Olivia
Online
Animalware
@ReEnElec
Reverse engineer, hardware developer and Amiga fan boy
Joined August 2015
547 Following
46 Followers
1.6K Posts
@elasticseclabs But your example shows two executables 54 and 57/77 on VT. Doesn't feel to impressive by your agentic SOC to detect this....
I just open-sourced SPARK (Powered by BYO-SECAI) — an analyst-driven platform for turning Research → Intel → Hunt → Detection
Built to treat analyst research as first-class intelligence and carry it all the way into hunts and detections. https://t.co/K7H2Oz9C8y
#ThreatHunting
🔥Introducing a new Red Team tool - SessionHop: https://t.co/oU2R60ayPD
SessionHop utilizes the IHxHelpPaneServer COM object to hijack specified user sessions. This session hijacking technique is an alternative to remote process injection or dumping LSASS. Kudos to @tiraniddo for first discovering this years ago.
Blue Team tip: Look for unusual child processes spawning from HelpPane.exe
@Maks_NAFO_FELLA I'm so tired of the orange man. Probably should start a botnet doing desinformation just like Russia and start fighting fire with fire.
One compromised Microsoft Entra ID or Azure account can lead to a full tenant takeover.
Our new framework ranks roles by risk and adds strong MFA + secure admin workstations to protect the most critical accounts.
Read the whitepaper: https://t.co/9NMapg6mVj
Awesome new threat report from Google Threat Intel Group documenting how threat actors are leveraging Gemini. A lot of information and actionable avalable in the report! Great work 👌
https://t.co/0ktEQbUhmq
@NVIDIAGeForce GeForce Day
@UK_Daniel_Card How do you define edge?
@fr0gger_ A Russian driving license? Why?
@alexalbert__ Opus breaks, output around 80% of an answer. Then it reverts everything and still charge for the non existing answer.
@WarMonitor3 Probably a new scam coin...
We’re seeing a clear trend: attackers are bypassing the endpoint entirely. Not just avoiding traditional EDR-monitored systems by pivoting to embedded and edge devices, but now also operating purely in the cloud. No shell, no malware, no persistence on the endpoint. Just an OAuth token and full access to whatever’s in the victim’s Microsoft 365, Google Workspace, or AWS console.
It’s a complete inversion of how things used to be. The endpoint, once the weakest link, is now usually the most monitored, most policy-enforced part of the infrastructure. You’ve got EDRs, SIEM integration, automation, threat hunting - the full stack. But attackers don’t need to touch it anymore.
Instead, they go after the new soft spots:
- Cloud platforms, where logging is limited, expensive, or off by default
- Network devices and appliances, which are practically blind spots - obscure OSes, no EDRs, hard to monitor, hard to forensicate.
- Embedded systems and IoT junk that no one really knows how to secure, but that sit in critical network paths.
Cloud especially is a mess:
- Logging tiers cost extra and the good stuff is behind paywalls.
- Detection content is lacking, both from vendors and the community.
- You don’t get memory dumps or full control like you do on endpoints.
- You’re at the mercy of the provider when it comes to visibility and response.
And that’s the shift: attackers aren’t hacking computers anymore. They’re hacking trust relationships, identities, and APIs. The whole idea of detection and response needs to evolve with that. Otherwise, we’re securing the hell out of endpoints while attackers happily fish through mailboxes and cloud shares from halfway across the planet.
@VP Not an honor to have you there!
@WhiteHouse Dump, pump and Trump day?
🚨NEW: Elon Musk has called Senator Mark Kelly (D-AZ) a “traitor” after visiting Ukraine this weekend. Kelly is a 25-year U.S. Navy pilot veteran and retired astronaut.
RETWEET if you stand with @CaptMarkKelly against Elon Musk’s unpatriotic attacks!
A specialized build of `curl` that mimics the behavior of browsers like Chrome,Firefox, and Safari to avoid anti-bot measures in web scraping and automated HTTP requests
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
https://t.co/3J1IjEfDmO
@abuse_ch Awesome! Have been looking for this!
onedrive.exe (phoneactivate.exe #lolbin) side-loads tampered sppc.dll which in turn loads onedrive.dll and decrypts it with RC4 systemfunction033 and hardcoded key. The decrypted payload appears to be related to #havoc (h/t @embee_research @elasticseclabs) with the mentioned C2.
Last Seen Users on Sotwe
دادي العرب
Seen from Switzerland
Madison
Seen from Brazil
indo viral full durasi
Seen from Singapore
H Sudan
Seen from United Kingdom
Rob S J Barbour
Seen from Belgium
Jabrix
Jennifer White 
Seen from Qatar
Nihan Köse
Seen from United States
Amar 😋🍑
Seen from Netherlands
Türk Porno Paylaşım
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers