Olivia
Online
JUMPSEC LABS
@JumpsecLabs
Here we share great research, tips and tricks by our technical teams at @jumpsec Follow us for regular #cybersecurity content
United Kingdom
Joined November 2014
579 Following
914 Followers
155 Posts
Pinned Tweet
Proud day for @JUMPSEC to have some of our #redteam #research posted on @BleepinComputer! Well done @CorbridgeMax and @tde_sec.
If you've not already then drop a follow as we've got much more in pipeline!
#security #IDOR #Microsoft #bug #bugbounty
Microsoft Teams bug allows malware delivery from external accounts - @billtoulas
https://t.co/nUooj1A4vi
🚨 New on LABS: Malware-as-a-Smart-Contract – Part 1 🚨
Attackers abusing BSC smart contracts & compromised WordPress to serve payloads via ClickFix. Malware in the browser, C2 via blockchain - wild stuff.
Full breakdown by @LiliLin41874723 👇
🔗https://t.co/lWs6E1wsjl
Microsoft is rolling out new email security changes. 📧
Our latest LABS post discusses the implications and offers a free tool to help you assess your setup. 🛠️
Stay ahead of the curve—read more here 👇
🔗 https://t.co/Oi7iWJjdr1
#mailsec #infosec #cybersecurity #email #dnssec
🚨New #LABS #post🚨: Attackers exploiting health-themed lures to harvest data. Join @LiliLin41874723 in her IR hunting suspicious domains down & blocking them in our clients’ estates. Learn more 👇
https://t.co/K8cCQDT5ae #phishing #cybersecurity #infosec #threathunting
Who to follow
Ido Veltzman
@Idov31
I'm a security researcher who uses this platform to share my projects and research. Opinions are my own.
https://t.co/UiWgKq40sV
Bad Sector Labs
@badsectorlabs
Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
S3cur3Th1sSh1t
@ShitSecure
Pentesting, scripting, pwning!
🚀 New tutorial from JUMPSEC! Learn how to set up a forward proxy with HAProxy that routes Tor through a VPN—all in Docker! 🔥🔒 #CyberSecurity #Privacy #Tor #VPN
https://t.co/tJmji8wAwp
New from JUMPSEC LABS! 🚀 Our DART team member @Dark3zt_h0ur breaks down MFA implementation options for organizations looking to protect against initial access threats & network breaches. 🔐Pros, cons & security rankings—check it out! 👇
https://t.co/xEEl6QjpQZ #mfam #DART #Labs
Kicking-off a new year of LABS with BYOTB (Bring Your Own Trusted Binary) by our red teamer Dave - opening BSides London 2024 with this very talk!
Read about using trusted binaries to tunnel through our target networks, circumventing EDR and more!
https://t.co/hxTdnWeuu5
This week is a foray into the world of disaster recovery, and the reasons that often prevent organisations from creating and battle hardening their Business Continuity Plans (BCPs):
https://t.co/nouuZuPzEJ
Learn more about Malicious Template Injection's in this week's blog post from our Detection and Response team!
https://t.co/xO6h4fEGVQ
This week's blog is a practical guide to DLL Hijacking - check it out!
https://t.co/Hy1V2jpJid
Imagine the feeling of a long-forgotten canary token triggering in one of your client's estates, which leads you down a path to catch and remove a sophisticated red team...
No need to imagine, as @umairq_ has written up a blog:
https://t.co/T7Wdxu0aWh
This week's blog post is about some TTPs that are as old as time itself, but continue to land us quick wins on engagements. Check out our modern approach to relaying attacks, and how to abuse them:
https://t.co/GnCEnDtQsH
Blog Post: The process behind investigating a malicious USB stick which landed on a client's desk! This week's post is from our Detection and Response Team (DART).
Check it out!
https://t.co/tw2Somx5E6
Check out this week's labs post on the current state of initial access security controls, and some guidance on how to bypass them!
#initialaccess #bypass #securitycontrols #redteam
https://t.co/Hd4L6YneG8
Would you rather pop an on-premise application, or a cloud-hosted one?
This week @CorbridgeMax has explored the implications of cloud migration on application security.
Check it out!
https://t.co/hzY2CvDjhY
#cloud #migration #redteam #appsec #AWS #Azure
Check out a super streamlined approach to bringing up an entire operational C2 infrastructure in just 5 mins in this week labs post!
https://t.co/dtYd6AnFYh
#C2 #infrastructure
Practical steps and gotcha's for securing mail gateways can be found in this weeks labs post, from a JUMPSEC consultant - Check it out!
https://t.co/k322rmhKox
#SPF #DKIM #DMARC #phishing #protection
Tool Release!
We've been having a lot of fun recently bypassing swathes of security controls using alternative web technologies to smuggle payloads right past mail security products. We've open-sourced the tool that we've been using to leverage WASM:
https://t.co/Mkjn06VVxV
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers