Olivia
Online
exss
@ex_s_s
HackerOne UK VDP Leaderboard 2024 - #2 | security nerd
Joined October 2021
336 Following
56 Followers
240 Posts
@ZackKorman More work for everyone 😊
🚨 BrEaKiNg: Splunk, a security product, has zero authentication in its built-in database service and accepts any credentials, according to the security researchers who just dropped a full pre-auth RCE chain for Splunk Enterprise (CVE-2026-20253, CVSS 9.8).
Splunk Enterprise on AWS is vulnerable out of the box.
@UK_Daniel_Card Scotland would be so good
@ZackKorman Did give me a free Pistachio hoodie so you’re certified nerd as far as I’m concerned
Who to follow
Connected
@LucyIsZombie
Purple Team in my bones
- More More More
https://t.co/NRtnzHXCs5 https://t.co/1GdeCm5iXx
James Kavanagh
@James_P_Kav
Founder & CTO at Cyber Vigilance Ltd.
andy goldstein
@andygoldstein00
⛅ AWS Certified Engineer, Linux Admin
💻Full Stack Dev
Freelance
https://t.co/BiQfW0VlY0
#100devs alum
opinions are mine
https://t.co/9ikAeD178r
@UK_Daniel_Card Have magnesium! You’ve probs been sweating so need to rebalance electrolytes
@banthisguy9349 I was getting this as well. Constant push notifications from Germany even though I’ve not got passwords enabled… no telemetry for standard users either 😡
@github holy shit, how did the attackers find a large enough uptime window to get in?
@NathanMcNulty the man for the job, looking to see if there’s a way to enumerate and gather ASR rules and Sentinel log sources and data (like a gap analysis) in an automated way, can imagine theirs some scripts but I’m thinking one of these agent things
@NathanMcNulty Submissions is more for community wide threat intelligence implementation for MDE no? It also has some backend intelligence to identify similar campaigns and detect similar TTPs/IoCs etc, not even sure what the review stuff is for, reckon it’s just a gimmick to save themselves
@UK_Daniel_Card I’ve seen some environments that take zero trust so insanely that it start becoming inconvenient and unmanageable
But yes, agree, most “zero trust” is just basic segmentation and proxying, but they get breached from pipeline and supply chain compromises or provider accounts
the official OpenSearch client for Node.js has also been compromised
@wbmmfq I’ve reached out to IT Teams on LinkedIn before and ended up having Zoom calls with CEOs, responsible disclosure is always the way, some companies don’t reply, but that’s also okay. You’re not authorised to be responsible and are not Mr Robot. Don’t publicly expose unless auth
@techspence Or search password in SharePoint - it’s very scary
Mad at your favorite software for requiring you to upload a photo of your ID??
Get revenge by uploading a photo of your credit card instead
Welcome to PCI DSS, bitch
@Telefonia_MX Or you can go to the router IP in the WiFi network settings I.e. 192.168.1.254
@UK_Daniel_Card I do think there’s such a big skill gap and manual work gap in detection and coverage, some SIEMs have basic features that highlight it, but really need something to fully show the full life cycle and the potential risks to missing events, log verbosity and sources. Claude time
@JanPantel I hope you’re ensuring that your security architects be involved in this, don’t let these pressures let your security standards slip, ensure full auditing and I hope this was all logged under ECABs 😳
@UK_Daniel_Card Claude on my Mac don’t even open
@weezerOSINT Just have to highlight this is the built in Defender, most enterprises will have EDRs which will detect and stop this exploit, so if a TA is in your environment and they do happen to find a host with no EDR, I doubt they’ll abuse this vector, nonetheless still a very cool vuln
@UK_Daniel_Card this is absolutely ridiculous…
Last Seen Users on Sotwe
豆ラッコニキ 
Seen from Japan
sagesse
Seen from France
Isloo Guy
Seen from Pakistan
Wife and mom
Seen from Thailand
lexianne
Seen from Turkey
hugecockxxx
Seen from United Kingdom
مقاطع خليجي🇸🇦🔞
Seen from Netherlands
Sange ga si Lu ?
Seen from Indonesia
สวิงเมีย สำเร็จ
Seen from Thailand
Haydar
Seen from United Kingdom
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers