Olivia
Online
GreyNoise
@GreyNoiseIO
GreyNoise analyzes Internet background noise. Use GreyNoise to remove pointless security alerts, find compromised devices, or identify emerging threats.
Lots of different datacenters
Joined September 2017
169 Following
29.3K Followers
1.8K Posts
Pinned Tweet
The internet changes before the advisory drops. New from GreyNoise: activity surges preceded 33 CVEs across 16 vendor families with a median 11-day lead. The pattern holds up to rigorous testing.
https://t.co/YT2YhBU6HT
GreyNoise At The Edge Intel Brief (June 1-8, 2026)
This week attackers went after the front door of remote access — RDP, SSL VPN, router management — not new CVEs.
🔗 https://t.co/FStemPEbAj
.@GreyNoiseIO Swarm sensors can now (optionally) get compromised, without introducing any risk to the rest of your network. We're monitoring dropped/executed files, commands executed, other host/OS level behaviors, all mapped to MITRE ATT&CK techniques. Without any agents. Live in our environment now- rolling out to Swarm customers soon.
Every attack we detect is one we're able to better inform and defend defenders about, and every tool tool, exploit, backdoor we get our grubby little hands on directly correlates to pain, frustration, and cost imposition against attackers.
Shoutout Rob Fontaine and Pablo Bidwell. Insane work. Yall are savages.
NoiseFest is BACK 🎉 We're throwing our 4th annual party during Black Hat / DEF CON 2026 with a 60s and 70s theme 🏵️🎸✌️. Join for cold drinks, new connections, and stories from the front lines of cybersecurity at House of Blues B-Side in Las Vegas.
Excited to have @sublime_sec sponsoring!
🔗RSVP: https://t.co/v4OLaQTxuy
#BlackHat #DEFCON #NoiseFest #GreyNoise #cybersecurity
Who to follow
ATT&CK
@MITREattack
MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt
Microsoft Threat Intelligence
@MsftSecIntel
We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
Unit 42
@Unit42_Intel
The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Less noise. Better signal. Faster response.
New blog breaks down 4 ways GreyNoise helps SOC teams cut through internet background noise and focus on what actually matters: https://t.co/7Cix1yVkHe
The May NoiseLetter is live! Early warning signals, blocklist gaps, and a SonicWall spike that echoes the pattern that preceded a CVE: https://t.co/j2f0MmwTt8
Before Cisco published CVE-2026-20127 (CVSS 10.0, zero-day), GreyNoise sensors observed eight activity surges compressing from 39 days to 2 days. That countdown pattern repeated across 33 CVEs — with a median lead time of 11 days before public disclosure.
Join us on Wednesday for the live "Ten Days Before Zero" findings. https://t.co/hmmpwOsR8L
NEW: GreyNoise At The Edge Intel Brief (May 19–26, 2026)
The week's signal: a long-running MikroTik RouterOS brute-force operation (VPSVAULT, AS215925) reversed a multi-week decline — adding a second node and climbing back to ~1.9M sessions against the management API. Rented infrastructure, inventorying the edge.
Read more: https://t.co/CC2R11X3pO
We're in Toronto for @CrowdStrike #CrowdTour2026 tomorrow, May 28th!
Attending the event or local to the area? We'd love to connect.
Book time with our team: https://t.co/0zmSf4gWAk
Got questions? We've got answers. Tune in tomorrow at 12 ET for GreyNoise University LIVE! 📺 https://t.co/mY83ZKOuI7
We measured 11 major IP blocklists against 119,842 malicious IPs we observed on one day.
The best feed covered less than 5%. Most were under 2%.
Your blocklist isn't broken. It was built for a slower threat landscape. Full breakdown: https://t.co/6jpL5ITj5F
A scanning pattern similar to the one preceding CVE-2026-0400 in February is active again. May 12 saw the largest single-day session volume on this SonicWall tag in 90 days.
🔗https://t.co/vZCEEM4GUh
#GreyNoise #ThreatIntel #SonicWall
Assessing an indicator means juggling multiple tools that don't talk to each other. It’s slow, manual, and causes friction at exactly the wrong moment.
@GreyNoiseIO enrichment is now built into Feedly #ThreatIntelligence's #IOC Insight Cards so you get behavioral signals, classification data, and validated #OSINT from 10,000+ #CTI sources, in one place.
Full breakdown: https://t.co/wP2j1sS9LR
The mission: make sure no attack works twice. 🚀
We're hiring a Detection Engineer and a Federal Customer Success Manager to help us get there. Remote-friendly, high-impact, great benefits.
Sound like you? 👇
https://t.co/ECbGEiIGsC
May the 4th be with you + so be the signal. 🚀
The April Noiseletter is live: Project Swarm is open to the global security community, new research drops, and a packed events calendar. Let's get into it. 👇
https://t.co/qJxy0YNdgE
@ToddAtLarge_ Both the alphabetical ordering + the protocol filtering are fixed. More improvements coming shortly to the profile page as well. Thanks for the suggestion 🦾
Introducing Project Swarm: a research initiative to defend the network edge and we're inviting you to join. Deploy a sensor on your infrastructure, capture real attacker traffic + compare what's hitting you to the GreyNoise global baseline. Join today! 🐝
Today's the perfect day for a matinee double feature:
GreyNoise University LIVE: https://t.co/mY83ZKOuI7
The Invisible Army: What 4 Billion Sessions Reveal About Residential Proxy Abuse Webinar: https://t.co/1YzOYu4lo3
Howdy folks! Taking a break from my twitter break to let yall know that we released a new @GreyNoiseIO product yesterday. It's called Project Swarm. We've been quietly not-so-quietly working on it for a few years. You can buy it now. It costs $1.
There are lots of vulnerabilities on edge-facing apps. To catch in-the-wild exploitation of them, we @ GreyNoise run sensors on the internet. New AI models means more vulnerabilities being identified and exploited, and FASTER. Long term, software and hardware will probably get better, but in the meantime we're gonna have to deal with A LOT of vulnerabilities.
At GreyNoise, the sensors we run are basically honeypots- we bait attackers to scan and exploit them which enables us to learn where the attackers are, which vulnerabilities they are exploiting, what it drops, and what it looks like on the wire. From ~2020-now it took us years to build up our fleet. Now anyone can use our new product to deploy their own sensors on their own networks, or an entire fleet of any size, in a day. You can rip back the data and do whatever you want with it. You can resell it, put it into your product, or just stare at it- whatever you want! On our side, we aggregate the data and pour it into a community dataset that everyone shares. As more people join, the data gets bigger and better.
Couple neat features:
- Sensor deployment is a single bash command on any modern linux distro that supports iptables and wireguard.
- Sensors and vulnerable software (profiles) are abstracted into different logical concepts, which means the "what" and "where" are different things, and the sensor is not constrained by the compute required to run the vulnerable software. Also, no matter how hacked the profile (honeypot) gets, it can't touch your host sensor or the rest of your network.
- Sensors can run fake honeypots, real software, or even real hardware (bridged with a raspberry pi) like old crappy routers and modems (or expensive firewalls and VPN gateways 👀)
- You can create dynamic blocklists that block IPs sourced from your own sensors in real time, so if a remote IP address *looks at your network* the wrong way, you block them instantly.
- All the PCAP data is available to you in a gorgeous and intuitive interface at near real time and fully enriched against all of our (thousands of) rules. We're working on the host metadata (malware, syscalls, host behaviors) as well, but this will come later.
- If we don't tag a CVE that's interesting to you, you can write a Suricata rule to tag it yourself once and your data gets tagged with it in real time forever.
- You can instantly download PCAPs of any exploits that hit your sensors.
- If you don't want your data shared with the community dataset, you can talk to our team and we'll work out rights to make it private.
Check it out! There's a lot of moving pieces to make this work and we expect bugs, but it's available right now. Join the fight!
https://t.co/erAWtX1l7B
@ToddAtLarge_ Such a great suggestion, our team is working on it now and we will let you know when it’s live!
We're so back, after taking last month off, we are refreshed + ready for April's GreyNoise University LIVE!!
📺 Tune in TOMORROW at 12 ET! https://t.co/mY83ZKOuI7
Check out Project Swarm today: https://t.co/z7dTexDgDc
Last Seen Users on Sotwe
Pigstube
Seen from Turkey
tài
Seen from Vietnam
Top Shemales
Seen from Turkey
DUGONG PERKASA
Seen from Indonesia
Shakil Khan
Seen from United States
TÜRK PAYLAŞIM MERKEZİ +18
Seen from Netherlands
✴𝙆𝘼𝙍𝙇𝙊_ 𝙂𝙍𝙀𝙀𝙉✴
Seen from Turkey
arzusedat70
Seen from Turkey
izmit_bull_tek
Seen from Turkey
Gary Thompson
Seen from France
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers