Olivia
Online
timbMSFT
@TimbMsft
Partner Research Director, Microsoft Security Research
Cheltenham, United Kingdom
Joined April 2017
90 Following
1.8K Followers
152 Posts
Trust underpins securing identity - trust in MFA devices, your admins, ... A critical area is your certificate server -- if you can't trust those certs then your entire environment is at risk. Read more at https://t.co/askR6gugvb & use #MDI to protect your ADCS servers
@DrAzureAD @Secureworks Super excited to have you drive #Identity customer protection at truly🔥massive 🔥scale through innovative research applied across #EntraId and the whole #Microsoft365Defender suite!
Big news on the work front! Today is my last day at @Secureworks, and I’d like to thank you for the opportunity to work with such fantastic people to make the world safer!
My journey continues in January with #Microsoft as a Principal Identity Security Researcher. I’ll be working with @TimbMsft's team in the Security Research organization led by @JohnLaTwC. Before that, some time off and quality time with family 😊
Noteworthy to see this cybercrime threat group pivoting across cloud and on-premises environments #ThreatIntelligence #cloudsecurity #Identity
In this episode of THE Microsoft Threat Intelligence podcast, we talk Octo Tempest (0ktapus, scattered spider, unc 3944).
https://t.co/5nKwOIWcks
Who to follow
Ian Hellen
@ianhellen
Principal Dev, Microsoft Threat Intelligence Center
Author/maintainer of #msticpy and #msticnb Python packages for CyberSec.
Dan Michelson
@danm332
Learn, teach, Microsoft Defender ATP, build, ride, no sleep. tweets are my own!
Nicholas DiCola
@MasterSecJedi
VP @ZeroNetworks | Former @Microsoft | Retired @USMC. Author, Gamer, Classic Car Enthusiast and all around Techie / Security Human.
... and a timely reminder that passwordless is now even easier - deploy policies to remove passwords from your users' Windows 11 experience
https://t.co/apUA7pix9X
Credit to Alexander Sverdl from @atlant_security for reminding me of this sketch
https://t.co/TInNbYevOY
A key question in identity-related investigations is WHAT did that user or service principal do? So super happy to see 🔥 Microsoft Graph activity logs now in public preview 🔥 #dfir #EntraID #MicrosoftSentinel
https://t.co/pJvFY9oo0O
Security is a team sport - working together🤝to 🔥expose threat actors🔥and keep people safe online
https://t.co/BonwSaif5Z
Identity surfaces across the kill chain -- eg initial access in phishing; and (to devastating effect) lateral movement using compromised user creds as ransomware actors spread across a victim environment.
Read about MDE user containment & disruption: https://t.co/k0Eg1focVG
Your new favorite podcast is here! The Microsoft Threat Intelligence Podcast has behind-the-scenes tales about uncovering attacks, threat actors, malware, exploits, etc. from researchers & analysts. Hosted by @sherrod_im. First 3 episodes are live! https://t.co/JDOZbokQRg
Read how NetworkProtection and #threatintel combine to proactively block c2 connections #MDE #Ransomware
https://t.co/RhCccDx27Y
🌘Dark mode 🌒 process explorer - just in time for Halloween:)👻
Read how Raspberry Robin malware fits into the wider cybercriminal ecosystem, & how turning on attack surface reduction rules, enabling tamper protection, and a range of #MDE alerts can help defend against these attacks. #Microsoft365Defender
https://t.co/rwrh9dmSOj
Now you can see that the same user being flagged for #AzureAD unfamiliar sign-in had just clicked a suspicious URL (#MDE #EDR) - all from within the #Microsoft365Defender portal :)
https://t.co/y8rTRAqf0b
🧵We are excited to share that @Zeekurity is now a component of @Microsoft @Windows ! An incredible development that truly establishes Zeek as the de facto standard for #networkevidence:
https://t.co/jM8b0AZ8d3
1/4
Microsoft Defender for Identity can monitor ADFS signals -- or put differently the crossover point between on-premises & cloud identity, repeatedly targeted by NOBELIUM to pivot from on-premises to cloud -- read how to use #MDI to detect such threats https://t.co/UJ77r6ygAF
Expose hidden corners of your network through device discovery 🔥now augmented with signal from Microsoft Defender for Identity🔥 https://t.co/Y1BmPuFllp
#MDE #MDI #MicrosoftDefender
Microsoft Detection and Response Team (DART) was engaged to lead the investigation on destructive cyberattacks launched against the Albanian government in mid-July. We assess that the attack was launched by an Iranian state-sponsored actor. Full report: https://t.co/kEVIaVS28J
"The cold, cruel war is raging wildly but I will sow seeds of peace again and again. Garden of hope I foresee and spring is always lovely." -- Bhuwan Thapaliya https://t.co/uKZdT6398G
I love the outdoor photography highlighted on Bing's homepage.
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers