Olivia
Online
Logan
@maclarel_
Scotch enthusiast and mediocre powerlifter. I also break computers sometimes.
Obligatory "tweets don't represent views of my employer, ever" disclaimer.
The Great White North
Joined March 2011
261 Following
223 Followers
3.6K Posts
I opened a role for a manager reporting to me, focused on detection engineering and threat hunting. Before I post the link, here are the inflexible criteria:
- US-based
- detection engineering expertise in data-constrained environments
- leadership of high-performing teams
You can detect Copy Fail exploitation with the following auditd rules:
-a always,exit -F arch=b64 -S bind -F a2=88 -F key=alg_bind
-a always,exit -F arch=b64 -S setsockopt -F a1=279 -F key=alg_setsockopt
The exploit binds to this saddr once for each 4 bytes of the shellcode. So, if you see like 30-40 of these, it's probably a bad guy.
#DetectionEngineering
Found a macOS TOCTOU bug while reviewing Apple EDR integrations at @HuntressLabs.
A non-admin user can delete TCC-protected content by hitting the right timing window. Came up unexpectedly during the review, which made it a fun one.
Using a mocap suit to kick yourself in the balls with a robot is a great metaphor to close out 2025.
We’ve been digging through the #React RCE mess for two days now, trying to get at least some visibility into what’s going on out there. None of this is easy to detect, and most signals vanish in memory before you can even look at them.
My teammate @_swachchhanda_ put together a pair of #Sigma rules that cover the one thing that reliably shows up when someone actually executes code on a Node.js server -> child processes. One rule for Linux, one for Windows. It’s not a silver bullet, just one of the few angles that makes sense right now.
We pushed all our #YARA and #Sigma signatures for the React RCE cases as well, and contributed the Sigma rules upstream:
https://t.co/37MnloL5oV
This whole situation shows how much attack surface lives in places many of us didn’t think about before. I expect we’ll see more of this class of issues now that people realize what’s possible.
Don't miss "Hunters and Gatherers: The Realities of Bug Bounty Life" by Logan MacLaren (@maclarel_), Jeffrey Guerra (@s2jeff_gh), Johnathan Kuskos, Katie Noble, Sam Erb (@erbbysam)! 📅 Saturday, Aug 10 ⏰ 11:30 AM 📍 Creator Stage 4 #BugBounty #DEFCON
Exciting news! The Bug Bounty Village website is live! 🚀🌐 Join us at @defcon for everything bug bounty. Explore our speakers, presentations, sponsors, events, and more. Visit https://t.co/TfCIjoMqGB #BugBountyVillage #DEFCON #CyberSecurity #BugBounty #HackerCommunity
A lot of the AI stuff Google showed was cool. But I find myself unable to care.
- Their products are far harder to use
- They have a “throw it at the wall” feel
- If I like it they’ll probably cancel it
They’ve simply lost my trust.
Is authing the Rabbit R1 against any of your accounts actually secure? I'm not so sure
In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. https://t.co/Flsas2jJtv
Marty Stratton, @idSoftware Studio Director, lied about @DOOM Eternal's OST events in a Reddit post that used disinformation to blame me entirely for its failure
Later, he offered me a six-figure sum to never speak about it
The truth is more important.
https://t.co/zSNo2QG1mI
@krisnova Even my hot garbage code has not managed to cripple GitHub yet. You'll do great :)
Are you attending @ekoparty ? Go stop by the @GitHubSecurity booth and say hello to @s2jeff_gh from our Bounty Team.
Check out the latest researcher interview in GitHub's Bug Bounty Researcher Spotlight series https://t.co/QoMaFQCXVI
Did you know that GitHub doesn’t just encrypt data at rest but also encrypts specific database columns? Read about our column encryption strategy and our decision to adopt the #Rails column encryption standard. https://t.co/pxlTTxvf13
Last Seen Users on Sotwe
khusus indo
Seen from Singapore
slimdady
Seen from Algeria
Sabien DeMonia 🔞 Xbiz MILF POTY 2025 
Seen from Germany
الكتكوت💛🦌
Seen from Egypt
pouya pourrezaei
Seen from Egypt
مكس
Beaumm
Seen from United States
farhan
18 Year Old Beauties ✨
Seen from Turkey
+18 sadece türk paylaşım yeri
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers