Olivia
Online
Compass Security
@compasssecurity
Penetration Testing, Red Teaming, Incident Response, Bug Bounty, Security Training, Cyber Range
Rapperswil-Jona, Schweiz
Joined October 2009
112 Following
3.5K Followers
1.3K Posts
The monkey is still curious 🐒 Teleboy has topped up its bug bounty program with another CHF 10'000 in rewards. Explore a platform serving 400'000+ users across TV, internet, and telephony. Ready for another hunt? #bugbounty #ethicalhacking #cybersecurity
https://t.co/oXuB0Xld85
SSH everywhere, misconfigurations somewhere. Our new SSH Labs let you get your hands dirty: slides, video, and a Docker-based lab. Created by our Security Analyst @emanuelduss, learn how SSH breaks and how to fix it: https://t.co/2jxuEK8N4i
#SSH #InfoSec #Security
AREA41 testing in full swing - excited for the conferenec 😎
Thank you, @a41con ! Excited to be on board as a Platinum Sponsor. Looking forward to connecting with the community on-site!
✨ We’re excited to welcome @compasssecurity as a Platinum Sponsor for the AREA41 security conference 2026 🛸 👽
Thank you for supporting the infosec community‼️
➡️ Check them out at: https://t.co/jHGJDVrtlu
📅 June 18-19. 2026, Zürich - https://t.co/WTAd8rhP6q
Who to follow
Compass vulnerability research identified code execution paths affecting AI coding assistants including @claudeai , @cursor_ai and @OpenAI #Codex. The findings will be demonstrated live at @thezdi Initiative #Pwn2Own Berlin 2026, May 14 to 16. #AIsecurity #LLM
🦖 Meet RAPTR: our new open source platform for red and purple team collaboration. Plan engagements, document attacks and detections, evaluate results, and generate reports, all API-driven. Beta is live, feedback welcome! #PurpleTeam
https://t.co/GyXw40nN2p
Tabletop exercises show how incident response processes fall apart under pressure, far beyond what any plan suggests. Here we share key lessons from real TTX sessions: failures in communication, decision-making, structure, and human factors.
https://t.co/Kp0ryUL3Dv
The final part of our Entra ID blog series looks at common Conditional Access weaknesses, practical attack scenarios, and how to identify such issues with EntraFalcon.
https://t.co/vx43hX6mDj
Your CI/CD pipeline might be your weakest link. @marcandretanner shows how exposed secrets, misconfigured runners and cross-cloud trust relationships can be abused to pivot from GitLab into AD and Entra ID.
Don't miss it 👉April 14, 1:15 pm at @SpecterOps' #SOCON2026
GitLab is a prime DevOps target for attackers—IP, supply chain risk, & access to connected systems. 🎯
At #SOCON2026, @marcandretanner shows how an OpenGraph GitLab collector uncovers hybrid attack paths across CI/CD, service accounts, AD & Entra ID.
➡️ https://t.co/DnlUAv9tRY
Part 3 of our Entra ID blog series looks at common weak PIM configurations, practical abuse scenarios, and how to identify them with EntraFalcon: https://t.co/pbTwPQnN8Q
🏃♂️Time for a security workout. Sanitas is launching its #bugbounty program and inviting ethical hackers to help keep its digital healthcare services in peak condition.
Hunt vulnerabilities and help protect critical healthcare systems: https://t.co/6qUcSQJd9J
✨ We’re excited to welcome @compasssecurity as a Platinum Sponsor for the AREA41 security conference 2026 🛸 👽
Thank you for supporting the infosec community‼️
➡️ Check them out at: https://t.co/jHGJDVrtlu
📅 June 18-19. 2026, Zürich - https://t.co/WTAd8rhP6q
Unprotected groups in Entra ID can lead to privilege escalation.
Part 2 of our 4-part series shows how weakly protected groups can be abused to bypass controls, gain privileged access, and lead to full compromise—and how to detect this with EntraFalcon: https://t.co/gnAgcDzoEQ
Foreign enterprise apps can expose your Entra ID tenant. Today, we release part 1 of our 4-part weekly series on common Entra ID pitfalls and how to detect them with EntraFalcon. Learn how external apps can lead to data access or worse: https://t.co/kwMWrC4tKA
EntraFalcon update 🚀 The new Security Findings Report turns Entra ID enumeration into actionable findings with 60+ checks and color charts. Read the blog post of Chrigi @ZH938472 and try the tool now on your tenant! https://t.co/07gzDox92b
#EntraID #CloudSecurity #EntraFalcon
WinGet can be more than a package manager. We show how .winget configs + a self-referencing LNK become a viable initial access payload when Microsoft Store is enabled. Includes detection queries & mitigation tips.
https://t.co/1MLtOjzfaU
#RedTeam #Windows #LOLBins #InitialAccess
John Ostrowski (Compass Security) and Manuel Kiesel (Cyllective AG) worked together on CVE-2025-13154, a Lenovo Vantage LPE. Even after Microsoft closed a known primitive, collaboration led to a working PoC.
https://t.co/vunXyr408d
#Windows #CVE #SecurityResearch #PrivEsc
2-for-2! 🏆 Huge shoutout to @yves_bieri and Lukasz for clean exploits on the Alpine iLX-F511 and Grizzl-E Smart 40A systems with the Charging Connector Protocol/Signal Manipulation add-on. Couldn’t be prouder of the team for executing perfectly today. Congrats! #Pwn2Own
Confirmed! Cyrill Bannwart, Emanuele Barbeno, Yves Bieri, Lukasz D., and Urs Mueller of Compass Security (@compasssecurity) exploited one exposed dangerous method/function bug on the Alpine iLX-F511, winning Round 2 for $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto
How do we keep our security analysts up to date?
Our latest blog post looks inside our internal training week, from Kubernetes security to red teaming and our annual Security Boot Camp.
https://t.co/y7NQ7DB8bq
#CyberSecurity #Learning #Pentesting #Kubernetes
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers