Olivia
Online
Raj Samani
@Raj_Samani
Chief Scientist @Rapid7 | @cloudsa | Co-author of @CyberGridBook & CSA Guide to Cloud | Advisor @EC3Europol
Joined January 2010
595 Following
13.8K Followers
10.4K Posts
Pinned Tweet
All good things must come to an end - will now be at https://t.co/D9sCuwWHHB
Our latest @metasploit weekly wrap up details a new module for an unauthenticated remote code execution bug in NetAlertX (CVE-2024-46506 plus more... https://t.co/yAdr37ONSp #infosec #cybersecurity
Our latest @rapid7 analysis details the discovery of a high-severity SQL injection vulnerability, CVE-2025-1094, affecting the PostgreSQL interactive tool psql. More details available in our write-up here: https://t.co/o79UJIkCRM #infosec #cybersecurity H/T @stephenfewer
Today @rapid7 has disclosed CVE-2025-1094, a new PostgreSQL SQLi vuln we discovered while researching CVE-2024-12356 in BeyondTrust Remote Support. Untrusted inputs that have been safely character escaped could still generate SQLi under certain conditions: https://t.co/AsUhOaDgir
Who to follow
ATT&CK
@MITREattack
MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt
Thomas Roccia 🤘 
@fr0gger_
AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
Lenny Zeltser
@lennyzeltser
Builder of security products and programs. Teacher of those who run them.
Our weekly @metasploit wrap-up details a module which exploits CVE-2018-15745, an unauthenticated directory traversal leading to file disclosure in Argus Surveillance DVR 4.0.0.0. https://t.co/bGM1DRhJ5A #infosec #cybersecurity
Our latest @metasploit weekly wrap up details a new exploit module for Craft CMS, when the attacker can use malicious FTP server to gain remote code execution https://t.co/Ts2ThXvvFy #infosec #cybersecurity
Our latest @Rapid7 analysis details the 2024 #ransomware landscape. Included are the 10 most prolific ransomware groups in 2024, ranked by the number of posts on leak sites. https://t.co/W3wWKHHr35 #infosec #cybersecurity H/T @ChristiaanBeek
Our latest @metasploit weekly wrap-up includes a new module for exploiting CVE-2024-51092, an authenticated command injection in LibreNMS. It allows the attacker to run system commands and gain remote code execution (RCE) https://t.co/8v3SWJjMgx #infosec #cybersecurity
Our latest @metasploit weekly wrap-up includes an exploit module for CVE-2024-55956, an unauthenticated file write vulnerability affecting Cleo LexiCom, VLTrader, and Harmony versions 5.8.0.23 and below. https://t.co/3uF4gu3EhW #infosec #cybersecurity
Our latest @metasploit weekly wrap up includes multiple new modules including an exploit module for an unauthenticated arbitrary file read vulnerability, tracked as CVE-2024-45309, which affects OneDev versions <= 11.0.8. https://t.co/1LoeFg7HJN #infosec #cybersecurity
Our latest @rapid7 advisory details CVE-2025-0282: Ivanti Connect Secure zero-day which has been exploited in the wild. More details here: https://t.co/iPzl9523TS #infosec #cybersecurity
Our @metasploit 2024 wrap-up details the most notable improvements and modules including expanded support for Active Directory Certificate Services AD CS attacks. More details here: https://t.co/GQaxb3Wr98 #infosec
My latest article is now published on @SCmagazineUK detailing the challenges in dealing with a #ransomware attack, and technical and ethical challenges this poses: https://t.co/nZefqTFiOW #malware #cybersecurity
I enjoyed taking part in this webinar with @Raj_Samani and Sabeen Malik from @rapid7 to discuss our #cybersecurity predictions for 2025.
What trends you see happening next year in #cybersecurity ?
https://t.co/rxEns7qrqq
Our technical analysis now available @AttackerKb on CVE-2024-53677, a flawed upload logic vuln in Apache Struts 2 which permits an attacker to override internal file upload variables in apps using Apache Struts 2 File Upload Interceptor. https://t.co/ReJPPd3uNV H/T @the_emmons
Now available on @AttackerKb is our @Rapid7 technical analysis of#Cleo CVE-2024-55956 - H/T @stephenfewer this is a new vuln, not a patch bypass of CVE-2024-50623. IoCs included here: https://t.co/Oh9MIin6b9 #infosec
Our latest @metasploit weekly wrap-up details RCEs for Moodle e-Learning platform, Primefaces, WordPress Really Simple SSL and CyberPanel along with two modules to change password through LDAP and SMB. https://t.co/R8K2VZuWIM #infosec
Our latest @rapid7 analysis into a payload from the recent Cleo file transfer vuln reveals an encoded Java Archive payload. Note that this isn’t necessarily the only payload that has or will be deployed https://t.co/z5HfRRQ1b6 H/T @ChristiaanBeek #cybersecurity
Our latest Rapid7 analysis details Widespread exploitation of Cleo file transfer software (CVE-2024-50623) - with links to detection/mitigation guidance included: https://t.co/cIv7axjCNU #infosec #cybersecurity
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.2M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
61.9M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers