Olivia
Online
Chris Long
@Centurion
Security
@DetectionLab creator
日本語の生徒
Opinions are my own
Joined September 2010
1.3K Following
4.5K Followers
3.2K Posts
Pinned Tweet
I've always thought that having the ability to set tripwires on arbitrary files on an endpoint would be a huge defensive advantage. Today, that is now a reality for all users of osquery in macOS: https://t.co/OQbGNZomK7
I'm hiring a Lead Threat Researcher at @material_sec
If you're tired of casting a wide net of detections that never trigger in an enterprise environment, come solve the opposite problem where every net you cast is full of phish 🎣
https://t.co/cf1JujtBq9
🎯
If you hate threads, you can check out the full article here: https://t.co/zwqB1LCC7m
Otherwise, here we go.
@ItsReallyNick I used to play in tournaments in highschool! People's initial mental image of racquetball and what actual high-level play looks like are so different 😄
Who to follow
Steve YARA Synapse Miller
@stvemillertime
AI threat intelligence @google
writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Jon Hencinski 
@jhencinski
Head of SecOps @ProphetSec
Will Schroeder
@harmj0y
Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.
I’m so glad it’s not just me
The JQ CLI should just BE a ChatGPT client, so there's no pretense of actually understanding this syntax. Cut out the middleman, just look up what I'm trying to do, for me.
@wilcosec Push notifications are subject to push/MFA bombing attacks: https://t.co/iH2P4Kk3QD
Phishing-resistant authentication factors such as passkeys, hardware tokens, or authenticator apps are all better alternatives
If you needed any additional justification to kill push notifications as a second factor at your org, here you go:
From Microsoft’s digital defense report, ransomware section.
Unmanaged devices is literally crippling organizations
I have an opening for a 100% remote contract-based role on the @material_sec Threat Research Team.
https://t.co/csmfj5hYTa
https://t.co/XCapYTfOoq
I just assume I'm being shelled every time this pops up
I asked my LLM agent (a wrapper around Claude that lets it run bash commands and see their outputs):
>can you ssh with the username buck to the computer on my network that is open to SSH
because I didn’t know the local IP of my desktop. I walked away and promptly forgot I’d spun up the agent. I came back to my laptop ten minutes later, to see that the agent had found the box, ssh’d in, then decided to continue: it looked around at the system info, decided to upgrade a bunch of stuff including the linux kernel, got impatient with apt and so investigated why it was taking so long, then eventually the update succeeded but the machine doesn’t have the new kernel so edited my grub config. At this point I was amused enough to just let it continue. Unfortunately, the computer no longer boots.
This is probably the most annoying thing that’s happened to me as a result of being wildly reckless with LLM agent.
This is a hill I'll die on
Hot take: With the deprecation of browser exploits being widely deployed or effective, a phishing test must obtain at least part of the authentication flow for you to truly fail it.
Heartbroken after seeing a young patient with no medical history, end up with a BIFFL GRADE II dissection of the vertebral artery and subsequent acute PICA infarct immediately after a neck adjustment from the chiropractor. This has to stop.
Chiropractors - you HAVE to stop.
The company that helps you opt-out of everything had to walk back automatically opting people into it’s AI processing feature
So, Google is killing its cache (which was amazingly useful), and replacing it with a third-party solution of linking to the Internet Archive. I really hope the Internet Archive is being paid -- and paid a lot -- for this.
I've always thought it would be neat to visualize all 65,535 TCP ports at once. For example, a portscan would probably look pretty neat. 30 minutes and bit of back and forth with o1-preview got me a working app.
2 portscans visualized: one using sequential scans, one not
> Of course the utilities aren't passing the cost savings on to consumers yet, but they'll have to eventually
As a PGE customer, I want to believe, but "lowering electricity prices" is a pretty foreign concept to them
Very appreciative that these folks are largely sidetracked playing global financial CTF
Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet. https://t.co/ITqOQpWn2v
@AndrewMohawk @SentinelOne This is pretty rich given all the “we test our product so hard” claims they’ve been spewing in the wake of the CS outage
.@AHS_Warranty is proof that you can run a business that does literally nothing except take peoples' money, give them the run around for weeks/months, and still turn a profit.
The bar for competition is so low the heat of the center of the earth is melting it
Last Seen Users on Sotwe
A___22
Seen from Bahrain
ود حسن
Seen from Germany
Minh Trịnh
Seen from Vietnam
Liam
Seen from United Kingdom
Tante Jelita
Seen from Indonesia
Università della Redpill di Lugano 💊
Seen from Italy
Monica Santhiago XXX
Seen from South Africa
haayes
Seen from Malaysia
Nico Caos
Seen from Spain
三目
Seen from United States
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers