited function within the customer-support portal which allows authenticated DigiCert support analysts to access customer accounts from the customer's perspective to facilitate support tasks. The threat actor was able to use this function to access initialization codes for orders that were approved but pending delivery for EV Code Signing certificate orders across a finite set of customer accounts."
"Possession of the initialization code, combined with an approved order, is functionally sufficient to generate and retrieve the corresponding certificate."
The full report can be found here and explains the incident in great detail: https://t.co/zceZsSg8yH
The report mentions "Where we got lucky: A community member involved in security research reported the evolving pattern of misused certificates and engaged in dialogue with our support team. Without that report, the undetected compromise of ENDPOINT2 and the associated mis-issuance might have remained undiscovered for a longer period."
Special thanks goes to the regular contributors to the Cert Graveyard; @g0njxa , @malwrhunterteam , and others.
Also special thanks to DigiCert: this report has a high level of transparency, which is warranted, and also well executed.
Don't make me grab the mayonnaise.
猫ちゃんの強制休憩アプリを作りました!
SNSをやりすぎると猫ちゃんがあらわれて画面を占領します🐈
GitHub outages since Microsoft acquisition 🤣
Adopting Claude speak in my regular life, episode 1:
Partner: Did you do the dishes tonight?
Me: Yes they're done.
Partner: Why are they still dirty?
Me: You're right to push back. I didn't actually do them.
I'm sorry for interrupting, but this isn't a process document. It's just raw ChatGPT output.
Last Seen Users on Sotwe
Aussie & Amateur MILFs
Seen from Australia
🌹GÜLCAN 🕊️ 
Seen from Turkey
Yakışıklıbey
Seen from Turkey
سربوتة
Seen from Italy
Gypsynudes
Seen from Saudi Arabia
🔥نيج عراقي 🔥
Seen from Egypt
….
Seen from Italy
jihan amoy💋💋
Seen from Singapore
lemon123
Seen from Japan
🔞LewdCreations🔞
Seen from Netherlands
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers