Olivia
Online
HHHHarshil
@hhhharshil
Joined October 2020
282 Following
31 Followers
66 Posts
New blog post with @infosec_au:
We found a vulnerability in Subaru where an attacker, with just a license plate, could retrieve the full location history, unlock, and start vehicles remotely.
The issue was reported and patched.
Full post here: https://t.co/QPzRIqqx9t
@Gonski47 Classic Gonski47 move
New writeup from @_specters_ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate.
Full disclosure:
https://t.co/e2EwvUMgqw
What you think, you become. What you feel, you attract. What you imagine, you create.
@d415k Congrats 🔥
My template for identifying CVE-2023-5830 is now available within @pdnuclei's community template repository (https://t.co/MhXuMO8SlI)! Update your nuclei templates and read more about the vuln via the pinned post on my profile.
This field is too vast to know it all, let alone remember it all the time. So the question becomes what "baseline" knowledge is, and how deep it goes(e.g. Nmap? Probably baseline. Unconstrained delegation? Probably not.)
Portfolios/proven work and practical certs > trivia IMO
Wrote a blog on CVE-2023-5830 which is a critical (CVSS 9.8) security vulnerability in ColumbiaSoft's Document Locator. Shoutout to @micahvandeusen
for the help on this! Link to Nuclei template provided in the blog.
https://t.co/nQRcdj0vz3
@s1zzzz > Discord Mod
CVEs!!! 🤩
CVE-2024-1708 and CVE-2024-1709 assigned for the #ScreenConnect vulnerabilities.
.... and ah, the words 'affected from version 0' are pretty brutal 😅😅
With the release of the PoC's by @watchtowrcyber and @HuntressLabs, I have created a nuclei template to help identify any instances of ScreenConnect that may be vulnerable to the authentication bypass.
thanks @s1zzzz for the idea 🤠
https://t.co/71c24Sp4Ux
#ScreenConnect
A more refined query to find unpatched ScreenConnect instances would look like the following:
Server: ScreenConnect -"ScreenConnect/23.9.8.8811"
Direct link: https://t.co/b5wP8bN1dm
#ScreenConnect
🚨Alert🚨Critical Flaws Found in ConnectWise ScreenConnect Software
⚠ConnectWise has released security updates to address critical RCE vulnerability in its ScreenConnect remote desktop and access software.
📊 17.3K+ Services are found on the https://t.co/ZkWaUVRSkG
🔗Hunter:https://t.co/SZPwUW0K7v
Dorks 👇👇👇
Hunter: https://t.co/yFFcJwegJK="ConnectWise ScreenConnect software"
FOFA: app="ScreenConnect-Remote-Support-Software"
Shodan: http.title:"ConnectWise ScreenConnect"
📰Refer to https://t.co/6ZKXt4sTNy
#ConnectWise #hunterhow #infosec #infosecurity #Infosys #Vulnerability
Entra ID Protection (previously Identity Protection) could have stopped many incidents I’ve worked before they even started. But there are gotchas and misconceptions that can catch you out.
Check out my five of these, and share any others you’ve got! https://t.co/YwWwH3TnCl
Discovered and exploited an arbitrary file delete vulnerability that lead to SYSTEM level privileges.
Thanks to the goat @filip_dragovic.
@bxmbn Great read! Love the use of wayback machine to hunt for endpoints.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers